encryption

package
v0.328.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 12, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Encryptable

type Encryptable interface {
	EncryptJSON(input any) (json.RawMessage, error)
	DecryptJSON(input json.RawMessage, output any) error
}

Encryptable is an interface for encrypting and decrypting JSON payloads. Deprecated: This is will be changed or removed very soon.

func NewClearTextEncryptor

func NewClearTextEncryptor(key string) (Encryptable, error)

func NewDeprecatedEncryptor added in v0.328.1

func NewDeprecatedEncryptor(keySet keyset.Handle) (Encryptable, error)

NewDeprecatedEncryptor encrypts and decrypts JSON payloads using the provided key set. The key set must contain a primary key that is a streaming AEAD primitive.

func NewForKeyOrURI

func NewForKeyOrURI(keyOrURI string) (Encryptable, error)

NewForKeyOrURI creates a new encryptor using the provided key or URI. Deprecated: This is will be changed or removed very soon.

type EncryptedPayload

type EncryptedPayload struct {
	Encrypted []byte `json:"encrypted"`
}

EncryptedPayload is a JSON payload that contains the encrypted data to put into the database. Deprecated: This is will be changed or removed very soon.

type Encryptor

type Encryptor struct {
	// contains filtered or unexported fields
}

Encryptor uses streaming with JSON payloads. Deprecated: This is will be changed or removed very soon.

func (Encryptor) DecryptJSON

func (e Encryptor) DecryptJSON(input json.RawMessage, output any) error

func (Encryptor) EncryptJSON

func (e Encryptor) EncryptJSON(input any) (json.RawMessage, error)

type EncryptorNext added in v0.328.1

type EncryptorNext interface {
	Encrypt(subKey SubKey, cleartext []byte) ([]byte, error)
	Decrypt(subKey SubKey, encrypted []byte) ([]byte, error)
}

type KMSEncryptor added in v0.328.1

type KMSEncryptor struct {
	// contains filtered or unexported fields
}

KMSEncryptor encrypts and decrypts using a KMS key via tink. TODO: maybe change to DerivableEncryptor and integrate plaintext and kms encryptor.

func NewKMSEncryptorGenerateKey added in v0.328.1

func NewKMSEncryptorGenerateKey(uri string, v1client *awsv1kms.KMS) (*KMSEncryptor, error)

func NewKMSEncryptorWithKMS added in v0.328.1

func NewKMSEncryptorWithKMS(uri string, v1client *awsv1kms.KMS, encryptedKeyset []byte) (*KMSEncryptor, error)

func (*KMSEncryptor) Decrypt added in v0.328.1

func (k *KMSEncryptor) Decrypt(subKey SubKey, encrypted []byte) ([]byte, error)

func (*KMSEncryptor) Encrypt added in v0.328.1

func (k *KMSEncryptor) Encrypt(subKey SubKey, cleartext []byte) ([]byte, error)

func (*KMSEncryptor) GetEncryptedKeyset added in v0.328.1

func (k *KMSEncryptor) GetEncryptedKeyset() []byte

type NoOpEncryptor

type NoOpEncryptor struct {
}

NoOpEncryptor does not encrypt or decrypt and just passes the input as is. Deprecated: This is will be changed or removed very soon.

func (NoOpEncryptor) DecryptJSON

func (n NoOpEncryptor) DecryptJSON(input json.RawMessage, output any) error

func (NoOpEncryptor) EncryptJSON

func (n NoOpEncryptor) EncryptJSON(input any) (json.RawMessage, error)

type NoOpEncryptorNext added in v0.328.1

type NoOpEncryptorNext struct{}

NoOpEncryptorNext does not encrypt and just passes the input as is.

func (NoOpEncryptorNext) Decrypt added in v0.328.1

func (n NoOpEncryptorNext) Decrypt(_ SubKey, encrypted []byte) ([]byte, error)

func (NoOpEncryptorNext) Encrypt added in v0.328.1

func (n NoOpEncryptorNext) Encrypt(_ SubKey, cleartext []byte) ([]byte, error)

type PlaintextEncryptor added in v0.328.1

type PlaintextEncryptor struct {
	// contains filtered or unexported fields
}

func NewPlaintextEncryptor added in v0.328.1

func NewPlaintextEncryptor(key string) (*PlaintextEncryptor, error)

func (PlaintextEncryptor) Decrypt added in v0.328.1

func (p PlaintextEncryptor) Decrypt(subKey SubKey, encrypted []byte) ([]byte, error)

func (PlaintextEncryptor) Encrypt added in v0.328.1

func (p PlaintextEncryptor) Encrypt(subKey SubKey, cleartext []byte) ([]byte, error)

type SubKey added in v0.328.1

type SubKey string
const (
	LogsSubKey  SubKey = "logs"
	AsyncSubKey SubKey = "async"
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL