encryption

package
v1.3.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 9, 2024 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CipherPrefix = "cipher-"

	KmsAes128AlgorithmName = "cipher-kms-aes-128"
	KmsAes256AlgorithmName = "cipher-kms-aes-256"
	KmsAlgorithmName       = "cipher"

	KmsHandlerName = "KmsHandler"
)

Variables

View Source 
var (
	DataIdParamCheckError  = fmt.Errorf("dataId prefix should start with: %s", CipherPrefix)
	ContentParamCheckError = fmt.Errorf("content need to encrypt is nil")
	KeyIdParamCheckError   = fmt.Errorf("keyId is nil, need to be set")
)
View Source 
var (
	EmptyEncryptedDataKeyError = fmt.Errorf("empty encrypted data key error")
	EmptyPlainDataKeyError     = fmt.Errorf("empty plain data key error")
	EmptyContentError          = fmt.Errorf("encrypt empty content error")
)
View Source 
var (
	EmptyRegionKmsV1ClientInitError = fmt.Errorf("init kmsV1 client failed with empty region")
	EmptyAkKmsV1ClientInitError     = fmt.Errorf("init kmsV1 client failed with empty ak")
	EmptySkKmsV1ClientInitError     = fmt.Errorf("init kmsV1 client failed with empty sk")

	EmptyEndpointKmsV3ClientInitError         = fmt.Errorf("init kmsV3 client failed with empty endpoint")
	EmptyPasswordKmsV3ClientInitError         = fmt.Errorf("init kmsV3 client failed with empty password")
	EmptyClientKeyContentKmsV3ClientInitError = fmt.Errorf("init kmsV3 client failed with empty client key content")
	EmptyCaVerifyKmsV3ClientInitError         = fmt.Errorf("init kmsV3 client failed with empty ca verify")
)
View Source 
var (
	PluginNotFoundError = fmt.Errorf("cannot find encryption plugin by dataId prefix")
)

Functions

func AesEcbPkcs5PaddingDecrypt 

func AesEcbPkcs5PaddingDecrypt(cipherContent, key []byte) (retBytes []byte, err error)

func AesEcbPkcs5PaddingEncrypt 

func AesEcbPkcs5PaddingEncrypt(plainContent, key []byte) (retBytes []byte, err error)

func BlockDecrypt 

func BlockDecrypt(src []byte, b cipher.Block) (dst []byte, err error)

func BlockEncrypt 

func BlockEncrypt(src []byte, b cipher.Block) (dst []byte, err error)

func GetDefaultKMSv1KeyId 

func GetDefaultKMSv1KeyId() string

func PKCS5Padding 

func PKCS5Padding(ciphertext []byte, blockSize int) []byte

func PKCS5UnPadding 

func PKCS5UnPadding(origData []byte) []byte

func RegisterConfigEncryptionKmsPlugins 

func RegisterConfigEncryptionKmsPlugins(encryptionHandler Handler, clientConfig constant.ClientConfig)

Types

type Handler 

type Handler interface {
	EncryptionHandler(*HandlerParam) error
	DecryptionHandler(*HandlerParam) error
	RegisterPlugin(Plugin) error
	GetHandlerName() string
}

func NewKmsHandler 

func NewKmsHandler() Handler

type HandlerParam 

type HandlerParam struct {
	DataId           string `json:"dataId"`  //required
	Content          string `json:"content"` //required
	EncryptedDataKey string `json:"encryptedDataKey"`
	PlainDataKey     string `json:"plainDataKey"`
	KeyId            string `json:"keyId"`
}

type KmsAes128Plugin 

type KmsAes128Plugin struct {
	// contains filtered or unexported fields
}

func (*KmsAes128Plugin) AlgorithmName 

func (k *KmsAes128Plugin) AlgorithmName() string

func (*KmsAes128Plugin) Decrypt 

func (k *KmsAes128Plugin) Decrypt(param *HandlerParam) error

func (*KmsAes128Plugin) DecryptSecretKey 

func (k *KmsAes128Plugin) DecryptSecretKey(param *HandlerParam) (string, error)

func (*KmsAes128Plugin) Encrypt 

func (k *KmsAes128Plugin) Encrypt(param *HandlerParam) error

func (*KmsAes128Plugin) EncryptSecretKey 

func (k *KmsAes128Plugin) EncryptSecretKey(param *HandlerParam) (string, error)

func (*KmsAes128Plugin) GenerateSecretKey 

func (k *KmsAes128Plugin) GenerateSecretKey(param *HandlerParam) (string, error)

type KmsAes256Plugin 

type KmsAes256Plugin struct {
	// contains filtered or unexported fields
}

func (*KmsAes256Plugin) AlgorithmName 

func (k *KmsAes256Plugin) AlgorithmName() string

func (*KmsAes256Plugin) Decrypt 

func (k *KmsAes256Plugin) Decrypt(param *HandlerParam) error

func (*KmsAes256Plugin) DecryptSecretKey 

func (k *KmsAes256Plugin) DecryptSecretKey(param *HandlerParam) (string, error)

func (*KmsAes256Plugin) Encrypt 

func (k *KmsAes256Plugin) Encrypt(param *HandlerParam) error

func (*KmsAes256Plugin) EncryptSecretKey 

func (k *KmsAes256Plugin) EncryptSecretKey(param *HandlerParam) (string, error)

func (*KmsAes256Plugin) GenerateSecretKey 

func (k *KmsAes256Plugin) GenerateSecretKey(param *HandlerParam) (string, error)

type KmsBasePlugin 

type KmsBasePlugin struct {
	// contains filtered or unexported fields
}

func (*KmsBasePlugin) AlgorithmName 

func (k *KmsBasePlugin) AlgorithmName() string

func (*KmsBasePlugin) Decrypt 

func (k *KmsBasePlugin) Decrypt(param *HandlerParam) error

func (*KmsBasePlugin) DecryptSecretKey 

func (k *KmsBasePlugin) DecryptSecretKey(param *HandlerParam) (string, error)

func (*KmsBasePlugin) Encrypt 

func (k *KmsBasePlugin) Encrypt(param *HandlerParam) error

func (*KmsBasePlugin) EncryptSecretKey 

func (k *KmsBasePlugin) EncryptSecretKey(param *HandlerParam) (string, error)

func (*KmsBasePlugin) GenerateSecretKey 

func (k *KmsBasePlugin) GenerateSecretKey(param *HandlerParam) (string, error)

type KmsClient 

type KmsClient struct {
	*dkms_transfer.KmsTransferClient
	// contains filtered or unexported fields
}

func NewKmsV1ClientWithAccessKey 

func NewKmsV1ClientWithAccessKey(regionId, ak, sk string) (*KmsClient, error)

func NewKmsV3ClientWithConfig 

func NewKmsV3ClientWithConfig(config *dkms_api.Config, caVerify string) (*KmsClient, error)

func (*KmsClient) Decrypt 

func (kmsClient *KmsClient) Decrypt(cipherContent string) (string, error)

func (*KmsClient) Encrypt 

func (kmsClient *KmsClient) Encrypt(content, keyId string) (string, error)

func (*KmsClient) GenerateDataKey 

func (kmsClient *KmsClient) GenerateDataKey(keyId, keySpec string) (string, string, error)

func (*KmsClient) GetKmsVersion 

func (kmsClient *KmsClient) GetKmsVersion() constant.KMSVersion

type KmsHandler 

type KmsHandler struct {
	// contains filtered or unexported fields
}

func (*KmsHandler) DecryptionHandler 

func (d *KmsHandler) DecryptionHandler(param *HandlerParam) error

func (*KmsHandler) EncryptionHandler 

func (d *KmsHandler) EncryptionHandler(param *HandlerParam) error

func (*KmsHandler) GetHandlerName 

func (d *KmsHandler) GetHandlerName() string

func (*KmsHandler) RegisterPlugin 

func (d *KmsHandler) RegisterPlugin(plugin Plugin) error

type Plugin 

type Plugin interface {
	Encrypt(*HandlerParam) error
	Decrypt(*HandlerParam) error
	AlgorithmName() string
	GenerateSecretKey(*HandlerParam) (string, error)
	EncryptSecretKey(*HandlerParam) (string, error)
	DecryptSecretKey(*HandlerParam) (string, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.