Add GoDocs for public API

strideynet · strideynet · commit 33be15f287bc · 2024-10-18T12:46:01.000+01:00
Signed-off-by: Noah Stride &lt;noah.stride@goteleport.com&gt;
diff --git a/signer.go b/signer.go
@@ -20,10 +20,15 @@ type X509SVIDSigner struct {
 	SVID *x509svid.SVID
 }
 
+// Public returns the public key of the keypair associated with the signer's
+// X509 SVID. Implements the crypto.Signer interface.
 func (s *X509SVIDSigner) Public() crypto.PublicKey {
 	return s.SVID.PrivateKey.Public()
 }
 
+// Sign creates a signature of the given input using the keypair associated with
+// the signer's X509 SVID.
+// Implements the aws_signing_helper.Signer and crypto.Signer interfaces.
 func (s *X509SVIDSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) {
 	// Note(strideynet):
 	// As of the time of writing, it looks like the AWS signing helper will
@@ -94,17 +99,26 @@ func (s *X509SVIDSigner) SignatureAlgorithm() (string, error) {
 	}
 }
 
+// Certificate returns the leaf certificate e.g the one identifying the
+// workload.
+// Implements the aws_signing_helper.Signer interface.
 func (s *X509SVIDSigner) Certificate() (*x509.Certificate, error) {
 	return s.SVID.Certificates[0], nil
 }
 
+// CertificateChain returns any certificates needed to chain the leaf to
+// the trust anchor.
+// Implements the aws_signing_helper.Signer interface.
 func (s *X509SVIDSigner) CertificateChain() ([]*x509.Certificate, error) {
 	if len(s.SVID.Certificates) < 1 {
 		return s.SVID.Certificates[1:], nil
 	}
 	return nil, nil
 }
 
+// Close should be called when the signer is no longer needed. It is a no-op
+// for this implementation.
+// Implements the aws_signing_helper.Signer interface.
 func (s *X509SVIDSigner) Close() {
 	// Nothing to do here...
 }

Original file line number	Diff line number	Diff line change
`@@ -20,10 +20,15 @@ type X509SVIDSigner struct {`
`20`	`20`	`SVID *x509svid.SVID`
`21`	`21`	`}`
`22`	`22`
	`23`	`+// Public returns the public key of the keypair associated with the signer's`
	`24`	`+// X509 SVID. Implements the crypto.Signer interface.`
`23`	`25`	`func (s *X509SVIDSigner) Public() crypto.PublicKey {`
`24`	`26`	`return s.SVID.PrivateKey.Public()`
`25`	`27`	`}`
`26`	`28`
	`29`	`+// Sign creates a signature of the given input using the keypair associated with`
	`30`	`+// the signer's X509 SVID.`
	`31`	`+// Implements the aws_signing_helper.Signer and crypto.Signer interfaces.`
`27`	`32`	`func (s *X509SVIDSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) {`
`28`	`33`	`// Note(strideynet):`
`29`	`34`	`// As of the time of writing, it looks like the AWS signing helper will`
`@@ -94,17 +99,26 @@ func (s *X509SVIDSigner) SignatureAlgorithm() (string, error) {`
`94`	`99`	`}`
`95`	`100`	`}`
`96`	`101`
	`102`	`+// Certificate returns the leaf certificate e.g the one identifying the`
	`103`	`+// workload.`
	`104`	`+// Implements the aws_signing_helper.Signer interface.`
`97`	`105`	`func (s X509SVIDSigner) Certificate() (x509.Certificate, error) {`
`98`	`106`	`return s.SVID.Certificates[0], nil`
`99`	`107`	`}`
`100`	`108`
	`109`	`+// CertificateChain returns any certificates needed to chain the leaf to`
	`110`	`+// the trust anchor.`
	`111`	`+// Implements the aws_signing_helper.Signer interface.`
`101`	`112`	`func (s X509SVIDSigner) CertificateChain() ([]x509.Certificate, error) {`
`102`	`113`	`if len(s.SVID.Certificates) < 1 {`
`103`	`114`	`return s.SVID.Certificates[1:], nil`
`104`	`115`	`}`
`105`	`116`	`return nil, nil`
`106`	`117`	`}`
`107`	`118`
	`119`	`+// Close should be called when the signer is no longer needed. It is a no-op`
	`120`	`+// for this implementation.`
	`121`	`+// Implements the aws_signing_helper.Signer interface.`
`108`	`122`	`func (s *X509SVIDSigner) Close() {`
`109`	`123`	`// Nothing to do here...`
`110`	`124`	`}`