encryption

package
v0.354.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 20, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AsyncSubKey added in v0.328.1

type AsyncSubKey struct{}

AsyncSubKey is a type that represents the subkey for async.

func (AsyncSubKey) SubKey added in v0.349.0

func (AsyncSubKey) SubKey() string

type Builder added in v0.349.0

type Builder struct {
	// contains filtered or unexported fields
}

Builder constructs a DataEncryptor when used with a provider. Use a chain of With* methods to configure the builder.

func NewBuilder added in v0.349.0

func NewBuilder() Builder

func (Builder) Build added in v0.349.0

func (b Builder) Build(ctx context.Context, provider KeyStoreProvider) (DataEncryptor, error)

func (Builder) WithKMSURI added in v0.349.0

func (b Builder) WithKMSURI(kmsURI optional.Option[string]) Builder

WithKMSURI sets the URI for the KMS key to use. Omitting this call or using None will create a NoOpEncryptor.

type DataEncryptor added in v0.334.0

type DataEncryptor interface {
	Encrypt(cleartext []byte, dest Encrypted) error
	Decrypt(encrypted Encrypted) ([]byte, error)
}

type Encrypted added in v0.349.0

type Encrypted interface {
	SubKey() string
	Bytes() []byte
	Set(data []byte)
}

Encrypted is an interface for values that contain encrypted data.

type EncryptedAsyncColumn added in v0.349.0

type EncryptedAsyncColumn = EncryptedColumn[AsyncSubKey]

type EncryptedColumn added in v0.349.0

type EncryptedColumn[SK SubKey] []byte

EncryptedColumn is a type that represents an encrypted column.

It can be used by sqlc to map to/from a bytea column in the database.

func (*EncryptedColumn[SK]) Bytes added in v0.349.0

func (e *EncryptedColumn[SK]) Bytes() []byte

func (*EncryptedColumn[SK]) Scan added in v0.349.0

func (e *EncryptedColumn[SK]) Scan(src interface{}) error

func (*EncryptedColumn[SK]) Set added in v0.349.0

func (e *EncryptedColumn[SK]) Set(b []byte)

func (*EncryptedColumn[SK]) SubKey added in v0.349.0

func (e *EncryptedColumn[SK]) SubKey() string

func (*EncryptedColumn[SK]) Value added in v0.349.0

func (e *EncryptedColumn[SK]) Value() (driver.Value, error)

type EncryptedTimelineColumn added in v0.349.0

type EncryptedTimelineColumn = EncryptedColumn[TimelineSubKey]

type KMSEncryptor added in v0.328.1

type KMSEncryptor struct {
	// contains filtered or unexported fields
}

KMSEncryptor encrypts and decrypts using a KMS key via tink.

func NewKMSEncryptorWithKMS added in v0.328.1

func NewKMSEncryptorWithKMS(uri string, v1client *awsv1kms.KMS, encryptedKeyset []byte) (*KMSEncryptor, error)

func (*KMSEncryptor) Decrypt added in v0.328.1

func (k *KMSEncryptor) Decrypt(encrypted Encrypted) ([]byte, error)

func (*KMSEncryptor) Encrypt added in v0.328.1

func (k *KMSEncryptor) Encrypt(cleartext []byte, dest Encrypted) error

func (*KMSEncryptor) GetEncryptedKeyset added in v0.328.1

func (k *KMSEncryptor) GetEncryptedKeyset() []byte

type KeyStoreProvider added in v0.349.0

type KeyStoreProvider interface {
	// EnsureKey asks a provider to check for an encrypted key.
	// If not available, call the generateKey function to create a new key.
	// The provider should handle transactions around checking and setting the key, to prevent race conditions.
	EnsureKey(ctx context.Context, generateKey func() ([]byte, error)) ([]byte, error)
}

type NoOpEncryptor

type NoOpEncryptor struct{}

NoOpEncryptor does not encrypt and just passes the input as is.

func NewNoOpEncryptor added in v0.334.0

func NewNoOpEncryptor() NoOpEncryptor

func (NoOpEncryptor) Decrypt added in v0.349.0

func (n NoOpEncryptor) Decrypt(encrypted Encrypted) ([]byte, error)

func (NoOpEncryptor) Encrypt added in v0.349.0

func (n NoOpEncryptor) Encrypt(cleartext []byte, dest Encrypted) error

type OptionalEncryptedAsyncColumn added in v0.349.0

type OptionalEncryptedAsyncColumn = optional.Option[EncryptedAsyncColumn]

type OptionalEncryptedTimelineColumn added in v0.349.0

type OptionalEncryptedTimelineColumn = optional.Option[EncryptedTimelineColumn]

type SubKey added in v0.328.1

type SubKey interface{ SubKey() string }

SubKey is an interface for types that specify their own encryption subkey.

type TimelineSubKey added in v0.334.1

type TimelineSubKey struct{}

TimelineSubKey is a type that represents the subkey for logs.

func (TimelineSubKey) SubKey added in v0.349.0

func (TimelineSubKey) SubKey() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL