github.com/vmware/govmomi@v0.51.0/vapi/crypto/crypto.go

github.com/vmware/govmomi@v0.51.0/vapi/crypto/crypto.go (about)

     1  // © Broadcom. All Rights Reserved.
     2  // The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.
     3  // SPDX-License-Identifier: Apache-2.0
     4  
     5  package crypto
     6  
     7  import (
     8  	"context"
     9  	"fmt"
    10  	"net/http"
    11  
    12  	"github.com/vmware/govmomi/vapi/crypto/internal"
    13  	"github.com/vmware/govmomi/vapi/rest"
    14  )
    15  
    16  // Manager extends rest.Client, adding crypto related methods.
    17  // Currently providing create, delete and export only.
    18  // See crypto.ManagerKmip for getting provider details.
    19  type Manager struct {
    20  	*rest.Client
    21  }
    22  
    23  // NewManager creates a new Manager instance with the given client.
    24  func NewManager(client *rest.Client) *Manager {
    25  	return &Manager{
    26  		Client: client,
    27  	}
    28  }
    29  
    30  type KmsProviderConstraints struct {
    31  	TpmRequired bool `json:"tpm_required"`
    32  }
    33  
    34  type KmsProviderCreateSpec struct {
    35  	Provider    string                 `json:"provider"`
    36  	Constraints KmsProviderConstraints `json:"constraints"`
    37  }
    38  
    39  type KmsProviderExportSpec struct {
    40  	Provider string `json:"provider"`
    41  	Password string `json:"password,omitempty"`
    42  }
    43  
    44  type KmsProviderDownloadToken struct {
    45  	Token  string `json:"token"`
    46  	Expiry string `json:"expiry"`
    47  }
    48  
    49  type KmsProviderExportLocation struct {
    50  	URL           string                   `json:"url"`
    51  	DownloadToken KmsProviderDownloadToken `json:"download_token"`
    52  }
    53  
    54  type KmsProviderExport struct {
    55  	Type     string                     `json:"type"`
    56  	Location *KmsProviderExportLocation `json:"location,omitempty"`
    57  }
    58  
    59  func (c *Manager) KmsProviderCreate(ctx context.Context, spec KmsProviderCreateSpec) error {
    60  	resource := c.Resource(internal.KmsProvidersPath)
    61  	request := resource.Request(http.MethodPost, spec)
    62  	return c.Do(ctx, request, nil)
    63  }
    64  
    65  func (c *Manager) KmsProviderDelete(ctx context.Context, provider string) error {
    66  	resource := c.Resource(internal.KmsProvidersPath).WithSubpath(provider)
    67  	request := resource.Request(http.MethodDelete)
    68  	return c.Do(ctx, request, nil)
    69  }
    70  
    71  func (c *Manager) KmsProviderExport(ctx context.Context, spec KmsProviderExportSpec) (*KmsProviderExport, error) {
    72  	resource := c.Resource(internal.KmsProvidersPath).WithParam("action", "export")
    73  	request := resource.Request(http.MethodPost, spec)
    74  
    75  	var res KmsProviderExport
    76  	if err := c.Do(ctx, request, &res); err != nil {
    77  		return nil, err
    78  	}
    79  
    80  	return &res, nil
    81  }
    82  
    83  func (c *Manager) KmsProviderExportRequest(ctx context.Context, export *KmsProviderExportLocation) (*http.Request, error) {
    84  	req, err := http.NewRequest(http.MethodGet, export.URL, nil)
    85  	if err != nil {
    86  		return nil, err
    87  	}
    88  
    89  	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", export.DownloadToken.Token))
    90  
    91  	return req, nil
    92  }