Keyfactor Signature Provider
============================
SPSDK Signature Provider plugin using Keyfactor's API
Features
--------
* Allows SPSDK to use Keyfactor for signing any arbitrary data
* Users might be authenticated using Client Certificates
Installation
------------
* Activate virtual env, where you have SPSDK
- to install spsdk run: `pip install spsdk`
* `pip install spsdk_keyfactor`
Usage
-----
All of plugin configuration can be done via environment variables:
- `KEYFACTOR_HOST`: URL of the Keyfactor host (example: "https://ray-signserver.keyfactoriot.com")
- `KEYFACTOR_HOST_VERIFY`: Path to a TLS certificate to verify the HOST (example: "ejbcav8demo.keyfactoriot.com.pem")
- `KEYFACTOR_AUTH_TYPE`: Type of authentication in Keyfactor
- `client_certificate_key` using client x509 certificate and private key
- `client_certificate_pkcs12` using client PKCS#12 certificate and password (password might be stored in a file, and then password is a path to a file with the password to PKCS#12 certificate)
- `KEYFACTOR_AUTH_VALUE`: Coma-separated string of values described by `KEYFACTOR_AUTH_TYPE` (example for PKCS#12: "path_to_pkcs.p12,path_to_pass.txt")
- `KEYFACTOR_WORKER`: Name or ID of the Keyfactor Worker to use (example: "PlainSigner")
- `KEYFACTOR_PREHASH`: Client-side pre-hashing of data (example: "NONE", "SHA-256")
- if this setting is skipped, the plugin will autodetect the value
- `KEYFACTOR_SIGNATURE_LENGTH`: Length in bytes of the raw signature (without potential DER encoding) (example: 256 for RSA, 64 for ECC-256)
- if this setting is skipped, the plugin will autodetect the value
Environment variables may be specified in a file.
By default the plugin searches for file named `.keyfactor.env` in the following locations: `CWD`, `HOME`, `~/.config`
The path to env file also be set via environment variable `KEYFACTOR_DOTENV_PATH`
Once the plugin is configured, you may use it everywhere in SPSDK config files where a path to a private key or signature provider is mentioned. The identifier for this plugin is `keyfactor`.
Example: `signProvider: type=keyfactor[;worker=myWorker]`
- (setting the worker name/id in SPSDK config file overrides the KEYFACTOR_WORKER setting)
Credits
-------
This package was created with [Cookiecutter](https://github.com/audreyr/cookiecutter) and the [SPSDK Signature Provider project template](https://github.com/nxp-mcuxpresso/spsdk/blob/master/examples/plugins/templates/cookiecutter-spsdk-sp-plugin.zip).
Raw data
{
"_id": null,
"home_page": null,
"name": "spsdk-keyfactor",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": "NXP <michal.starecek@nxp.com>",
"keywords": "NXP, SPSDK, Keyfactor, Signature Provider",
"author": "NXP",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/bc/6e/81fb6c1ad063388ebc6b4b43b24b260c7756826d4e11ab88a099a8911df6/spsdk_keyfactor-0.3.1.tar.gz",
"platform": null,
"description": "\nKeyfactor Signature Provider\n============================\n\nSPSDK Signature Provider plugin using Keyfactor's API\n\n\nFeatures\n--------\n\n* Allows SPSDK to use Keyfactor for signing any arbitrary data\n* Users might be authenticated using Client Certificates\n\n\nInstallation\n------------\n\n* Activate virtual env, where you have SPSDK\n - to install spsdk run: `pip install spsdk`\n* `pip install spsdk_keyfactor`\n\n\nUsage\n-----\n\nAll of plugin configuration can be done via environment variables:\n\n- `KEYFACTOR_HOST`: URL of the Keyfactor host (example: \"https://ray-signserver.keyfactoriot.com\")\n- `KEYFACTOR_HOST_VERIFY`: Path to a TLS certificate to verify the HOST (example: \"ejbcav8demo.keyfactoriot.com.pem\")\n- `KEYFACTOR_AUTH_TYPE`: Type of authentication in Keyfactor\n - `client_certificate_key` using client x509 certificate and private key\n - `client_certificate_pkcs12` using client PKCS#12 certificate and password (password might be stored in a file, and then password is a path to a file with the password to PKCS#12 certificate)\n- `KEYFACTOR_AUTH_VALUE`: Coma-separated string of values described by `KEYFACTOR_AUTH_TYPE` (example for PKCS#12: \"path_to_pkcs.p12,path_to_pass.txt\")\n- `KEYFACTOR_WORKER`: Name or ID of the Keyfactor Worker to use (example: \"PlainSigner\")\n- `KEYFACTOR_PREHASH`: Client-side pre-hashing of data (example: \"NONE\", \"SHA-256\")\n - if this setting is skipped, the plugin will autodetect the value\n- `KEYFACTOR_SIGNATURE_LENGTH`: Length in bytes of the raw signature (without potential DER encoding) (example: 256 for RSA, 64 for ECC-256)\n - if this setting is skipped, the plugin will autodetect the value\n\nEnvironment variables may be specified in a file.\nBy default the plugin searches for file named `.keyfactor.env` in the following locations: `CWD`, `HOME`, `~/.config` \nThe path to env file also be set via environment variable `KEYFACTOR_DOTENV_PATH`\n\n\nOnce the plugin is configured, you may use it everywhere in SPSDK config files where a path to a private key or signature provider is mentioned. The identifier for this plugin is `keyfactor`. \n\n\nExample: `signProvider: type=keyfactor[;worker=myWorker]` \n- (setting the worker name/id in SPSDK config file overrides the KEYFACTOR_WORKER setting)\n\nCredits\n-------\n\nThis package was created with [Cookiecutter](https://github.com/audreyr/cookiecutter) and the [SPSDK Signature Provider project template](https://github.com/nxp-mcuxpresso/spsdk/blob/master/examples/plugins/templates/cookiecutter-spsdk-sp-plugin.zip).\n",
"bugtrack_url": null,
"license": "BSD-3-Clause",
"summary": "SPSDK Signature Provider plugin using Keyfactor's API",
"version": "0.3.1",
"project_urls": {
"Homepage": "https://github.com/nxp-mcuxpresso/spsdk_plugins/tree/master/keyfactor",
"Issues": "https://github.com/nxp-mcuxpresso/spsdk_plugins/issues"
},
"split_keywords": [
"nxp",
" spsdk",
" keyfactor",
" signature provider"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "bc6e81fb6c1ad063388ebc6b4b43b24b260c7756826d4e11ab88a099a8911df6",
"md5": "d351edf60821ad1f32b4ab1151284805",
"sha256": "f613655afba123da211110d9182ad6b23f8a031dadef90b8a29f19a9e45aa501"
},
"downloads": -1,
"filename": "spsdk_keyfactor-0.3.1.tar.gz",
"has_sig": false,
"md5_digest": "d351edf60821ad1f32b4ab1151284805",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 9092,
"upload_time": "2025-02-11T18:41:55",
"upload_time_iso_8601": "2025-02-11T18:41:55.643894Z",
"url": "https://files.pythonhosted.org/packages/bc/6e/81fb6c1ad063388ebc6b4b43b24b260c7756826d4e11ab88a099a8911df6/spsdk_keyfactor-0.3.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-02-11 18:41:55",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "nxp-mcuxpresso",
"github_project": "spsdk_plugins",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "spsdk-keyfactor"
}
JSON
