blockcipher

package

v1.3.0-beta.1 Latest Latest Go to latest Published: Aug 9, 2019 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/galal-hussein/containerd

Documentation ¶

Index ¶

Constants
type AESSIVLayerBlockCipher
type LayerBlockCipher
- func NewAESSIVLayerBlockCipher(bits int) (LayerBlockCipher, error)
type LayerBlockCipherHandler
- func NewLayerBlockCipherHandler() (*LayerBlockCipherHandler, error)
- func (h *LayerBlockCipherHandler) Decrypt(encDataReader io.Reader, opt LayerBlockCipherOptions) (io.Reader, LayerBlockCipherOptions, error)
- func (h *LayerBlockCipherHandler) Encrypt(plainDataReader io.Reader, typ LayerCipherType) (io.Reader, LayerBlockCipherOptions, error)
type LayerBlockCipherOptions
type LayerCipherType

Constants ¶

View Source

const (
	AESSIVCMAC256 LayerCipherType = "AEAD_AES_SIV_CMAC_STREAM_256"
	AESSIVCMAC512 LayerCipherType = "AEAD_AES_SIV_CMAC_STREAM_512"
	CipherTypeOpt string          = "type"
)

TODO: Should be obtained from OCI spec once included

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AESSIVLayerBlockCipher ¶

type AESSIVLayerBlockCipher struct {
	// contains filtered or unexported fields
}

AESSIVLayerBlockCipher implements the AES SIV block cipher

func (*AESSIVLayerBlockCipher) Decrypt ¶

func (bc *AESSIVLayerBlockCipher) Decrypt(encDataReader io.Reader, opt LayerBlockCipherOptions) (io.Reader, LayerBlockCipherOptions, error)

Decrypt takes in layer ciphertext data and returns the plaintext and relevant LayerBlockCipherOptions

func (*AESSIVLayerBlockCipher) Encrypt ¶

func (bc *AESSIVLayerBlockCipher) Encrypt(plainDataReader io.Reader, opt LayerBlockCipherOptions) (io.Reader, LayerBlockCipherOptions, error)

Encrypt takes in layer data and returns the ciphertext and relevant LayerBlockCipherOptions

func (*AESSIVLayerBlockCipher) GenerateKey ¶

func (bc *AESSIVLayerBlockCipher) GenerateKey() []byte

GenerateKey creates a synmmetric key

type LayerBlockCipher ¶

type LayerBlockCipher interface {
	// GenerateKey creates a symmetric key
	GenerateKey() []byte
	// Encrypt takes in layer data and returns the ciphertext and relevant LayerBlockCipherOptions
	Encrypt(layerDataReader io.Reader, opt LayerBlockCipherOptions) (io.Reader, LayerBlockCipherOptions, error)
	// Decrypt takes in layer ciphertext data and returns the plaintext and relevant LayerBlockCipherOptions
	Decrypt(layerDataReader io.Reader, opt LayerBlockCipherOptions) (io.Reader, LayerBlockCipherOptions, error)
}

LayerBlockCipher returns a provider for encrypt/decrypt functionality for handling the layer data for a specific algorithm

func NewAESSIVLayerBlockCipher ¶

func NewAESSIVLayerBlockCipher(bits int) (LayerBlockCipher, error)

NewAESSIVLayerBlockCipher returns a new AES SIV block cipher of 256 or 512 bits

type LayerBlockCipherHandler ¶

type LayerBlockCipherHandler struct {
	// contains filtered or unexported fields
}

LayerBlockCipherHandler is the handler for encrypt/decrypt for layers

func NewLayerBlockCipherHandler ¶

func NewLayerBlockCipherHandler() (*LayerBlockCipherHandler, error)

NewLayerBlockCipherHandler returns a new default handler

func (*LayerBlockCipherHandler) Decrypt ¶

func (h *LayerBlockCipherHandler) Decrypt(encDataReader io.Reader, opt LayerBlockCipherOptions) (io.Reader, LayerBlockCipherOptions, error)

Decrypt is the handler for the layer decryption routine

func (*LayerBlockCipherHandler) Encrypt ¶

func (h *LayerBlockCipherHandler) Encrypt(plainDataReader io.Reader, typ LayerCipherType) (io.Reader, LayerBlockCipherOptions, error)

Encrypt is the handler for the layer decryption routine

type LayerBlockCipherOptions ¶

type LayerBlockCipherOptions struct {
	// SymmetricKey represents the symmetric key used for encryption/decryption
	// This field should be populated by Encrypt/Decrypt calls
	SymmetricKey []byte `json:"symkey"`

	// Digest is the digest of the original data for verification.
	// This is NOT populated by Encrypt/Decrypt calls
	Digest digest.Digest `json:"digest"`

	// CipherOptions contains the cipher metadata used for encryption/decryption
	// This field should be populated by Encrypt/Decrypt calls
	CipherOptions map[string][]byte `json:"cipheroptions"`
}

LayerBlockCipherOptions includes the information required to encrypt/decrypt an image

type LayerCipherType ¶

type LayerCipherType string

LayerCipherType is the ciphertype as specified in the layer metadata

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL