keyloader

package
v0.0.0-...-8843776 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 17, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	KeystoreStrategyEnvMasterKey            = "env_master_key"
	KeystoreStrategyKMSMasterKey            = "kms_encrypted_master_key"
	KeystoreStrategyHashicorpVaultMasterKey = "vault_master_key"
	KeystoreStrategyKMSPerClient            = "kms_per_client"
)

represent all possible keystore strategies

Variables

View Source 
var (
	// ErrKeyEncryptorFabricNotFound represent an error of missing KeyEncryptorFabric in registry
	ErrKeyEncryptorFabricNotFound = errors.New("KeyEncryptorFabric not found by strategy")
)
View Source 
var SupportedKeystoreStrategies = []string{
	KeystoreStrategyEnvMasterKey,
	KeystoreStrategyKMSMasterKey,
	KeystoreStrategyHashicorpVaultMasterKey,
	KeystoreStrategyKMSPerClient,
}

SupportedKeystoreStrategies contains all possible values for flag `--keystore_encryption_type`

Functions

func CreateKeyEncryptor 

func CreateKeyEncryptor(extractor *args.ServiceExtractor, prefix string) (keystore.KeyEncryptor, error)

CreateKeyEncryptor returns initialized keystore.KeyEncryptor interface depending on incoming keystoreStrategy

func CreateKeyEncryptorSuite 

func CreateKeyEncryptorSuite(extractor *args.ServiceExtractor, prefix string) (*crypto.KeyStoreSuite, error)

CreateKeyEncryptorSuite returns initialized crypto.KeyStoreSuite interface depending on incoming keystoreStrategy

func RegisterCLIParametersWithFlagSet 

func RegisterCLIParametersWithFlagSet(flags *flag.FlagSet, prefix, description string)

RegisterCLIParametersWithFlagSet keyloader related flags

func RegisterKeyEncryptorFabric 

func RegisterKeyEncryptorFabric(strategy string, keyEncryptorFabric KeyEncryptorFabric)

RegisterKeyEncryptorFabric add new kms MasterKeyLoader to registry

func RegisterKeyStoreStrategyParameters 

func RegisterKeyStoreStrategyParameters()

RegisterKeyStoreStrategyParameters register flags for all fabrics with CommandLine flags

func RegisterKeyStoreStrategyParametersWithFlags 

func RegisterKeyStoreStrategyParametersWithFlags(flag *flag.FlagSet, prefix, description string)

RegisterKeyStoreStrategyParametersWithFlags register flags for all fabrics

Types

type CLIOptions 

type CLIOptions struct {
	KeystoreEncryptorType string
}

CLIOptions keep command-line options related to KMS ACRA_MASTER_KEY loading.

func ParseCLIOptions 

func ParseCLIOptions(extractor *args.ServiceExtractor) *CLIOptions

ParseCLIOptions parse registered flag.CommandLine CLIOptions

func ParseCLIOptionsFromFlags 

func ParseCLIOptionsFromFlags(extractor *args.ServiceExtractor, prefix string) *CLIOptions

ParseCLIOptionsFromFlags parse registered CLIOptions

type KeyEncryptorFabric 

type KeyEncryptorFabric interface {
	RegisterCLIParameters(flags *flag.FlagSet, prefix, description string)
	NewKeyEncryptor(extractor *args.ServiceExtractor, prefix string) (keystore.KeyEncryptor, error)
	NewKeyEncryptorSuite(extractor *args.ServiceExtractor, prefix string) (*crypto.KeyStoreSuite, error)
	GetKeyMapper() base.KeyMapper
}

KeyEncryptorFabric represent Fabric interface for constructing keystore.KeyEncryptor for v1 keystore and crypto.KeyStoreSuite for v2

type MasterKeyLoader 

type MasterKeyLoader interface {
	LoadMasterKey() (key []byte, err error)
	LoadMasterKeys() (encryption []byte, signature []byte, err error)
}

MasterKeyLoader interface for loading ACRA_MASTER_KEYs from different sources.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.