Documentation
¶
Index ¶
- Variables
- type KeyProvider
- type KmsKeyProvider
- func (kmsKP *KmsKeyProvider[KT]) DecryptDataKey(ctx context.Context, encryptedDataKey keys.EncryptedDataKeyI, ...) (keys.DataKeyI, error)
- func (kmsKP *KmsKeyProvider[KT]) DecryptDataKeyFromList(ctx context.Context, encryptedDataKeys []keys.EncryptedDataKeyI, ...) (keys.DataKeyI, error)
- func (kmsKP *KmsKeyProvider[KT]) MasterKeyForDecrypt(ctx context.Context, metadata keys.KeyMeta) (keys.MasterKeyBase, error)
- func (kmsKP *KmsKeyProvider[KT]) MasterKeysForEncryption(_ context.Context, _ suite.EncryptionContext, _ []byte, _ int) (keys.MasterKeyBase, []keys.MasterKeyBase, error)
- func (kmsKP *KmsKeyProvider[KT]) Provider() *KeyProvider
- func (kmsKP *KmsKeyProvider[KT]) ValidateProviderID(otherID string) error
- type KmsKeyProviderI
- type KmsOptionFunc
- type KmsProviderOptions
- type MasterKeyProvider
- type ProviderBase
- type ProviderType
- type RawKeyProvider
- func (rawKP *RawKeyProvider[KT]) DecryptDataKey(ctx context.Context, encryptedDataKey keys.EncryptedDataKeyI, ...) (keys.DataKeyI, error)
- func (rawKP *RawKeyProvider[KT]) DecryptDataKeyFromList(ctx context.Context, encryptedDataKeys []keys.EncryptedDataKeyI, ...) (keys.DataKeyI, error)
- func (rawKP *RawKeyProvider[KT]) MasterKeyForDecrypt(ctx context.Context, metadata keys.KeyMeta) (keys.MasterKeyBase, error)
- func (rawKP *RawKeyProvider[KT]) MasterKeysForEncryption(_ context.Context, _ suite.EncryptionContext, _ []byte, _ int) (keys.MasterKeyBase, []keys.MasterKeyBase, error)
- func (rawKP *RawKeyProvider[KT]) Provider() *KeyProvider
- func (rawKP *RawKeyProvider[KT]) ValidateProviderID(otherID string) error
- type RawKeyProviderI
- type RawOptionFunc
- type RawProviderOptions
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrMasterKeyProvider = errors.New("MKP error") ErrMasterKeyProviderDecrypt = errors.New("MKP decrypt error") ErrMasterKeyProviderDecryptForbidden = errors.New("MKP decrypt forbidden error") ErrMasterKeyProviderEncrypt = errors.New("MKP encrypt error") ErrMasterKeyProviderNoPrimaryKey = errors.New("MKP no primary key") )
Functions ¶
This section is empty.
Types ¶
type KeyProvider ¶
type KeyProvider struct {
// contains filtered or unexported fields
}
func (*KeyProvider) GoString ¶
func (kp *KeyProvider) GoString() string
func (*KeyProvider) ID ¶
func (kp *KeyProvider) ID() string
func (*KeyProvider) String ¶
func (kp *KeyProvider) String() string
func (*KeyProvider) Type ¶
func (kp *KeyProvider) Type() ProviderType
type KmsKeyProvider ¶
type KmsKeyProvider[KT keys.KmsMasterKeyI] struct { // contains filtered or unexported fields }
func NewKmsKeyProvider ¶
func NewKmsKeyProvider(keyIDs ...string) (*KmsKeyProvider[keys.KmsMasterKeyI], error)
func NewKmsKeyProviderWithOpts ¶
func NewKmsKeyProviderWithOpts(keyIDs []string, optFns ...func(options *KmsProviderOptions) error) (*KmsKeyProvider[keys.KmsMasterKeyI], error)
func (*KmsKeyProvider[KT]) DecryptDataKey ¶
func (kmsKP *KmsKeyProvider[KT]) DecryptDataKey(ctx context.Context, encryptedDataKey keys.EncryptedDataKeyI, alg *suite.AlgorithmSuite, ec suite.EncryptionContext) (keys.DataKeyI, error)
func (*KmsKeyProvider[KT]) DecryptDataKeyFromList ¶
func (kmsKP *KmsKeyProvider[KT]) DecryptDataKeyFromList(ctx context.Context, encryptedDataKeys []keys.EncryptedDataKeyI, alg *suite.AlgorithmSuite, ec suite.EncryptionContext) (keys.DataKeyI, error)
DecryptDataKeyFromList iterates through EDK, calls DecryptDataKey
func (*KmsKeyProvider[KT]) MasterKeyForDecrypt ¶
func (kmsKP *KmsKeyProvider[KT]) MasterKeyForDecrypt(ctx context.Context, metadata keys.KeyMeta) (keys.MasterKeyBase, error)
func (*KmsKeyProvider[KT]) MasterKeysForEncryption ¶
func (kmsKP *KmsKeyProvider[KT]) MasterKeysForEncryption(_ context.Context, _ suite.EncryptionContext, _ []byte, _ int) (keys.MasterKeyBase, []keys.MasterKeyBase, error)
func (*KmsKeyProvider[KT]) Provider ¶
func (kmsKP *KmsKeyProvider[KT]) Provider() *KeyProvider
func (*KmsKeyProvider[KT]) ValidateProviderID ¶
func (kmsKP *KmsKeyProvider[KT]) ValidateProviderID(otherID string) error
type KmsKeyProviderI ¶
type KmsKeyProviderI interface {
MasterKeyProvider
// contains filtered or unexported methods
}
type KmsOptionFunc ¶
type KmsOptionFunc func(options *KmsProviderOptions) error
func WithAwsLoadOptions ¶
func WithAwsLoadOptions(opts ...func(options *config.LoadOptions) error) KmsOptionFunc
func WithDiscovery ¶
func WithDiscovery(enabled bool) KmsOptionFunc
func WithDiscoveryFilter ¶
func WithDiscoveryFilter(accountIDs []string, partition string) KmsOptionFunc
type KmsProviderOptions ¶
type KmsProviderOptions struct {
// contains filtered or unexported fields
}
type MasterKeyProvider ¶
type MasterKeyProvider interface {
ProviderBase
MasterKeysForEncryption(ctx context.Context, ec suite.EncryptionContext, plaintextRoStream []byte, plaintextLength int) (keys.MasterKeyBase, []keys.MasterKeyBase, error)
MasterKeyForDecrypt(ctx context.Context, metadata keys.KeyMeta) (keys.MasterKeyBase, error)
DecryptDataKey(ctx context.Context, encryptedDataKey keys.EncryptedDataKeyI, alg *suite.AlgorithmSuite, ec suite.EncryptionContext) (keys.DataKeyI, error)
DecryptDataKeyFromList(ctx context.Context, encryptedDataKeys []keys.EncryptedDataKeyI, alg *suite.AlgorithmSuite, ec suite.EncryptionContext) (keys.DataKeyI, error)
// contains filtered or unexported methods
}
type ProviderBase ¶
type ProviderBase interface {
Provider() *KeyProvider
ValidateProviderID(otherID string) error
}
type ProviderType ¶
type ProviderType int8
const ( AwsKms ProviderType // 1 is AWS_KMS key provider Raw // 2 is RAW key provider )
func (ProviderType) GoString ¶
func (p ProviderType) GoString() string
func (ProviderType) String ¶
func (p ProviderType) String() string
type RawKeyProvider ¶
type RawKeyProvider[KT keys.RawMasterKeyI] struct { // contains filtered or unexported fields }
func NewRawKeyProviderWithOpts ¶
func NewRawKeyProviderWithOpts(providerID string, optFns ...func(options *RawProviderOptions) error) (*RawKeyProvider[keys.RawMasterKeyI], error)
func (*RawKeyProvider[KT]) DecryptDataKey ¶
func (rawKP *RawKeyProvider[KT]) DecryptDataKey(ctx context.Context, encryptedDataKey keys.EncryptedDataKeyI, alg *suite.AlgorithmSuite, ec suite.EncryptionContext) (keys.DataKeyI, error)
func (*RawKeyProvider[KT]) DecryptDataKeyFromList ¶
func (rawKP *RawKeyProvider[KT]) DecryptDataKeyFromList(ctx context.Context, encryptedDataKeys []keys.EncryptedDataKeyI, alg *suite.AlgorithmSuite, ec suite.EncryptionContext) (keys.DataKeyI, error)
func (*RawKeyProvider[KT]) MasterKeyForDecrypt ¶
func (rawKP *RawKeyProvider[KT]) MasterKeyForDecrypt(ctx context.Context, metadata keys.KeyMeta) (keys.MasterKeyBase, error)
func (*RawKeyProvider[KT]) MasterKeysForEncryption ¶
func (rawKP *RawKeyProvider[KT]) MasterKeysForEncryption(_ context.Context, _ suite.EncryptionContext, _ []byte, _ int) (keys.MasterKeyBase, []keys.MasterKeyBase, error)
func (*RawKeyProvider[KT]) Provider ¶
func (rawKP *RawKeyProvider[KT]) Provider() *KeyProvider
func (*RawKeyProvider[KT]) ValidateProviderID ¶
func (rawKP *RawKeyProvider[KT]) ValidateProviderID(otherID string) error
type RawKeyProviderI ¶
type RawKeyProviderI interface {
MasterKeyProvider
// contains filtered or unexported methods
}
type RawOptionFunc ¶
type RawOptionFunc func(*RawProviderOptions) error
func WithStaticKey ¶
func WithStaticKey(keyID string, key []byte) RawOptionFunc
type RawProviderOptions ¶
type RawProviderOptions struct {
// contains filtered or unexported fields
}
Source Files
Click to show internal directories.
Click to hide internal directories.