age

package
v1.15.15 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 24, 2024 License: MIT Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// Ext is the file extension for age encrypted secrets.
	Ext = "age"
	// IDFile is the name for age recipients.
	IDFile = ".age-recipients"
)

Variables

View Source
var (
	// OldIDFile is the old file name for the recipients.
	OldIDFile = ".age-ids"
	// OldKeyring is the old file name for the keyring.
	OldKeyring = filepath.Join(appdir.UserConfig(), "age-keyring.age")
)
View Source
var (

	// ErrNoSSHDir signals that no SSH dir was found. Callers
	// are usually expected to ignore this.
	ErrNoSSHDir = errors.New("no ssh directory")
)

Functions

func IdentityToRecipient added in v1.15.15

func IdentityToRecipient(id age.Identity) age.Recipient

func IsOnlyNative added in v1.14.0

func IsOnlyNative(ctx context.Context) bool

IsOnlyNative will return the value of the only native flag or the default (false).

func PassageIdFile added in v1.14.8

func PassageIdFile() string

PassageIdFile returns the location of the passage identities file.

func WithOnlyNative added in v1.14.0

func WithOnlyNative(ctx context.Context, at bool) context.Context

WithOnlyNative will return a context with the flag for only native set.

Types

type Age

type Age struct {
	// contains filtered or unexported fields
}

Age is an age backend.

func New

func New(ctx context.Context) (*Age, error)

New creates a new Age backend.

func (*Age) Concurrency added in v1.13.0

func (a *Age) Concurrency() int

Concurrency returns 1 for `age` since otherwise it prompts for the identity password for each worker.

func (*Age) Decrypt

func (a *Age) Decrypt(ctx context.Context, ciphertext []byte) ([]byte, error)

Decrypt will attempt to decrypt the given payload.

func (*Age) Encrypt

func (a *Age) Encrypt(ctx context.Context, plaintext []byte, recipients []string) ([]byte, error)

Encrypt will encrypt the given payload.

func (*Age) Ext

func (a *Age) Ext() string

Ext returns the extension.

func (*Age) FindIdentities

func (a *Age) FindIdentities(ctx context.Context, keys ...string) ([]string, error)

FindIdentities returns all usable identities (native only).

func (*Age) FindRecipients

func (a *Age) FindRecipients(ctx context.Context, search ...string) ([]string, error)

FindRecipients returns all list of usable recipient key IDs matching the search strings. For native age keys this is a no-op since they are self-contained (i.e. the ID is the full key already). But for SSH keys, especially GitHub indirections, an extra step is necessary.

func (*Age) Fingerprint

func (a *Age) Fingerprint(ctx context.Context, id string) string

Fingerprint returns the id.

func (*Age) FormatKey

func (a *Age) FormatKey(ctx context.Context, id, tpl string) string

FormatKey returns the key id.

func (*Age) GenerateIdentity

func (a *Age) GenerateIdentity(ctx context.Context, _ string, _ string, pw string) error

GenerateIdentity creates a new identity.

func (*Age) IDFile

func (a *Age) IDFile() string

IDFile return the recipients file.

func (*Age) Identities added in v1.14.0

func (a *Age) Identities(ctx context.Context) ([]age.Identity, error)

Identities returns all identities, used for decryption.

func (*Age) IdentityRecipients added in v1.14.0

func (a *Age) IdentityRecipients(ctx context.Context) ([]age.Recipient, error)

IdentityRecipients returns a slice of recipients derived from our identities. Since the identity file is encrypted we try to use a cached copy of the recipients derived from the identities.

func (*Age) Initialized

func (a *Age) Initialized(ctx context.Context) error

Initialized returns nil.

func (*Age) ListIdentities

func (a *Age) ListIdentities(ctx context.Context) ([]string, error)

ListIdentities lists all identities.

func (*Age) ListRecipients

func (a *Age) ListRecipients(context.Context) ([]string, error)

ListRecipients is not supported for the age backend.

func (*Age) Lock added in v1.12.0

func (a *Age) Lock()

Lock flushes the password cache.

func (*Age) Name

func (a *Age) Name() string

Name returns age.

func (*Age) ReadNamesFromKey

func (a *Age) ReadNamesFromKey(ctx context.Context, buf []byte) ([]string, error)

ReadNamesFromKey is not supported for the age backend.

func (*Age) RecipientIDs

func (a *Age) RecipientIDs(ctx context.Context, buf []byte) ([]string, error)

RecipientIDs is not supported for the age backend.

func (*Age) Version

func (a *Age) Version(ctx context.Context) semver.Version

Version returns the version of the age dependency being used.

type Keypair

type Keypair struct {
	Name     string `json:"name"`
	Email    string `json:"email"`
	Identity string `json:"identity"`
}

Keypair is a public / private keypair. Deprecated: Only used for backwards compatibility. Will be removed soon.

type Keyring

type Keyring []Keypair

Keyring is an age keyring. Deprecated: Only used for backwards compatibility. Will be removed soon.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL