orgkey

package
v0.0.0-...-1e94318 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 10, 2026 License: BSD-3-Clause Imports: 18 Imported by: 0

Documentation

Overview

Package orgkey fetches and validates an organization's single AES-256 encryption key from the customer-hosted HTTPS key service, caches it for the duration of a run, and hands the raw key bytes to the artifactcrypto primitives. The key is read only from the customer's own service and is never placed in a request to the ActiveState Platform.

The custody backend lives caller-side (it makes network calls and reads config).

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrNotConfigured indicates no key-service URL has been configured.
	ErrNotConfigured = errs.New("org key service is not configured")
	// ErrInsecureURL indicates the configured key-service URL is not https.
	ErrInsecureURL = errs.New("org key service URL must use https")
	// ErrUnknownSchema indicates the contract's schema field is not recognized.
	ErrUnknownSchema = errs.New("org key contract has an unrecognized schema")
	// ErrOrgMismatch indicates the contract is for a different organization than the project's.
	ErrOrgMismatch = errs.New("org key does not belong to this project's organization")
	// ErrBadAlgorithm indicates the contract specifies an unsupported algorithm.
	ErrBadAlgorithm = errs.New("org key contract specifies an unsupported algorithm")
	// ErrBadEncoding indicates the contract's key encoding is unsupported or the key is not valid base64.
	ErrBadEncoding = errs.New("org key contract specifies an unsupported or invalid key encoding")
	// ErrBadKeyLength indicates the decoded key is not a 32-byte AES-256 key.
	ErrBadKeyLength = errs.New("org key must be 32 bytes (AES-256)")
	// ErrFingerprintMismatch indicates the decoded key does not match its stated fingerprint.
	ErrFingerprintMismatch = errs.New("org key does not match its stated fingerprint")
)

Functions

func PreflightKey

func PreflightKey(r io.Reader, key []byte) error

PreflightKey confirms that key matches the artifact whose encrypted payload begins at r, checking the payload header's fingerprint before any body is read, so publish can fail before upload and pull can fail before a body transfer. A mismatch returns an error matching artifactcrypto.ErrWrongKey.

func SanitizeChildEnv

func SanitizeChildEnv(cfg stringConfigReader, env map[string]string)

SanitizeChildEnv removes private-ingredient key-service credentials from env so they are never propagated to child process environments.

Types

type Provider

type Provider interface {
	// Configured reports whether a key service has been configured. When it
	// returns false the provider is a no-op and Key returns ErrNotConfigured.
	Configured() bool
	// Key returns the raw 32-byte org key and its id for this run.
	Key(ctx context.Context) (key []byte, keyID string, err error)
	// Close zeroizes any in-memory key material held by the provider.
	Close()
}

Provider supplies the organization's AES-256 key for a run. Implementations fetch and validate the key on first use and return the cached value thereafter; the at-rest backend is swappable behind this interface.

func New

func New(cfg configurable, owner string) Provider

New returns a Provider that reads its key-service configuration from cfg and validates the fetched key against owner (the project's organization).

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL