Documentation
¶
Index ¶
- func Bech32ToEd25519PubKey(bech32PubKey string) (ed25519.PubKeyEd25519, error)
- func LoggerFromServerFlags(serverFlags *ServerFlags, io commands.IO) (*slog.Logger, logFlusher, error)
- func NewSignerServer(commonFlags *ServerFlags, signer types.Signer, logger *slog.Logger) (*rss.RemoteSignerServer, error)
- func RunSignerServer(ctx context.Context, commonFlags *ServerFlags, signer types.Signer, ...) error
- func SortAndDeduplicate(keys []string) []string
- type AuthFlags
- type AuthKeysFile
- type ServerFlags
- type ServerIdentity
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Bech32ToEd25519PubKey ¶
func Bech32ToEd25519PubKey(bech32PubKey string) (ed25519.PubKeyEd25519, error)
Bech32ToEd25519PubKey converts a bech32 encoded public key to an ed25519 public key.
func LoggerFromServerFlags ¶
func NewSignerServer ¶
func NewSignerServer( commonFlags *ServerFlags, signer types.Signer, logger *slog.Logger, ) (*rss.RemoteSignerServer, error)
NewSignerServer creates a new remote signer server with the given gnokms signer.
func RunSignerServer ¶
func RunSignerServer(ctx context.Context, commonFlags *ServerFlags, signer types.Signer, io commands.IO) error
RunSignerServer initializes and start a remote signer server with the given gnokms signer. It then waits for the server to finish.
func SortAndDeduplicate ¶
SortAndDeduplicate sorts and deduplicates the given string slice.
Types ¶
type AuthKeysFile ¶
type AuthKeysFile struct { ServerIdentity ServerIdentity `json:"server_identity" comment:"the server identity ed25519 keypair"` ClientAuthorizedKeys []string `json:"authorized_keys" comment:"list of client authorized public keys"` // contains filtered or unexported fields }
AuthKeysFile defines the content of the auth keys file.
func GeneratePersistedAuthKeysFile ¶
func GeneratePersistedAuthKeysFile(filePath string) (*AuthKeysFile, error)
GeneratePersistedAuthKeysFile generates a new AuthKeysFile with a random server keypair and empty authorized keys list then persists it to disk.
func LoadAuthKeysFile ¶
func LoadAuthKeysFile(filePath string) (*AuthKeysFile, error)
LoadAuthKeysFile reads an AuthKeysFile from the given file path.
func (*AuthKeysFile) AuthorizedKeys ¶
func (akf *AuthKeysFile) AuthorizedKeys() []ed25519.PubKeyEd25519
AuthorizedKeys decodes the bech32 authorized keys from the AuthKeysFile.
func (*AuthKeysFile) Save ¶
func (akf *AuthKeysFile) Save(filePath string) error
Save persists the AuthKeysFile to its file path.
type ServerFlags ¶
type ServerFlags struct { AuthFlags Listener string KeepAlivePeriod time.Duration ResponseTimeout time.Duration LogLevel string LogFormat string }
func (*ServerFlags) RegisterFlags ¶
func (f *ServerFlags) RegisterFlags(fs *flag.FlagSet)
type ServerIdentity ¶
type ServerIdentity struct { PrivKey ed25519.PrivKeyEd25519 `json:"priv_key" comment:"gnokms server private key used to authenticate with clients"` PubKey string `json:"pub_key" comment:"gnokms server public key that should be authorized by clients"` }
ServerIdentity defines the server identity keypair.