SPSDK Signature Provider plugin using Keyfactor's API
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
Keyfactor Signature Provider
SPSDK Signature Provider plugin using Keyfactor's API
Features
- Allows SPSDK to use Keyfactor for signing any arbitrary data
- Users might be authenticated using Client Certificates
Installation
- Activate virtual env, where you have SPSDK
- to install spsdk run:
pip install spsdk
- to install spsdk run:
pip install spsdk_keyfactor
Usage
All of plugin configuration can be done via environment variables:
KEYFACTOR_HOST: URL of the Keyfactor host (example: "https://ray-signserver.keyfactoriot.com")KEYFACTOR_HOST_VERIFY: Path to a TLS certificate to verify the HOST (example: "ejbcav8demo.keyfactoriot.com.pem")KEYFACTOR_AUTH_TYPE: Type of authentication in Keyfactorclient_certificate_keyusing client x509 certificate and private keyclient_certificate_pkcs12using client PKCS#12 certificate and password (password might be stored in a file, and then password is a path to a file with the password to PKCS#12 certificate)
KEYFACTOR_AUTH_VALUE: Coma-separated string of values described byKEYFACTOR_AUTH_TYPE(example for PKCS#12: "path_to_pkcs.p12,path_to_pass.txt")KEYFACTOR_WORKER: Name or ID of the Keyfactor Worker to use (example: "PlainSigner")KEYFACTOR_PREHASH: Client-side pre-hashing of data (example: "NONE", "SHA-256")- if this setting is skipped, the plugin will autodetect the value
KEYFACTOR_SIGNATURE_LENGTH: Length in bytes of the raw signature (without potential DER encoding) (example: 256 for RSA, 64 for ECC-256)- if this setting is skipped, the plugin will autodetect the value
Environment variables may be specified in a file.
By default the plugin searches for file named .keyfactor.env in the following locations: CWD, HOME, ~/.config
The path to env file also be set via environment variable KEYFACTOR_DOTENV_PATH
Once the plugin is configured, you may use it everywhere in SPSDK config files where a path to a private key or signature provider is mentioned. The identifier for this plugin is keyfactor.
Example: signProvider: type=keyfactor[;worker=myWorker]
- (setting the worker name/id in SPSDK config file overrides the KEYFACTOR_WORKER setting)
Credits
This package was created with Cookiecutter and the SPSDK Signature Provider project template.
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file spsdk_keyfactor-0.4.0.tar.gz.
File metadata
- Download URL: spsdk_keyfactor-0.4.0.tar.gz
- Upload date:
- Size: 9.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d4e2a24188d65f3a2ab8c0d3b8320da45900ed482e2115e63affdc62784c3dd2
|
|
| MD5 |
ee1edb8d194d5bd1b6a0b03f3d3c549c
|
|
| BLAKE2b-256 |
25098cafdec6c2b9550d9b19d8f356ed8aca8a4a4f6071b5f14a83a86efd5632
|
Provenance
The following attestation bundles were made for spsdk_keyfactor-0.4.0.tar.gz:
Publisher:
deploy.yml on nxp-mcuxpresso/spsdk_plugins
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
spsdk_keyfactor-0.4.0.tar.gz -
Subject digest:
d4e2a24188d65f3a2ab8c0d3b8320da45900ed482e2115e63affdc62784c3dd2 - Sigstore transparency entry: 219156541
- Sigstore integration time:
-
Permalink:
nxp-mcuxpresso/spsdk_plugins@41d64e571a3fa68b1b874f7d1cb5ffc10ea1af87 -
Branch / Tag:
refs/tags/v3.0.0 - Owner: https://github.com/nxp-mcuxpresso
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
deploy.yml@41d64e571a3fa68b1b874f7d1cb5ffc10ea1af87 -
Trigger Event:
push
-
Statement type:
