-
Notifications
You must be signed in to change notification settings - Fork 51
/
secrets.go
50 lines (44 loc) · 1.68 KB
/
secrets.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
package secrets
import "fmt"
// Secrets is an interface implementing secrets
type Secrets interface {
// Type must return the type of the secrets as defined in the PrivateSecretsType
Type() PrivateSecretsType
// EncodingKey returns the key used to encode the tokens.
EncodingKey() interface{}
// PublicKey returns the public ket of the secrets.
PublicKey() interface{}
// TransmittedKey returns the public key as a byte slice and as it is transmitted
// on the wire.
TransmittedKey() []byte
// KeyAndClaims will verify the public key and return any claims that are part of the key.
KeyAndClaims(pkey []byte) (interface{}, []string, error)
// AckSize calculates the size of the ACK packet based on the keys.
AckSize() uint32
// PublicSecrets returns the PEM formated secrets to be transmitted over the RPC interface.
PublicSecrets() PublicSecrets
}
// PublicSecrets is an interface of the data structures of the secrets
// that can be transmitted over the RPC interface to the remotes.
type PublicSecrets interface {
SecretsType() PrivateSecretsType
CertAuthority() []byte
}
// PrivateSecretsType identifies the different secrets that are supported
type PrivateSecretsType int
const (
// PKICompactType is for asymetric signing using compact JWTs on the wire
PKICompactType PrivateSecretsType = iota
// PKINull is for debugging
PKINull
)
// NewSecrets creates a new set of secrets based on the type.
func NewSecrets(s PublicSecrets) (Secrets, error) {
switch s.SecretsType() {
case PKICompactType:
t := s.(*CompactPKIPublicSecrets)
return NewCompactPKIWithTokenCA(t.Key, t.Certificate, t.CA, t.TokenCAs, t.Token, t.Compressed)
default:
return nil, fmt.Errorf("Unsupported type")
}
}