Documentation
¶
Overview ¶
Package database contains the management of interactions with the database for createion and storage of the wrapped keys that encrypet revision certificates.
RevisionKey data is stored in the revisionkeys table.
- The most recently created 'allowed' key is considered to be the effective key. The effective key is used to encrypt outgoing revision tokens.
- Any still 'allowed' key can be used to decrypt incoming revision tokens.
This package also supports the creation of new keys with a locally generated AES key that is encrypted using the provided KMS and stored in the database in it's encrypted form.
Index ¶
- type KMSConfig
- type RevisionDB
- func (rdb *RevisionDB) CreateRevisionKey(ctx context.Context) (*RevisionKey, error)
- func (rdb *RevisionDB) DestroyKey(ctx context.Context, keyID int64) error
- func (rdb *RevisionDB) GetAllowedRevisionKeyIDs(ctx context.Context) (int64, map[int64]struct{}, error)
- func (rdb *RevisionDB) GetAllowedRevisionKeys(ctx context.Context) (int64, []*RevisionKey, error)
- func (rdb *RevisionDB) GetEffectiveRevisionKey(ctx context.Context) (*RevisionKey, error)
- type RevisionKey
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type KMSConfig ¶
type KMSConfig struct {
WrapperKeyID string
KeyManager keys.KeyManager
}
KMSConfig represents the configuration of the RevisionDB in terms how how it should utilize the given KeyManager for wrapping/unwrapping keys.
type RevisionDB ¶
type RevisionDB struct {
// contains filtered or unexported fields
}
RevisionDB wraps a database connection and provides functions for interacting with revision keys.
func New ¶
func New(db *database.DB, c *KMSConfig) (*RevisionDB, error)
New creates a new `RevisionDB`
func (*RevisionDB) CreateRevisionKey ¶
func (rdb *RevisionDB) CreateRevisionKey(ctx context.Context) (*RevisionKey, error)
CreateRevisionKey generates a new AES key and wraps it
func (*RevisionDB) DestroyKey ¶
func (rdb *RevisionDB) DestroyKey(ctx context.Context, keyID int64) error
DestroyKey zeros out the wrapped key and marks the key as allowed=false.
func (*RevisionDB) GetAllowedRevisionKeyIDs ¶
func (rdb *RevisionDB) GetAllowedRevisionKeyIDs(ctx context.Context) (int64, map[int64]struct{}, error)
GetAllowedRevisionKeyIDs returns just the IDs of still allowed keys. Once the keys have been unwrapped, there is no reason to continue to unwrap them.
The first return value is the ID of the currently effective key (most recently created, still active) The second return value is a map of the currently allowed keys for decryption
func (*RevisionDB) GetAllowedRevisionKeys ¶
func (rdb *RevisionDB) GetAllowedRevisionKeys(ctx context.Context) (int64, []*RevisionKey, error)
GetAllowedRevisionKeys returns all of the currently allowed revision keys. This method will unwrap all of the keys so that they can be used to create and verify revision tokens.
The first return value is the ID of the effective RevisionKey. The second is a slice of all currently allowed RevisionKeys for decryption purposes. The returned revision keys will be sorted in reverse time order by creation time.
func (*RevisionDB) GetEffectiveRevisionKey ¶
func (rdb *RevisionDB) GetEffectiveRevisionKey(ctx context.Context) (*RevisionKey, error)
GetEffectiveRevisionKey returns the revision key to use when encrypting revision tokens. This is consided the most recently created key that is still "allowed"
type RevisionKey ¶
type RevisionKey struct {
KeyID int64
AAD []byte // AAD for the wrapping/unwrapping of the cipher block.
WrappedCipher []byte
CreatedAt time.Time
Allowed bool
// The unwrapped cipher.
DEK []byte
}
RevisionKey represents an individual revision key.
func (*RevisionKey) KeyIDString ¶
func (r *RevisionKey) KeyIDString() string
KeyIDString returns the keyID as a string that can be used in the encoded revision tokens.
Source Files