crypto

package

v2.1.0 Latest Latest Go to latest Published: Dec 6, 2023 License: MIT Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ONSdigital/dp-s3

Links

Open Source Insights

Documentation ¶

Overview ¶

File copied form s3crypto repository Original repo: https://github.com/ONSdigital/s3crypto

Index ¶

Variables
type Config
type CryptoClient
- func New(sess *session.Session, cfg *Config) *CryptoClient
type Uploader
- func NewUploader(sess *session.Session, cfg *Config) *Uploader
- func (u *Uploader) Upload(input *s3manager.UploadInput) (output *s3manager.UploadOutput, err error)
- func (u *Uploader) UploadWithPSK(ctx context.Context, input *s3manager.UploadInput, psk []byte) (output *s3manager.UploadOutput, err error)

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrNoMetadataPSK = errors.New("no encrypted key found for this file, you are trying to download a file which is not encrypted")

ErrNoMetadataPSK is returned when the file you are trying to download is not encrypted

View Source

var ErrNoPrivateKey = errors.New("you have not provided a private key and therefore do not have permission to complete this action")

ErrNoPrivateKey is returned when an attempt is made to access a method that requires a private key when it has not been provided

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	PublicKey  *rsa.PublicKey
	PrivateKey *rsa.PrivateKey

	HasUserDefinedPSK  bool
	MultipartChunkSize int
}

Config represents the configuration items for the CryptoClient

type CryptoClient ¶

type CryptoClient struct {
	s3iface.S3API
	// contains filtered or unexported fields
}

CryptoClient provides a wrapper to the aws-sdk-go S3 object

func New ¶

func New(sess *session.Session, cfg *Config) *CryptoClient

New supports the creation of an Encryption supported client with a given aws session and rsa Private Key.

func (*CryptoClient) CompleteMultipartUpload ¶

func (c *CryptoClient) CompleteMultipartUpload(input *s3.CompleteMultipartUploadInput) (*s3.CompleteMultipartUploadOutput, error)

CompleteMultipartUpload is a wrapper for CompleteMultipartUploadRequest

func (*CryptoClient) CompleteMultipartUploadRequest ¶

func (c *CryptoClient) CompleteMultipartUploadRequest(input *s3.CompleteMultipartUploadInput) (req *request.Request, out *s3.CompleteMultipartUploadOutput)

CompleteMultipartUploadRequest wraps the SDK method by removing the temporarily stored encrypted PSK object.

func (*CryptoClient) CompleteMultipartUploadWithContext ¶

func (c *CryptoClient) CompleteMultipartUploadWithContext(ctx aws.Context, input *s3.CompleteMultipartUploadInput, opts ...request.Option) (*s3.CompleteMultipartUploadOutput, error)

CompleteMultipartUploadWithContext is a wrapper for CompleteMultipartUploadRequest with the additional context, and request options support.

func (*CryptoClient) CreateMultipartUpload ¶

func (c *CryptoClient) CreateMultipartUpload(input *s3.CreateMultipartUploadInput) (*s3.CreateMultipartUploadOutput, error)

CreateMultipartUpload is a wrapper for CreateMultipartUploadRequest

func (*CryptoClient) CreateMultipartUploadRequest ¶

func (c *CryptoClient) CreateMultipartUploadRequest(input *s3.CreateMultipartUploadInput) (req *request.Request, out *s3.CreateMultipartUploadOutput)

CreateMultipartUploadRequest wraps the SDK method by creating a PSK which is encrypted using the public key and stored as metadata against the completed object, as well as temporarily being stored as its own object while the Multipart upload is being updated.

func (*CryptoClient) CreateMultipartUploadWithContext ¶

func (c *CryptoClient) CreateMultipartUploadWithContext(ctx aws.Context, input *s3.CreateMultipartUploadInput, opts ...request.Option) (*s3.CreateMultipartUploadOutput, error)

CreateMultipartUploadWithContext is a wrapper for CreateMultipartUploadRequest with the additional context, and request options support.

func (*CryptoClient) GetObject ¶

func (c *CryptoClient) GetObject(input *s3.GetObjectInput) (*s3.GetObjectOutput, error)

GetObject is a wrapper for GetObjectRequest

func (*CryptoClient) GetObjectRequest ¶

func (c *CryptoClient) GetObjectRequest(input *s3.GetObjectInput) (req *request.Request, out *s3.GetObjectOutput)

GetObjectRequest wraps the SDK method by retrieving the encrypted PSK from the object metadata. The PSK is then decrypted, and is then used to decrypt the content of the object.

func (*CryptoClient) GetObjectRequestWithPSK ¶

func (c *CryptoClient) GetObjectRequestWithPSK(input *s3.GetObjectInput, psk []byte) (req *request.Request, out *s3.GetObjectOutput)

GetObjectRequestWithPSK wraps the SDK method by decrypting the retrieved object content with the given PSK

func (*CryptoClient) GetObjectWithContext ¶

func (c *CryptoClient) GetObjectWithContext(ctx aws.Context, input *s3.GetObjectInput, opts ...request.Option) (*s3.GetObjectOutput, error)

GetObjectWithContext is a wrapper for GetObjectRequest with the additional context, and request options support.

func (*CryptoClient) GetObjectWithContextWithPSK ¶

func (c *CryptoClient) GetObjectWithContextWithPSK(ctx aws.Context, input *s3.GetObjectInput, psk []byte, opts ...request.Option) (*s3.GetObjectOutput, error)

GetObjectWithContextWithPSK is a wrapper for GetObjectRequestWithPSK with the additional context, and request options support.

func (*CryptoClient) GetObjectWithPSK ¶

func (c *CryptoClient) GetObjectWithPSK(input *s3.GetObjectInput, psk []byte) (*s3.GetObjectOutput, error)

GetObjectWithPSK is a wrapper for GetObjectRequestWithPSK

func (*CryptoClient) PutObject ¶

func (c *CryptoClient) PutObject(input *s3.PutObjectInput) (*s3.PutObjectOutput, error)

PutObject is a wrapper for PutObjectRequest

func (*CryptoClient) PutObjectRequest ¶

func (c *CryptoClient) PutObjectRequest(input *s3.PutObjectInput) (req *request.Request, out *s3.PutObjectOutput)

PutObjectRequest wraps the SDK method by creating a PSK, encrypting it using the public key, and encrypting the object content using the PSK

func (*CryptoClient) PutObjectRequestWithPSK ¶

func (c *CryptoClient) PutObjectRequestWithPSK(input *s3.PutObjectInput, psk []byte) (req *request.Request, out *s3.PutObjectOutput)

PutObjectRequestWithPSK wraps the SDK method by encrypting the object content with a user defined PSK

func (*CryptoClient) PutObjectWithContextWithPSK ¶

func (c *CryptoClient) PutObjectWithContextWithPSK(ctx aws.Context, input *s3.PutObjectInput, psk []byte, opts ...request.Option) (*s3.PutObjectOutput, error)

PutObjectWithContextWithPSK is a wrapper for PutObjectRequestWithPSK with the additional context, and request options support.

func (*CryptoClient) PutObjectWithPSK ¶

func (c *CryptoClient) PutObjectWithPSK(input *s3.PutObjectInput, psk []byte) (*s3.PutObjectOutput, error)

PutObjectWithPSK is a wrapper for PutObjectRequestWithPSK

func (*CryptoClient) UploadPart ¶

func (c *CryptoClient) UploadPart(input *s3.UploadPartInput) (*s3.UploadPartOutput, error)

UploadPart is a wrapper for UploadPartRequest

func (*CryptoClient) UploadPartRequest ¶

func (c *CryptoClient) UploadPartRequest(input *s3.UploadPartInput) (req *request.Request, out *s3.UploadPartOutput)

UploadPartRequest wraps the SDK method by retrieving the encrypted PSK from the temporary object, decrypting the PSK using the private key, before stream encoding the content for the particular part

func (*CryptoClient) UploadPartRequestWithPSK ¶

func (c *CryptoClient) UploadPartRequestWithPSK(input *s3.UploadPartInput, psk []byte) (req *request.Request, out *s3.UploadPartOutput)

UploadPartRequestWithPSK wraps the SDK method encrypting the part contents with a user defined PSK

func (*CryptoClient) UploadPartWithContext ¶

func (c *CryptoClient) UploadPartWithContext(ctx aws.Context, input *s3.UploadPartInput, opts ...request.Option) (*s3.UploadPartOutput, error)

UploadPartWithContext is a wrapper for UploadPartRequest with the additional context, and request options support.

func (*CryptoClient) UploadPartWithContextWithPSK ¶

func (c *CryptoClient) UploadPartWithContextWithPSK(ctx aws.Context, input *s3.UploadPartInput, psk []byte, opts ...request.Option) (*s3.UploadPartOutput, error)

UploadPartWithContextWithPSK is a wrapper for UploadPartRequestWithPSK with the additional context, and request options support.

func (*CryptoClient) UploadPartWithPSK ¶

func (c *CryptoClient) UploadPartWithPSK(input *s3.UploadPartInput, psk []byte) (*s3.UploadPartOutput, error)

UploadPartWithPSK is a wrapper for UploadPartRequestWithPSK

type Uploader ¶

type Uploader struct {
	*CryptoClient
	// contains filtered or unexported fields
}

Uploader provides a wrapper to the aws-sdk-go s3manager uploader for encryption

func NewUploader ¶

func NewUploader(sess *session.Session, cfg *Config) *Uploader

NewUploader creates a new instance of the crypto Uploader

func (*Uploader) Upload ¶

func (u *Uploader) Upload(input *s3manager.UploadInput) (output *s3manager.UploadOutput, err error)

Upload provides a wrapper for the sdk method with encryption

func (*Uploader) UploadWithPSK ¶

func (u *Uploader) UploadWithPSK(ctx context.Context, input *s3manager.UploadInput, psk []byte) (output *s3manager.UploadOutput, err error)

UploadWithPSK allows you to encrypt the file with a given psk

Source Files ¶

View all Source files

s3crypto.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL