Keyfactor Signature Provider
============================
SPSDK Signature Provider plugin using Keyfactor's API
Features
--------
* Allows SPSDK to use Keyfactor for signing any arbitrary data
* Users might be authenticated using Client Certificates
Installation
------------
* Activate virtual env, where you have SPSDK
- if SPSDK is not installed, the latest one will be installed automatically from [PyPI](https://pypi.org/project/spsdk/)
* `pip install spsdk_keyfactor`
Usage
-----
All of plugin configuration can be done via environment variables:
- `KEYFACTOR_HOST`: URL of the Keyfactor host (example: "https://ray-signserver.keyfactoriot.com")
- `KEYFACTOR_HOST_VERIFY`: Path to a TLS certificate to verify the HOST (example: "ejbcav8demo.keyfactoriot.com.pem")
- `KEYFACTOR_AUTH_TYPE`: Type of authentication in Keyfactor
- `client_certificate_key` using client x509 certificate and private key
- `client_certificate_pkcs12` using client PKCS#12 certificate and password (password might be stored in a file, and then password is a path to a file with the password to PKCS#12 certificate)
- `KEYFACTOR_AUTH_VALUE`: Coma-separated string of values described by `KEYFACTOR_AUTH_TYPE` (example for PKCS#12: "path_to_pkcs.p12,path_to_pass.txt")
- `KEYFACTOR_WORKER`: Name or ID of the Keyfactor Worker to use (example: "PlainSigner")
- `KEYFACTOR_PREHASH`: Client-side pre-hashing of data (example: "NONE", "SHA-256")
- if this setting is skipped, the plugin will autodetect the value
- `KEYFACTOR_SIGNATURE_LENGTH`: Length in bytes of the raw signature (without potential DER encoding) (example: 256 for RSA, 64 for ECC-256)
- if this setting is skipped, the plugin will autodetect the value
Environment variables may be specified in a file.
By default the plugin searches for file named `.keyfactor.env` in the following locations: `CWD`, `HOME`, `~/.config`
The path to env file also be set via environment variable `KEYFACTOR_DOTENV_PATH`
Once the plugin is configured, you may use it everywhere in SPSDK config files where a path to a private key or signature provider is mentioned. The identifier for this plugin is `keyfactor`.
Example: `signProvider: type=keyfactor[;worker=myWorker]`
- (setting the worker name/id in SPSDK config file overrides the KEYFACTOR_WORKER setting)
Credits
-------
This package was created with [Cookiecutter](https://github.com/audreyr/cookiecutter) and the [SPSDK Signature Provider project template](https://github.com/nxp-mcuxpresso/spsdk/blob/master/examples/plugins/templates/cookiecutter-spsdk-sp-plugin.zip).
Raw data
{
"_id": null,
"home_page": null,
"name": "spsdk-keyfactor",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": "NXP <michal.starecek@nxp.com>",
"keywords": "NXP, SPSDK, Keyfactor, Signature Provider",
"author": "NXP",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/35/28/9cc5341fdee73604314d9d1391af8d2124d85e6beeab859d392e8fbb6d4b/spsdk_keyfactor-0.1.0.tar.gz",
"platform": null,
"description": "\r\nKeyfactor Signature Provider\r\n============================\r\n\r\nSPSDK Signature Provider plugin using Keyfactor's API\r\n\r\n\r\nFeatures\r\n--------\r\n\r\n* Allows SPSDK to use Keyfactor for signing any arbitrary data\r\n* Users might be authenticated using Client Certificates\r\n\r\n\r\nInstallation\r\n------------\r\n\r\n* Activate virtual env, where you have SPSDK\r\n - if SPSDK is not installed, the latest one will be installed automatically from [PyPI](https://pypi.org/project/spsdk/)\r\n* `pip install spsdk_keyfactor`\r\n\r\n\r\nUsage\r\n-----\r\n\r\nAll of plugin configuration can be done via environment variables:\r\n\r\n- `KEYFACTOR_HOST`: URL of the Keyfactor host (example: \"https://ray-signserver.keyfactoriot.com\")\r\n- `KEYFACTOR_HOST_VERIFY`: Path to a TLS certificate to verify the HOST (example: \"ejbcav8demo.keyfactoriot.com.pem\")\r\n- `KEYFACTOR_AUTH_TYPE`: Type of authentication in Keyfactor\r\n - `client_certificate_key` using client x509 certificate and private key\r\n - `client_certificate_pkcs12` using client PKCS#12 certificate and password (password might be stored in a file, and then password is a path to a file with the password to PKCS#12 certificate)\r\n- `KEYFACTOR_AUTH_VALUE`: Coma-separated string of values described by `KEYFACTOR_AUTH_TYPE` (example for PKCS#12: \"path_to_pkcs.p12,path_to_pass.txt\")\r\n- `KEYFACTOR_WORKER`: Name or ID of the Keyfactor Worker to use (example: \"PlainSigner\")\r\n- `KEYFACTOR_PREHASH`: Client-side pre-hashing of data (example: \"NONE\", \"SHA-256\")\r\n - if this setting is skipped, the plugin will autodetect the value\r\n- `KEYFACTOR_SIGNATURE_LENGTH`: Length in bytes of the raw signature (without potential DER encoding) (example: 256 for RSA, 64 for ECC-256)\r\n - if this setting is skipped, the plugin will autodetect the value\r\n\r\nEnvironment variables may be specified in a file.\r\nBy default the plugin searches for file named `.keyfactor.env` in the following locations: `CWD`, `HOME`, `~/.config` \r\nThe path to env file also be set via environment variable `KEYFACTOR_DOTENV_PATH`\r\n\r\n\r\nOnce the plugin is configured, you may use it everywhere in SPSDK config files where a path to a private key or signature provider is mentioned. The identifier for this plugin is `keyfactor`. \r\n\r\n\r\nExample: `signProvider: type=keyfactor[;worker=myWorker]` \r\n- (setting the worker name/id in SPSDK config file overrides the KEYFACTOR_WORKER setting)\r\n\r\nCredits\r\n-------\r\n\r\nThis package was created with [Cookiecutter](https://github.com/audreyr/cookiecutter) and the [SPSDK Signature Provider project template](https://github.com/nxp-mcuxpresso/spsdk/blob/master/examples/plugins/templates/cookiecutter-spsdk-sp-plugin.zip).\r\n",
"bugtrack_url": null,
"license": "BSD-3-Clause",
"summary": "SPSDK Signature Provider plugin using Keyfactor's API",
"version": "0.1.0",
"project_urls": {
"Homepage": "https://github.com/nxp-mcuxpresso/spsdk_plugins/tree/master/keyfactor",
"Issues": "https://github.com/nxp-mcuxpresso/spsdk_plugins/issues"
},
"split_keywords": [
"nxp",
" spsdk",
" keyfactor",
" signature provider"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "367a4392aff1aa638aee862f73d46254e11374eea744d4657da63e2fd58a4845",
"md5": "321fcf73847808991d5d6c315f61575e",
"sha256": "8cc58f048fca806ca47c72f39e902500bc21c5fe878bfd77a992e658c95450d9"
},
"downloads": -1,
"filename": "spsdk_keyfactor-0.1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "321fcf73847808991d5d6c315f61575e",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 7072,
"upload_time": "2024-11-15T11:31:19",
"upload_time_iso_8601": "2024-11-15T11:31:19.184215Z",
"url": "https://files.pythonhosted.org/packages/36/7a/4392aff1aa638aee862f73d46254e11374eea744d4657da63e2fd58a4845/spsdk_keyfactor-0.1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "35289cc5341fdee73604314d9d1391af8d2124d85e6beeab859d392e8fbb6d4b",
"md5": "7f0f7ad694a2b4d5b4dad85d061519d5",
"sha256": "95df34093d937c7ec72649a0e77314833fd0401484d1ffa5b67cc2427c7fb007"
},
"downloads": -1,
"filename": "spsdk_keyfactor-0.1.0.tar.gz",
"has_sig": false,
"md5_digest": "7f0f7ad694a2b4d5b4dad85d061519d5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 7661,
"upload_time": "2024-11-15T11:31:20",
"upload_time_iso_8601": "2024-11-15T11:31:20.453562Z",
"url": "https://files.pythonhosted.org/packages/35/28/9cc5341fdee73604314d9d1391af8d2124d85e6beeab859d392e8fbb6d4b/spsdk_keyfactor-0.1.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-15 11:31:20",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "nxp-mcuxpresso",
"github_project": "spsdk_plugins",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "spsdk-keyfactor"
}
JSON
