GO-2022-0381: Import of incorrectly embargoed keys could cause early publication in github.com/google/exposure-notifications-server

keyrotation

package

v0.15.1 Latest Latest Go to latest Published: Oct 29, 2020 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/exposure-notifications-server

Links

Open Source Insights

Documentation ¶

Overview ¶

Package keyrotation implements the API handlers for running key rotation jobs.

Index ¶

type Config
type Server
- func NewServer(config *Config, env *serverenv.ServerEnv) (*Server, error)
- func (s *Server) Routes(ctx context.Context) *http.ServeMux

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	Database              database.Config
	SecretManager         secrets.Config
	ObservabilityExporter observability.Config
	RevisionToken         revision.Config
	KeyManager            keys.Config

	Port string `env:"PORT, default=8080"`

	// NewKeyPeriod is the duration after which we will rotate encryption keys. By default we
	// generate a new key every two weeks.
	NewKeyPeriod time.Duration `env:"NEW_KEY_PERIOD, default=168h"`

	// DeleteOldKeyPeriod is the duration after which it is safe to delete old keys.
	// We delete old data after two weeks after which it should be safe to also delete
	// the associated key - we default to 15d to buffer for potential timezones issues.
	DeleteOldKeyPeriod time.Duration `env:"DELETE_OLD_KEY_PERIOD, default=360h"`
}

Config represents the configuration and associated environment variables for the key rotation components.

func (*Config) DatabaseConfig ¶

func (c *Config) DatabaseConfig() *database.Config

func (*Config) KeyManagerConfig ¶ added in v0.3.0

func (c *Config) KeyManagerConfig() *keys.Config

func (*Config) ObservabilityExporterConfig ¶

func (c *Config) ObservabilityExporterConfig() *observability.Config

func (*Config) SecretManagerConfig ¶

func (c *Config) SecretManagerConfig() *secrets.Config

type Server ¶

type Server struct {
	// contains filtered or unexported fields
}

Server hosts end points to manage key rotation

func NewServer ¶

func NewServer(config *Config, env *serverenv.ServerEnv) (*Server, error)

NewServer creates a Server that manages deletion of old export files that are no longer needed by clients for download.

func (*Server) Routes ¶

func (s *Server) Routes(ctx context.Context) *http.ServeMux

Routes defines and returns the routes for this server.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL