kms

package

v4.7.0 Latest Latest Go to latest Published: Dec 21, 2023 License: MIT Imports: 5 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Laisky/go-utils

Links

Open Source Insights

Documentation ¶

Overview ¶

Package kms provides a simple kms interface.

Index ¶

type EncryptedData
type EncryptedDataVer
- func (e EncryptedDataVer) String() string
type Interface
type Status
- func (s Status) String() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type EncryptedData ¶

type EncryptedData struct {
	Version    EncryptedDataVer
	KekID      uint16
	DekID      []byte
	Ciphertext []byte
}

EncryptedData encrypted data

func (EncryptedData) Marshal ¶

func (e EncryptedData) Marshal() (data []byte, err error)

Marshal marshal to bytes

func (EncryptedData) MarshalToString ¶ added in v4.6.0

func (e EncryptedData) MarshalToString() (string, error)

MarshalToString marshal to string

func (*EncryptedData) Unmarshal ¶

func (e *EncryptedData) Unmarshal(data []byte) error

Unmarshal unmarshal from bytes

func (*EncryptedData) UnmarshalFromString ¶ added in v4.6.0

func (e *EncryptedData) UnmarshalFromString(s string) error

UnmarshalFromString unmarshal from string

type EncryptedDataVer ¶

type EncryptedDataVer uint8

EncryptedDataVer version of encrypted data

const (
	// EncryptedItemVer1 encrypted item in ver1 layout
	//
	//  type EncryptedItem struct {
	//  	Version    EncryptedItemVer
	//  	KekID      uint16
	//  	DekID      []byte
	//  	Ciphertext []byte
	//  }
	//
	// layout:
	//
	//  - [0,1): version
	//  - [1,3): dek id length
	//  - [3,5): kek id
	//  - [5,5+len(dek id)): dek id
	//  - [5+len(dek id),5+len(dek id)+len(ciphertext)]: ciphertext
	EncryptedItemVer1 EncryptedDataVer = iota
)

func (EncryptedDataVer) String ¶

func (e EncryptedDataVer) String() string

String name

type Interface ¶

type Interface interface {
	// Status get current status
	Status() Status
	// AddKek add new kek
	AddKek(ctx context.Context, kekID uint16, kek []byte) error
	// Kek get current used kek
	Kek(ctx context.Context) (kekID uint16, kek []byte, err error)
	// Keks export all keks
	Keks(ctx context.Context) (keks map[uint16][]byte, err error)
	// DeriveKeyByID derive key by specific kek id  and dek id
	DeriveKeyByID(ctx context.Context,
		kekID uint16,
		dekID []byte,
		length int) (dek []byte, err error)
	// DeriveKey derive random key by current kek
	DeriveKey(ctx context.Context, length int) (kekID uint16, dekID, dek []byte, err error)
	// Encrypt encrypt data
	Encrypt(ctx context.Context, plaintext,
		additionalData []byte) (ed *EncryptedData, err error)
	// Decrypt decrypt data
	Decrypt(ctx context.Context,
		ed *EncryptedData, additionalData []byte) (plaintext []byte, err error)
}

Interface interface of kms

type Status ¶ added in v4.2.0

type Status uint32

Status status of kms

const (
	// StatusImplemented status implemented
	StatusImplemented Status = iota
	// StatusNoKeK need call `AddKek` add at least one kek
	StatusNoKeK
	// StatusReady status ok
	StatusReady
)

func (Status) String ¶ added in v4.2.0

func (s Status) String() string

String return string of status

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mem Package mem is a multi-key KMS in pure memory	Package mem is a multi-key KMS in pure memory

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL