|
|
|
@ -100,7 +100,7 @@ type GetPublicKeyRequest struct {
|
|
|
|
|
type CreateKeyRequest struct {
|
|
|
|
|
// Name represents the key name or label used to identify a key.
|
|
|
|
|
//
|
|
|
|
|
// Used by: awskms, cloudkms, pkcs11, yubikey.
|
|
|
|
|
// Used by: awskms, cloudkms, azurekms, pkcs11, yubikey.
|
|
|
|
|
Name string
|
|
|
|
|
|
|
|
|
|
// SignatureAlgorithm represents the type of key to create.
|
|
|
|
@ -110,11 +110,13 @@ type CreateKeyRequest struct {
|
|
|
|
|
Bits int
|
|
|
|
|
|
|
|
|
|
// ProtectionLevel specifies how cryptographic operations are performed.
|
|
|
|
|
// Used by: cloudkms
|
|
|
|
|
// Used by: cloudkms, azurekms.
|
|
|
|
|
ProtectionLevel ProtectionLevel
|
|
|
|
|
|
|
|
|
|
// Whether the key may be exported from the HSM under a wrap key.
|
|
|
|
|
// Sets the CKA_EXTRACTABLE bit.
|
|
|
|
|
// Extractable defines if the new key may be exported from the HSM under a
|
|
|
|
|
// wrap key. On pkcs11 sets the CKA_EXTRACTABLE bit.
|
|
|
|
|
//
|
|
|
|
|
// Used by: pkcs11
|
|
|
|
|
Extractable bool
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -157,7 +159,9 @@ type StoreCertificateRequest struct {
|
|
|
|
|
Name string
|
|
|
|
|
Certificate *x509.Certificate
|
|
|
|
|
|
|
|
|
|
// Whether the key may be exported from the HSM under a wrap key.
|
|
|
|
|
// Sets the CKA_EXTRACTABLE bit.
|
|
|
|
|
// Extractable defines if the new certificate may be exported from the HSM
|
|
|
|
|
// under a wrap key. On pkcs11 sets the CKA_EXTRACTABLE bit.
|
|
|
|
|
//
|
|
|
|
|
// Used by: pkcs11
|
|
|
|
|
Extractable bool
|
|
|
|
|
}
|
|
|
|
|