Documentation ¶
Index ¶
- type CryptoConfig
- func CombineCryptoConfigs(ccs []CryptoConfig) CryptoConfig
- func DecryptWithGpgPrivKeys(gpgPrivKeys, gpgPrivKeysPwds [][]byte) (CryptoConfig, error)
- func DecryptWithKeyProvider(keyProviders [][]byte) (CryptoConfig, error)
- func DecryptWithPkcs11Yaml(pkcs11Config *pkcs11.Pkcs11Config, pkcs11Yamls [][]byte) (CryptoConfig, error)
- func DecryptWithPrivKeys(privKeys [][]byte, privKeysPasswords [][]byte) (CryptoConfig, error)
- func DecryptWithX509s(x509s [][]byte) (CryptoConfig, error)
- func EncryptWithGpg(gpgRecipients [][]byte, gpgPubRingFile []byte) (CryptoConfig, error)
- func EncryptWithJwe(pubKeys [][]byte) (CryptoConfig, error)
- func EncryptWithKeyProvider(keyProviders [][]byte) (CryptoConfig, error)
- func EncryptWithPkcs11(pkcs11Config *pkcs11.Pkcs11Config, pkcs11Pubkeys, pkcs11Yamls [][]byte) (CryptoConfig, error)
- func EncryptWithPkcs7(x509s [][]byte) (CryptoConfig, error)
- func InitDecryption(dcparameters map[string][][]byte) CryptoConfig
- func InitEncryption(parameters, dcparameters map[string][][]byte) CryptoConfig
- type DecryptConfig
- type EncryptConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CryptoConfig ¶
type CryptoConfig struct { EncryptConfig *EncryptConfig DecryptConfig *DecryptConfig }
CryptoConfig is a common wrapper for EncryptConfig and DecrypConfig that can be passed through functions that share much code for encryption and decryption
func CombineCryptoConfigs ¶
func CombineCryptoConfigs(ccs []CryptoConfig) CryptoConfig
CombineCryptoConfigs takes a CryptoConfig list and creates a single CryptoConfig containing the crypto configuration of all the key bundles
func DecryptWithGpgPrivKeys ¶
func DecryptWithGpgPrivKeys(gpgPrivKeys, gpgPrivKeysPwds [][]byte) (CryptoConfig, error)
DecryptWithGpgPrivKeys returns a CryptoConfig to decrypt with configured gpg private keys
func DecryptWithKeyProvider ¶
func DecryptWithKeyProvider(keyProviders [][]byte) (CryptoConfig, error)
DecryptWithKeyProvider returns a CryptoConfig to decrypt with configured keyprovider parameters
func DecryptWithPkcs11Yaml ¶
func DecryptWithPkcs11Yaml(pkcs11Config *pkcs11.Pkcs11Config, pkcs11Yamls [][]byte) (CryptoConfig, error)
DecryptWithPkcs11Yaml returns a CryptoConfig to decrypt with pkcs11 YAML formatted key files
func DecryptWithPrivKeys ¶
func DecryptWithPrivKeys(privKeys [][]byte, privKeysPasswords [][]byte) (CryptoConfig, error)
DecryptWithPrivKeys returns a CryptoConfig to decrypt with configured private keys
func DecryptWithX509s ¶
func DecryptWithX509s(x509s [][]byte) (CryptoConfig, error)
DecryptWithX509s returns a CryptoConfig to decrypt with configured x509 certs
func EncryptWithGpg ¶
func EncryptWithGpg(gpgRecipients [][]byte, gpgPubRingFile []byte) (CryptoConfig, error)
EncryptWithGpg returns a CryptoConfig to encrypt with configured gpg parameters
func EncryptWithJwe ¶
func EncryptWithJwe(pubKeys [][]byte) (CryptoConfig, error)
EncryptWithJwe returns a CryptoConfig to encrypt with jwe public keys
func EncryptWithKeyProvider ¶
func EncryptWithKeyProvider(keyProviders [][]byte) (CryptoConfig, error)
EncryptWithKeyProvider returns a CryptoConfig to encrypt with configured keyprovider parameters
func EncryptWithPkcs11 ¶
func EncryptWithPkcs11(pkcs11Config *pkcs11.Pkcs11Config, pkcs11Pubkeys, pkcs11Yamls [][]byte) (CryptoConfig, error)
EncryptWithPkcs11 returns a CryptoConfig to encrypt with configured pkcs11 parameters
func EncryptWithPkcs7 ¶
func EncryptWithPkcs7(x509s [][]byte) (CryptoConfig, error)
EncryptWithPkcs7 returns a CryptoConfig to encrypt with pkcs7 x509 certs
func InitDecryption ¶
func InitDecryption(dcparameters map[string][][]byte) CryptoConfig
InitDecryption initialized a CryptoConfig object with parameters used for decryption
func InitEncryption ¶
func InitEncryption(parameters, dcparameters map[string][][]byte) CryptoConfig
InitEncryption initializes a CryptoConfig object with parameters used for encryption It also takes dcparameters that may be needed for decryption when adding a recipient to an already encrypted image
type DecryptConfig ¶
type DecryptConfig struct { // map holding 'privkeys', 'x509s', 'gpg-privatekeys' Parameters map[string][][]byte }
DecryptConfig wraps the Parameters map that holds the decryption key
type EncryptConfig ¶
type EncryptConfig struct { // map holding 'gpg-recipients', 'gpg-pubkeyringfile', 'pubkeys', 'x509s' Parameters map[string][][]byte DecryptConfig DecryptConfig }
EncryptConfig is the container image PGP encryption configuration holding the identifiers of those that will be able to decrypt the container and the PGP public keyring file data that contains their public keys.
func (*EncryptConfig) AttachDecryptConfig ¶
func (ec *EncryptConfig) AttachDecryptConfig(dc *DecryptConfig)
AttachDecryptConfig adds DecryptConfig to the field of EncryptConfig so that the decryption parameters can be used to add recipients to an existing image if the user is able to decrypt it.