Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Encryptable ¶
type Encryptable interface { EncryptJSON(input any) (json.RawMessage, error) DecryptJSON(input json.RawMessage, output any) error }
Encryptable is an interface for encrypting and decrypting JSON payloads. Deprecated: This is will be changed or removed very soon.
func NewClearTextEncryptor ¶
func NewClearTextEncryptor(key string) (Encryptable, error)
func NewDeprecatedEncryptor ¶ added in v0.328.1
func NewDeprecatedEncryptor(keySet keyset.Handle) (Encryptable, error)
NewDeprecatedEncryptor encrypts and decrypts JSON payloads using the provided key set. The key set must contain a primary key that is a streaming AEAD primitive.
func NewForKeyOrURI ¶
func NewForKeyOrURI(keyOrURI string) (Encryptable, error)
NewForKeyOrURI creates a new encryptor using the provided key or URI. Deprecated: This is will be changed or removed very soon.
type EncryptedPayload ¶
type EncryptedPayload struct {
Encrypted []byte `json:"encrypted"`
}
EncryptedPayload is a JSON payload that contains the encrypted data to put into the database. Deprecated: This is will be changed or removed very soon.
type Encryptor ¶
type Encryptor struct {
// contains filtered or unexported fields
}
Encryptor uses streaming with JSON payloads. Deprecated: This is will be changed or removed very soon.
func (Encryptor) DecryptJSON ¶
func (e Encryptor) DecryptJSON(input json.RawMessage, output any) error
func (Encryptor) EncryptJSON ¶
func (e Encryptor) EncryptJSON(input any) (json.RawMessage, error)
type EncryptorNext ¶ added in v0.328.1
type KMSEncryptor ¶ added in v0.328.1
type KMSEncryptor struct {
// contains filtered or unexported fields
}
KMSEncryptor encrypts and decrypts using a KMS key via tink. TODO: maybe change to DerivableEncryptor and integrate plaintext and kms encryptor.
func NewKMSEncryptorGenerateKey ¶ added in v0.328.1
func NewKMSEncryptorGenerateKey(uri string, v1client *awsv1kms.KMS) (*KMSEncryptor, error)
func NewKMSEncryptorWithKMS ¶ added in v0.328.1
func (*KMSEncryptor) Decrypt ¶ added in v0.328.1
func (k *KMSEncryptor) Decrypt(subKey SubKey, encrypted []byte) ([]byte, error)
func (*KMSEncryptor) Encrypt ¶ added in v0.328.1
func (k *KMSEncryptor) Encrypt(subKey SubKey, cleartext []byte) ([]byte, error)
func (*KMSEncryptor) GetEncryptedKeyset ¶ added in v0.328.1
func (k *KMSEncryptor) GetEncryptedKeyset() []byte
type NoOpEncryptor ¶
type NoOpEncryptor struct { }
NoOpEncryptor does not encrypt or decrypt and just passes the input as is. Deprecated: This is will be changed or removed very soon.
func (NoOpEncryptor) DecryptJSON ¶
func (n NoOpEncryptor) DecryptJSON(input json.RawMessage, output any) error
func (NoOpEncryptor) EncryptJSON ¶
func (n NoOpEncryptor) EncryptJSON(input any) (json.RawMessage, error)
type NoOpEncryptorNext ¶ added in v0.328.1
type NoOpEncryptorNext struct{}
NoOpEncryptorNext does not encrypt and just passes the input as is.
type PlaintextEncryptor ¶ added in v0.328.1
type PlaintextEncryptor struct {
// contains filtered or unexported fields
}
func NewPlaintextEncryptor ¶ added in v0.328.1
func NewPlaintextEncryptor(key string) (*PlaintextEncryptor, error)