crypto

package

v0.0.0-...-135b226 Latest Latest Go to latest Published: Sep 17, 2024 License: GPL-3.0 Imports: 23 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/comrade-coop/apocryph

Documentation ¶

Index ¶

Constants
Variables
func CreateCryptoConfig(args parsehelpers.EncArgs, descs []ocispec.Descriptor, pubKeys [][]byte) (encconfig.CryptoConfig, error)
func CreateDecryptCryptoConfig(args parsehelpers.EncArgs, descs []ocispec.Descriptor, ...) (encconfig.CryptoConfig, error)
func Crypt(ctx context.Context, client *containerd.Client, srcRawRef, targetRawRef string, ...) error
func DecryptWithKey(key *pb.Key, ciphertext []byte) ([]byte, error)
func EncryptWithKey(key *pb.Key, plaintext []byte) ([]byte, error)
func GetCryptoConfigKey(key *pb.Key) (encconfig.CryptoConfig, error)
func NewKey(keyType KeyType) (*pb.Key, error)
type KeyType

Constants ¶

View Source

const (
	KeyTypeEcdsaP256 = KeyType("ECDSAP256")
	KeyTypeRsa4096   = KeyType("RSA4096")
	KeyTypeAESGCM256 = KeyType("AESGCM256")
)

Variables ¶

View Source

var KeyTypeEncrypt = KeyTypeAESGCM256

Key type to use for general encryption (secret encryption) operations.

View Source

var KeyTypeOcicrypt = KeyTypeEcdsaP256

Key type to use for Ocicrypt (image encryption) operations.

Functions ¶

func CreateCryptoConfig ¶

func CreateCryptoConfig(args parsehelpers.EncArgs, descs []ocispec.Descriptor, pubKeys [][]byte) (encconfig.CryptoConfig, error)

CreateCryptoConfig from the list of recipient strings and list of key paths of private keys

func CreateDecryptCryptoConfig ¶

func CreateDecryptCryptoConfig(args parsehelpers.EncArgs, descs []ocispec.Descriptor, privKeysPasswords, privKeys [][]byte) (encconfig.CryptoConfig, error)

CreateCryptoConfig from the list of recipient strings and list of key paths of private keys

func Crypt ¶

func Crypt(ctx context.Context, client *containerd.Client, srcRawRef, targetRawRef string, encrypt bool, options types.ImageCryptOptions, pubKeys, prvKeys [][]byte, privKeysPasswords [][]byte) error

from containerd/nerdctl/pkg/cmd/image/crypt.go modified to take keys directly instead of reading them from the file system args used for ecryption/decryption

func DecryptWithKey ¶

func DecryptWithKey(key *pb.Key, ciphertext []byte) ([]byte, error)

Decrypt a given ciphertext with a key. Might not work with keys that are not of type KeyTypeEncrypt.

func EncryptWithKey ¶

func EncryptWithKey(key *pb.Key, plaintext []byte) ([]byte, error)

Encrypt a given plaintext with a key. Might not work with keys that are not of type KeyTypeEncrypt.

func GetCryptoConfigKey ¶

func GetCryptoConfigKey(key *pb.Key) (encconfig.CryptoConfig, error)

Get an OCI encconfig.CryptoConfig for a given key. Might not work if the key is not of type KeyTypeOcicrypt.

func NewKey ¶

func NewKey(keyType KeyType) (*pb.Key, error)

Generate a new pb.Key of the given type. Note that for public/private cryptography, this always return a private key.

Types ¶

type KeyType ¶

type KeyType string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL