crypto

package
v1.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 18, 2021 License: MIT Imports: 18 Imported by: 0

Documentation

Overview

File copied form s3crypto repository Original repo: https://github.com/ONSdigital/s3crypto

Index

Constants

This section is empty.

Variables

View Source
var ErrNoMetadataPSK = errors.New("no encrypted key found for this file, you are trying to download a file which is not encrypted")

ErrNoMetadataPSK is returned when the file you are trying to download is not encrypted

View Source
var ErrNoPrivateKey = errors.New("you have not provided a private key and therefore do not have permission to complete this action")

ErrNoPrivateKey is returned when an attempt is made to access a method that requires a private key when it has not been provided

Functions

This section is empty.

Types

type Config

type Config struct {
	PublicKey  *rsa.PublicKey
	PrivateKey *rsa.PrivateKey

	HasUserDefinedPSK  bool
	MultipartChunkSize int
}

Config represents the configuration items for the CryptoClient

type CryptoClient

type CryptoClient struct {
	s3iface.S3API
	// contains filtered or unexported fields
}

CryptoClient provides a wrapper to the aws-sdk-go S3 object

func New

func New(sess *session.Session, cfg *Config) *CryptoClient

New supports the creation of an Encryption supported client with a given aws session and rsa Private Key.

func (*CryptoClient) CompleteMultipartUpload

func (c *CryptoClient) CompleteMultipartUpload(input *s3.CompleteMultipartUploadInput) (*s3.CompleteMultipartUploadOutput, error)

CompleteMultipartUpload is a wrapper for CompleteMultipartUploadRequest

func (*CryptoClient) CompleteMultipartUploadRequest

func (c *CryptoClient) CompleteMultipartUploadRequest(input *s3.CompleteMultipartUploadInput) (req *request.Request, out *s3.CompleteMultipartUploadOutput)

CompleteMultipartUploadRequest wraps the SDK method by removing the temporarily stored encrypted PSK object.

func (*CryptoClient) CompleteMultipartUploadWithContext

func (c *CryptoClient) CompleteMultipartUploadWithContext(ctx aws.Context, input *s3.CompleteMultipartUploadInput, opts ...request.Option) (*s3.CompleteMultipartUploadOutput, error)

CompleteMultipartUploadWithContext is a wrapper for CompleteMultipartUploadRequest with the additional context, and request options support.

func (*CryptoClient) CreateMultipartUpload

func (c *CryptoClient) CreateMultipartUpload(input *s3.CreateMultipartUploadInput) (*s3.CreateMultipartUploadOutput, error)

CreateMultipartUpload is a wrapper for CreateMultipartUploadRequest

func (*CryptoClient) CreateMultipartUploadRequest

func (c *CryptoClient) CreateMultipartUploadRequest(input *s3.CreateMultipartUploadInput) (req *request.Request, out *s3.CreateMultipartUploadOutput)

CreateMultipartUploadRequest wraps the SDK method by creating a PSK which is encrypted using the public key and stored as metadata against the completed object, as well as temporarily being stored as its own object while the Multipart upload is being updated.

func (*CryptoClient) CreateMultipartUploadWithContext

func (c *CryptoClient) CreateMultipartUploadWithContext(ctx aws.Context, input *s3.CreateMultipartUploadInput, opts ...request.Option) (*s3.CreateMultipartUploadOutput, error)

CreateMultipartUploadWithContext is a wrapper for CreateMultipartUploadRequest with the additional context, and request options support.

func (*CryptoClient) GetObject

func (c *CryptoClient) GetObject(input *s3.GetObjectInput) (*s3.GetObjectOutput, error)

GetObject is a wrapper for GetObjectRequest

func (*CryptoClient) GetObjectRequest

func (c *CryptoClient) GetObjectRequest(input *s3.GetObjectInput) (req *request.Request, out *s3.GetObjectOutput)

GetObjectRequest wraps the SDK method by retrieving the encrypted PSK from the object metadata. The PSK is then decrypted, and is then used to decrypt the content of the object.

func (*CryptoClient) GetObjectRequestWithPSK

func (c *CryptoClient) GetObjectRequestWithPSK(input *s3.GetObjectInput, psk []byte) (req *request.Request, out *s3.GetObjectOutput)

GetObjectRequestWithPSK wraps the SDK method by decrypting the retrieved object content with the given PSK

func (*CryptoClient) GetObjectWithContext

func (c *CryptoClient) GetObjectWithContext(ctx aws.Context, input *s3.GetObjectInput, opts ...request.Option) (*s3.GetObjectOutput, error)

GetObjectWithContext is a wrapper for GetObjectRequest with the additional context, and request options support.

func (*CryptoClient) GetObjectWithContextWithPSK

func (c *CryptoClient) GetObjectWithContextWithPSK(ctx aws.Context, input *s3.GetObjectInput, psk []byte, opts ...request.Option) (*s3.GetObjectOutput, error)

GetObjectWithContextWithPSK is a wrapper for GetObjectRequestWithPSK with the additional context, and request options support.

func (*CryptoClient) GetObjectWithPSK

func (c *CryptoClient) GetObjectWithPSK(input *s3.GetObjectInput, psk []byte) (*s3.GetObjectOutput, error)

GetObjectWithPSK is a wrapper for GetObjectRequestWithPSK

func (*CryptoClient) PutObject

func (c *CryptoClient) PutObject(input *s3.PutObjectInput) (*s3.PutObjectOutput, error)

PutObject is a wrapper for PutObjectRequest

func (*CryptoClient) PutObjectRequest

func (c *CryptoClient) PutObjectRequest(input *s3.PutObjectInput) (req *request.Request, out *s3.PutObjectOutput)

PutObjectRequest wraps the SDK method by creating a PSK, encrypting it using the public key, and encrypting the object content using the PSK

func (*CryptoClient) PutObjectRequestWithPSK

func (c *CryptoClient) PutObjectRequestWithPSK(input *s3.PutObjectInput, psk []byte) (req *request.Request, out *s3.PutObjectOutput)

PutObjectRequestWithPSK wraps the SDK method by encrypting the object content with a user defined PSK

func (*CryptoClient) PutObjectWithContextWithPSK

func (c *CryptoClient) PutObjectWithContextWithPSK(ctx aws.Context, input *s3.PutObjectInput, psk []byte, opts ...request.Option) (*s3.PutObjectOutput, error)

PutObjectWithContextWithPSK is a wrapper for PutObjectRequestWithPSK with the additional context, and request options support.

func (*CryptoClient) PutObjectWithPSK

func (c *CryptoClient) PutObjectWithPSK(input *s3.PutObjectInput, psk []byte) (*s3.PutObjectOutput, error)

PutObjectWithPSK is a wrapper for PutObjectRequestWithPSK

func (*CryptoClient) UploadPart

func (c *CryptoClient) UploadPart(input *s3.UploadPartInput) (*s3.UploadPartOutput, error)

UploadPart is a wrapper for UploadPartRequest

func (*CryptoClient) UploadPartRequest

func (c *CryptoClient) UploadPartRequest(input *s3.UploadPartInput) (req *request.Request, out *s3.UploadPartOutput)

UploadPartRequest wraps the SDK method by retrieving the encrypted PSK from the temporary object, decrypting the PSK using the private key, before stream encoding the content for the particular part

func (*CryptoClient) UploadPartRequestWithPSK

func (c *CryptoClient) UploadPartRequestWithPSK(input *s3.UploadPartInput, psk []byte) (req *request.Request, out *s3.UploadPartOutput)

UploadPartRequestWithPSK wraps the SDK method encrypting the part contents with a user defined PSK

func (*CryptoClient) UploadPartWithContext

func (c *CryptoClient) UploadPartWithContext(ctx aws.Context, input *s3.UploadPartInput, opts ...request.Option) (*s3.UploadPartOutput, error)

UploadPartWithContext is a wrapper for UploadPartRequest with the additional context, and request options support.

func (*CryptoClient) UploadPartWithContextWithPSK

func (c *CryptoClient) UploadPartWithContextWithPSK(ctx aws.Context, input *s3.UploadPartInput, psk []byte, opts ...request.Option) (*s3.UploadPartOutput, error)

UploadPartWithContextWithPSK is a wrapper for UploadPartRequestWithPSK with the additional context, and request options support.

func (*CryptoClient) UploadPartWithPSK

func (c *CryptoClient) UploadPartWithPSK(input *s3.UploadPartInput, psk []byte) (*s3.UploadPartOutput, error)

UploadPartWithPSK is a wrapper for UploadPartRequestWithPSK

type Uploader

type Uploader struct {
	*CryptoClient
	// contains filtered or unexported fields
}

Uploader provides a wrapper to the aws-sdk-go s3manager uploader for encryption

func NewUploader

func NewUploader(sess *session.Session, cfg *Config) *Uploader

NewUploader creates a new instance of the crypto Uploader

func (*Uploader) Upload

func (u *Uploader) Upload(input *s3manager.UploadInput) (output *s3manager.UploadOutput, err error)

Upload provides a wrapper for the sdk method with encryption

func (*Uploader) UploadWithPSK

func (u *Uploader) UploadWithPSK(ctx context.Context, input *s3manager.UploadInput, psk []byte) (output *s3manager.UploadOutput, err error)

UploadWithPSK allows you to encrypt the file with a given psk

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL