Platform KMS (WIP)

Author: maraino

kms/apiv1/options.go

@@ -18,6 +18,17 @@ type KeyManager interface {
 	Close() error
 }
 
+// KeyDeleter is an optional interface for KMS implementations that support
+// deleting keys.
+//
+// # Experimental
+//
+// Notice: This API is EXPERIMENTAL and may be changed or removed in a later
+// release.
+type KeyDeleter interface {
+	DeleteKey(req *DeleteKeyRequest) error
+}
+
 // SearchableKeyManager is an optional interface for KMS implementations
 // that support searching for keys based on certain attributes.
 //
@@ -54,6 +65,17 @@ type CertificateChainManager interface {
 	StoreCertificateChain(req *StoreCertificateChainRequest) error
 }
 
+// CertificateDeleter is an optional interface for KMS implementations that
+// support deleting certificates.
+//
+// # Experimental
+//
+// Notice: This API is EXPERIMENTAL and may be changed or removed in a later
+// release.
+type CertificateDeleter interface {
+	DeleteCertificate(req *DeleteCertificateRequest) error
+}
+
 // NameValidator is an interface that KeyManager can implement to validate a
 // given name or URI.
 type NameValidator interface {
@@ -151,6 +173,9 @@ const (
 	TPMKMS Type = "tpmkms"
 	// MacKMS is the KMS implementation using macOS Keychain and Secure Enclave.
 	MacKMS Type = "mackms"
+	// PlatformKMS is the KMS implementation that uses TPMKMS on Windows and
+	// Linux and MacKMS on macOS..
+	PlatformKMS Type = "kms"
 )
 
 // TypeOf returns the type of of the given uri.