crypto

package

v0.7.1 Latest Latest Go to latest Published: Jan 26, 2021 License: BSD-3-Clause Imports: 8 Imported by: 0

Details

This section is empty.

View Source

var ErrInvalidKey = fmt.Errorf("invalid encryption key")

ErrInvalidKey encryption key is not valid.

View Source

var ErrKeyAlreadyUsed = fmt.Errorf("encryption key already used")

ErrKeyAlreadyUsed encryption key has already been set for subjectID.

View Source

var ErrKeyExistsForSubjectID = fmt.Errorf("key already exists for subjectID")

ErrKeyExistsForSubjectID encryption key has already been set for subjectID.

View Source

var ErrKeyNotFound = fmt.Errorf("key not found")

ErrKeyNotFound encryption key was not found error.

View Source

var ErrKeyWasDeleted = fmt.Errorf("removed from GDPR request")

ErrKeyWasDeleted encryption key was removed error.

func NewAESEncryption(options ...Option) *aesEncryption

NewAESEncryption constructs an AES/CBC/PKCS5Padding encryption engine.

func NewEventEncryptor(store KeyStore, encryptor Encryptor) *eventEncryptor

type Encryptor interface {
	Encrypt(key, data string) (string, error)
	Decrypt(key, cipherText string) (string, error)
}

Encryptor defines how to encrypt/decrypt string data using base64.

type EventEncryptor interface {
	Encrypt(event rangedb.Event) error
	Decrypt(event rangedb.Event) error
}

EventEncryptor defines how to encrypt/decrypt a rangedb.Event

type KeyStore interface {
	Get(subjectID string) (string, error)
	Set(subjectID, key string) error
	Delete(subjectID string) error
}

KeyStore defines how encryption keys are stored. Verified by cryptotest.VerifyKeyStore.

type Option func(*aesEncryption)

Option defines functional option parameters for aesEncryption.

func WithRandReader(randReader RandReader) Option

WithRandReader is a functional option to inject a random reader.

type RandReader func(b []byte) (n int, err error)

type SelfEncryptor interface {
	Encrypt(encryptor Encryptor) error
	Decrypt(encryptor Encryptor) error
}

SelfEncryptor defines how events encrypt/decrypt themselves.

Path	Synopsis
cryptotest Code generated by go generate; DO NOT EDIT.	Code generated by go generate; DO NOT EDIT.
provider
inmemorykeystore
postgreskeystore
vaultkeystore