Versions in this module Expand all Collapse all v1 v1.1.11 Mar 9, 2023 v1.1.10 Feb 14, 2023 v1.1.9 Feb 14, 2023 v1.1.8 Aug 6, 2021 Changes in this version + const DefaultCacheSize + const DefaultPrefix + const DefaultVersionTemplate + const EncryptedKeyPolicyVersionTpl + const ErrTooOld + const Kdf_hkdf_sha256 + const Kdf_hmac_sha256_counter + const KeyType_AES256_GCM96 + const KeyType_ChaCha20_Poly1305 + const KeyType_ECDSA_P256 + const KeyType_ED25519 + const KeyType_RSA2048 + const KeyType_RSA4096 + var ErrNilPolicy = errors.New("nil policy provided") + var ErrNilStorage = errors.New("nil storage provided") + var ErrPolicyConvergentEncryption = errors.New("key policy must use convergent encryption") + var ErrPolicyConvergentVersion = errors.New("key policy must use convergent version > 2") + var ErrPolicyDerivedKeys = errors.New("key policy must use derived keys") + var HashFuncMap = map[HashType]func() hash.Hash + var HashTypeMap = map[string]HashType + var MarshalingTypeMap = map[string]MarshalingType + type BackupInfo struct + Time time.Time + Version int + type EncryptedKeyStorageConfig struct + CacheSize int + Policy *Policy + Prefix string + type EncryptedKeyStorageWrapper struct + func NewEncryptedKeyStorageWrapper(config EncryptedKeyStorageConfig) (*EncryptedKeyStorageWrapper, error) + func (f *EncryptedKeyStorageWrapper) Wrap(s logical.Storage) logical.Storage + type HashType uint32 + const HashTypeSHA1 + const HashTypeSHA2224 + const HashTypeSHA2256 + const HashTypeSHA2384 + const HashTypeSHA2512 + type KeyData struct + ArchivedKeys *archivedKeys + Policy *Policy + type KeyEntry struct + ConvergentVersion int + CreationTime time.Time + DeprecatedCreationTime int64 + EC_D *big.Int + EC_X *big.Int + EC_Y *big.Int + FormattedPublicKey string + HMACKey []byte + Key []byte + RSAKey *rsa.PrivateKey + type KeyType int + func (kt KeyType) DecryptionSupported() bool + func (kt KeyType) DerivationSupported() bool + func (kt KeyType) EncryptionSupported() bool + func (kt KeyType) HashSignatureInput() bool + func (kt KeyType) SigningSupported() bool + func (kt KeyType) String() string + type LockManager struct + func NewLockManager(cacheDisabled bool) *LockManager + func (lm *LockManager) BackupPolicy(ctx context.Context, storage logical.Storage, name string) (string, error) + func (lm *LockManager) CacheActive() bool + func (lm *LockManager) DeletePolicy(ctx context.Context, storage logical.Storage, name string) error + func (lm *LockManager) GetPolicy(ctx context.Context, req PolicyRequest) (retP *Policy, retUpserted bool, retErr error) + func (lm *LockManager) InvalidatePolicy(name string) + func (lm *LockManager) RestorePolicy(ctx context.Context, storage logical.Storage, name, backup string, force bool) error + type MarshalingType uint32 + const MarshalingTypeASN1 + const MarshalingTypeJWS + type Policy struct + AllowPlaintextBackup bool + ArchiveMinVersion int + ArchiveVersion int + BackupInfo *BackupInfo + ConvergentEncryption bool + ConvergentVersion int + DeletionAllowed bool + Derived bool + Exportable bool + KDF int + Key []byte + Keys keyEntryMap + LatestVersion int + MinAvailableVersion int + MinDecryptionVersion int + MinEncryptionVersion int + Name string + RestoreInfo *RestoreInfo + StoragePrefix string + Type KeyType + VersionTemplate string + func LoadPolicy(ctx context.Context, s logical.Storage, path string) (*Policy, error) + func NewPolicy(config PolicyConfig) *Policy + func (p *Policy) Backup(ctx context.Context, storage logical.Storage) (out string, retErr error) + func (p *Policy) Decrypt(context, nonce []byte, value string) (string, error) + func (p *Policy) DeriveKey(context []byte, ver, numBytes int) ([]byte, error) + func (p *Policy) Encrypt(ver int, context, nonce []byte, value string) (string, error) + func (p *Policy) HMACKey(version int) ([]byte, error) + func (p *Policy) LoadArchive(ctx context.Context, storage logical.Storage) (*archivedKeys, error) + func (p *Policy) Lock(exclusive bool) + func (p *Policy) MigrateKeyToKeysMap() + func (p *Policy) NeedsUpgrade() bool + func (p *Policy) Persist(ctx context.Context, storage logical.Storage) (retErr error) + func (p *Policy) Rotate(ctx context.Context, storage logical.Storage) (retErr error) + func (p *Policy) Serialize() ([]byte, error) + func (p *Policy) Sign(ver int, context, input []byte, hashAlgorithm HashType, sigAlgorithm string, ...) (*SigningResult, error) + func (p *Policy) Unlock() + func (p *Policy) Upgrade(ctx context.Context, storage logical.Storage) (retErr error) + func (p *Policy) VerifySignature(context, input []byte, hashAlgorithm HashType, sigAlgorithm string, ...) (bool, error) + type PolicyConfig struct + AllowPlaintextBackup bool + ConvergentEncryption bool + DeletionAllowed bool + Derived bool + Exportable bool + KDF int + Name string + StoragePrefix string + Type KeyType + VersionTemplate string + type PolicyRequest struct + AllowPlaintextBackup bool + Convergent bool + Derived bool + Exportable bool + KeyType KeyType + Name string + Storage logical.Storage + Upsert bool + type RestoreInfo struct + Time time.Time + Version int + type SigningResult struct + PublicKey []byte + Signature string
Go to main page