mem

package

v4.7.0 Latest Latest Go to latest Published: Dec 21, 2023 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Laisky/go-utils

Links

Open Source Insights

Documentation ¶

Overview ¶

Package mem is a multi-key KMS in pure memory

Index ¶

type KMS
- func New(keks map[uint16][]byte, opts ...KMSOption) (*KMS, error)
type KMSOption

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type KMS ¶

type KMS struct {
	// contains filtered or unexported fields
}

KMS insecure memory based KMS

this KMS support multiple Keks, derieve dek by latest kek(keks[maxKeyID]).

func New ¶

func New(keks map[uint16][]byte,
	opts ...KMSOption) (*KMS, error)

New new kms

func (*KMS) AddKek ¶

func (m *KMS) AddKek(_ context.Context,
	kekID uint16,
	kek []byte) error

AddKek add new kek

func (*KMS) Decrypt ¶

func (m *KMS) Decrypt(ctx context.Context,
	ei *gkms.EncryptedData,
	additionalData []byte) (plaintext []byte, err error)

Decrypt decrypt ciphertext

func (*KMS) DeriveKey ¶

func (m *KMS) DeriveKey(ctx context.Context,
	length int) (kekID uint16, dekID, dek []byte, err error)

DeriveKey derive random key

func (*KMS) DeriveKeyByID ¶

func (m *KMS) DeriveKeyByID(_ context.Context,
	kekID uint16,
	dekID []byte,
	length int) (dek []byte, err error)

DeriveKeyByID derive key by specific arguments

Cautious: this method is will dangerous, could derive key by any kek and dek id, that could cause security issue. it is your responsibility to ensure user has permission to access this dek id.

func (*KMS) Encrypt ¶

func (m *KMS) Encrypt(ctx context.Context,
	plaintext, additionalData []byte) (ei *gkms.EncryptedData, err error)

Encrypt encrypt by random dek

func (*KMS) EncryptByID ¶

func (m *KMS) EncryptByID(ctx context.Context,
	plaintext, additionalData []byte,
	kekID uint16,
	dekID []byte) (ciphertext []byte, err error)

Encrypt encrypt by specific dek

func (*KMS) Kek ¶

func (m *KMS) Kek(_ context.Context) (
	kekID uint16, kek []byte, err error)

KEK return current used kek

func (*KMS) Keks ¶

func (m *KMS) Keks(_ context.Context) (
	keks map[uint16][]byte, err error)

keks return all keks

func (*KMS) Status ¶ added in v4.2.0

func (m *KMS) Status() gkms.Status

Status return current status

type KMSOption ¶

type KMSOption func(*kmsOption) error

KMSOption optional arguments for kms

func WithAesKeyLen ¶

func WithAesKeyLen(keyLen int) KMSOption

(optional) WithAesKeyLen set aes key length

default to 32

func WithDekKeyLen ¶

func WithDekKeyLen(keyLen int) KMSOption

WithDekKeyLen (optional) set aes key length

default to 128

func WithLogger ¶

func WithLogger(logger glog.Logger) KMSOption

WithLogger (optional) set internal logger

default to gutils logger

Source Files ¶

View all Source files

kms.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL