kms

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 8, 2023 License: MPL-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ListTablesSupportingRewrap added in v0.11.1

func ListTablesSupportingRewrap() []string

ListTablesSupportingRewrap lists all the table names registered with a rewrap function

func RegisterTableRewrapFn added in v0.11.1

func RegisterTableRewrapFn(tableName string, rewrapFn RewrapFn)

RegisterTableRewrapFn registers a function to be used to rewrap data in a specific table with a new key

func TestKmsDeleteAllKeys added in v0.9.0

func TestKmsDeleteAllKeys(t testing.TB, conn *db.DB)

TestKmsDeleteAllKeys allows you to delete all the keys for testing.

func TestKmsDeleteKeyPurpose added in v0.9.0

func TestKmsDeleteKeyPurpose(t testing.TB, conn *db.DB, purpose KeyPurpose)

TestKmsDeleteKeyPurpose allows you to delete a KeyPurpose for testing.

Types

type DataKeyVersionDestructionJob added in v0.11.1

type DataKeyVersionDestructionJob struct {
	*store.DataKeyVersionDestructionJob
}

DataKeyVersionDestructionJob is used to read and write data key version destruction jobs in the DB.

func (*DataKeyVersionDestructionJob) Clone added in v0.11.1

Clone a DataKeyVersionDestructionJob

func (*DataKeyVersionDestructionJob) TableName added in v0.11.1

func (k *DataKeyVersionDestructionJob) TableName() string

type DataKeyVersionDestructionJobProgress added in v0.11.1

type DataKeyVersionDestructionJobProgress struct {
	*store.DataKeyVersionDestructionJobProgress
}

DataKeyVersionDestructionJobProgress is used to read data key version destruction job progress from the DB.

func (*DataKeyVersionDestructionJobProgress) Clone added in v0.11.1

Clone an DataKeyVersionDestructionJob

func (*DataKeyVersionDestructionJobProgress) TableName added in v0.11.1

type DataKeyVersionDestructionJobRun added in v0.11.1

type DataKeyVersionDestructionJobRun struct {
	*store.DataKeyVersionDestructionJobRun
}

DataKeyVersionDestructionJobRun is used to read and write data key version destruction job runs in the DB.

func (*DataKeyVersionDestructionJobRun) Clone added in v0.11.1

Clone a DataKeyVersionDestructionJobRun

func (*DataKeyVersionDestructionJobRun) TableName added in v0.11.1

func (k *DataKeyVersionDestructionJobRun) TableName() string

type DataKeyVersionDestructionJobRunAllowedTableName added in v0.11.1

type DataKeyVersionDestructionJobRunAllowedTableName struct {
	*store.DataKeyVersionDestructionJobRunAllowedTableName
}

DataKeyVersionDestructionJobRunAllowedTableName is used to read the names of tables that reference the data key version.

func (*DataKeyVersionDestructionJobRunAllowedTableName) Clone added in v0.11.1

Clone an DataKeyVersionDestructionJob

func (*DataKeyVersionDestructionJobRunAllowedTableName) TableName added in v0.11.1

type ExternalWrappers

type ExternalWrappers struct {
	// contains filtered or unexported fields
}

ExternalWrappers holds wrappers defined outside of Boundary, e.g. in its configuration file.

func (*ExternalWrappers) Recovery

func (e *ExternalWrappers) Recovery() wrapping.Wrapper

Recovery returns the wrapper for recovery operations

func (*ExternalWrappers) Root

func (e *ExternalWrappers) Root() wrapping.Wrapper

Root returns the wrapper for root keys

func (*ExternalWrappers) WorkerAuth

func (e *ExternalWrappers) WorkerAuth() wrapping.Wrapper

WorkerAuth returns the wrapper for worker authentication

type GetWrapperer added in v0.12.0

type GetWrapperer interface {
	// GetWrapper returns a wrapper for the given scope and purpose.
	GetWrapper(ctx context.Context, scopeId string, purpose KeyPurpose, opt ...Option) (wrapping.Wrapper, error)
}

GetWrapperer defines (and constrains) the kms features required by the RewrapFn

type KeyPurpose

type KeyPurpose uint

KeyPurpose allows an application to specify the reason they need a key; this is used to select which DEK to return

const (
	// KeyPurposeUnknown is the default, and indicates that a correct purpose
	// wasn't specified
	KeyPurposeUnknown KeyPurpose = iota

	// KeyPurposeDatabase is used for general encryption needs for most values
	// in the database, excluding the oplog
	KeyPurposeDatabase

	// KeyPurposeOplog is used for oplogs
	KeyPurposeOplog

	// KeyPurposeRecovery is used for recovery access
	KeyPurposeRecovery

	// KeyPurposeWorkerAuth is used for worker auth
	KeyPurposeWorkerAuth

	// KeyPurposeWorkerAuthStorage is used for worker credential storage
	KeyPurposeWorkerAuthStorage

	// KeyPurposeTokens is used for token encryption
	KeyPurposeTokens

	// KeyPurposeSessions is used as a base key to derive session-specific encryption keys
	KeyPurposeSessions

	// KeyPurposeOidc is used for encrypting oidc states included in
	// authentication URLs
	KeyPurposeOidc

	// KeyPurposeAudit is used for audit operations
	KeyPurposeAudit

	// KeyPurposeRootKey is used as the root key
	KeyPurposeRootKey
)

**************************************************************************** IMPORTANT: if you're adding a new KeyPurpose, you should consider whether or not existing scopes need this new type of key. If they do, then you may want to add the new key into kms.ReconcileKeys(...) ****************************************************************************

func ValidDekPurposes added in v0.9.0

func ValidDekPurposes() []KeyPurpose

ValidDekPurposes returns the current list of valid DEK key purposes

func (KeyPurpose) String

func (k KeyPurpose) String() string

String returns the key purpose cast as a string, just so it can be called as a function instead of direct casting elsewhere, yw

type Kms

type Kms struct {
	// contains filtered or unexported fields
}

Kms is a way to access wrappers for a given scope and purpose. Since keys can never change, only be added or (eventually) removed, it opportunistically caches, going to the database as needed.

func New added in v0.9.0

func New(ctx context.Context, reader *db.Db, writer *db.Db, _ ...Option) (*Kms, error)

New creates a Kms using the provided reader and writer. No options are currently supported.

func NewUsingReaderWriter added in v0.9.0

func NewUsingReaderWriter(ctx context.Context, reader db.Reader, writer db.Writer, _ ...Option) (*Kms, error)

NewUsingReaderWriter creates a Kms using the provided reader and writer. No options are currently supported.

func TestKms

func TestKms(t testing.TB, conn *db.DB, rootWrapper wrapping.Wrapper) *Kms

TestKms creates a kms for testing.

func (*Kms) AddExternalWrappers

func (k *Kms) AddExternalWrappers(ctx context.Context, opt ...Option) error

AddExternalWrappers allows setting the external keys.

func (*Kms) CreateKeys added in v0.9.0

func (k *Kms) CreateKeys(ctx context.Context, scopeId string, opt ...Option) error

CreateKeys creates the root key and DEKs. Supports the WithRandomReader(...) and WithReaderWriter(...) options. When WithReaderWriter(...) is used the caller is responsible for managing the transaction which allows this capability to be shared with the iam repo when it's creating Scopes.

func (*Kms) DestroyKeyVersion added in v0.11.1

func (k *Kms) DestroyKeyVersion(ctx context.Context, scopeId string, keyVersionId string, _ ...Option) (bool, error)

DestroyKeyVersion starts the process of destroying a key version in the scope. If the key version is a KEK, this simply rewraps any existing DEK version's encrypted with the KEK and destroys the key version. If the key version is a DEK, this creates a key version destruction job, which will rewrap existing data and destroy the key asynchronously. As a special case, if the DEK currently encrypts no data, the DEK is immediately destroyed. The boolean return value indicates whether the key was immediately destroyed. Options are ignored.

func (*Kms) GetDerivedPurposeCache added in v0.2.0

func (k *Kms) GetDerivedPurposeCache() *sync.Map

GetDerivedPurposeCache returns the raw derived purpose cache

func (*Kms) GetExternalWrappers

func (k *Kms) GetExternalWrappers(ctx context.Context) *ExternalWrappers

GetExternalWrappers returns the Kms' ExternalWrappers

func (*Kms) GetWrapper

func (k *Kms) GetWrapper(ctx context.Context, scopeId string, purpose KeyPurpose, opt ...Option) (wrapping.Wrapper, error)

GetWrapper returns a wrapper for the given scope and purpose. When a keyId is passed, it will ensure that the returning wrapper has that key ID in the multiwrapper. This is not necessary for encryption but should be supplied for decryption.

func (*Kms) ListDataKeyVersionDestructionJobs added in v0.11.1

func (k *Kms) ListDataKeyVersionDestructionJobs(ctx context.Context, scopeId string, _ ...Option) ([]*DataKeyVersionDestructionJobProgress, error)

ListDataKeyVersionDestructionJobs lists any in-progress data key destruction jobs in the scope. Options are ignored.

func (*Kms) ListDataKeyVersionReferencers added in v0.11.1

func (k *Kms) ListDataKeyVersionReferencers(ctx context.Context, opt ...Option) ([]string, error)

ListDataKeyVersionReferencers will list the names of all tables referencing the private_id column of the data key version table. Supported options:

  • WithReader (requires WithWriter)
  • WithWriter (requires WithReader)

func (*Kms) ListKeys added in v0.11.1

func (k *Kms) ListKeys(ctx context.Context, scopeId string, _ ...Option) ([]wrappingKms.Key, error)

ListKeys lists all keys in the scope. Options are ignored.

func (*Kms) MonitorDataKeyVersionDestruction added in v0.11.1

func (k *Kms) MonitorDataKeyVersionDestruction(ctx context.Context) error

MonitorDataKeyVersionDestruction monitors any pending destruction jobs. If a job has finished rewrapping all rows, it will destroy the key version by calling RevokeKeyVersion on the underlying kms.

func (*Kms) MonitorTableRewrappingRuns added in v0.11.1

func (k *Kms) MonitorTableRewrappingRuns(ctx context.Context, tableName string, _ ...Option) (retErr error)

MonitorTableRewrappingRuns checks for pending rewrapping job runs for the specified table name, and attempts to execute each job run and start rewrapping data in the specified table. This may be a long running operation. Options are ignored.

func (*Kms) ReconcileKeys added in v0.7.0

func (k *Kms) ReconcileKeys(ctx context.Context, randomReader io.Reader, opt ...Option) error

ReconcileKeys will reconcile the keys in the kms against known possible issues. This function reconciles the global scope unless the WithScopeIds(...) option is provided

func (*Kms) RotateKeys added in v0.11.1

func (k *Kms) RotateKeys(ctx context.Context, scopeId string, opt ...Option) error

RotateKeys rotates all keys in a given scope. Options supported: withRandomReader, withRewrap, withReader, withWriter When withReader or withWriter is used, both must be passed and the caller will be responsible for managing the underlying db transactions.

func (*Kms) VerifyGlobalRoot added in v0.9.0

func (k *Kms) VerifyGlobalRoot(ctx context.Context) error

VerifyGlobalRoot will verify that the global root wrapper is reasonable.

type MockGetWrapperer added in v0.12.0

type MockGetWrapperer struct {
	// Kms is the underlying kms which is used to provide the mock's default
	// behavior
	Kms *Kms

	// GetErr is a mock value to return for the GetWrapper(...) operation
	GetErr error

	// ReturnWrapper is a mock value to return for the GetWrapper(...) operation
	ReturnWrapper wrapping.Wrapper
}

MockGetWrapperer provides a mock for returning a set of mock values for a GetWrapperer

func (*MockGetWrapperer) GetWrapper added in v0.12.0

func (m *MockGetWrapperer) GetWrapper(ctx context.Context, scopeId string, purpose KeyPurpose, opt ...Option) (wrapping.Wrapper, error)

GetWrapper returns a wrapper for a given scope and purpose. Supports mock values: ReturnWrapper, GetErr

type MockWrapper added in v0.12.0

type MockWrapper struct {
	// Wrapper is the underlying wrapping.Wrapper which is used to provide the
	// mock's default behavior
	Wrapper wrapping.Wrapper

	// EncryptErr is a mock value to return for the Encrypt(...) operation
	EncryptErr error

	// DecryptErr is a mock value to return for the Decrypt(...) operation
	DecryptErr error

	// KeyIdErr is a mock value to return for the KeyId(...) operation
	KeyIdErr error

	// KeyIdReturned is a mock value to return for the KeyId(...) operation
	KeyIdReturned string
}

MockWrapper provides a mock for returning a set of mock values for a Wrapper

func (*MockWrapper) Decrypt added in v0.12.0

func (w *MockWrapper) Decrypt(ctx context.Context, ciphertext *wrapping.BlobInfo, options ...wrapping.Option) ([]byte, error)

Decrypt decrypts the given byte slice and stores the resulting information in the returned byte slice. Mock values supported: DecryptErr

func (*MockWrapper) Encrypt added in v0.12.0

func (w *MockWrapper) Encrypt(ctx context.Context, plaintext []byte, options ...wrapping.Option) (*wrapping.BlobInfo, error)

/ Encrypt encrypts the given byte slice and stores the resulting information in the returned blob info. Mock values supported: EncryptErr

func (*MockWrapper) KeyId added in v0.12.0

func (w *MockWrapper) KeyId(ctx context.Context) (string, error)

KeyId is the id of the key currently used for encryption operations. Mock values supported: KeyIdErr, KeyIdReturned

func (*MockWrapper) SetConfig added in v0.12.0

func (w *MockWrapper) SetConfig(ctx context.Context, options ...wrapping.Option) (*wrapping.WrapperConfig, error)

SetConfig applies the given options to a wrapper and returns configuration information. No mock values supported.

func (*MockWrapper) Type added in v0.12.0

Type of the wrapper. No mock values supported

type Option

type Option func(*options)

Option - how Options are passed as arguments

func WithKeyId

func WithKeyId(keyId string) Option

WithKeyId allows specifying a key ID that should be found in a scope's multiwrapper; if it is not found, keys will be refreshed

func WithLimit

func WithLimit(limit int) Option

WithLimit provides an option to provide a limit. Intentionally allowing negative integers. If WithLimit < 0, then unlimited results are returned. If WithLimit == 0, then default limits are used for results.

func WithOrderByVersion added in v0.2.0

func WithOrderByVersion(orderBy db.OrderBy) Option

WithOrderByVersion provides an option to specify ordering by the CreateTime field.

func WithRandomReader added in v0.9.0

func WithRandomReader(randomReader io.Reader) Option

WithRandomReader(...) option allows an optional random reader to be provided. By default the reader from crypto/rand will be used.

func WithReaderWriter added in v0.9.0

func WithReaderWriter(r db.Reader, w db.Writer) Option

WithReaderWriter allows the caller to pass an inflight transaction to be used for all database operations. If WithReaderWriter(...) is used, then the caller is responsible for managing the transaction. The purpose of the WithReaderWriter(...) option is to allow the caller to create the scope and all of its keys in the same transaction.

func WithRecoveryWrapper

func WithRecoveryWrapper(w wrapping.Wrapper) Option

WithRecoveryWrapper sets the recovery wrapper for a given scope

func WithRewrap added in v0.11.1

func WithRewrap(enableRewrap bool) Option

WithRewrap allows for optionally specifying that the keys should be rewrapped.

func WithRootWrapper

func WithRootWrapper(w wrapping.Wrapper) Option

WithRootWrapper sets the external root wrapper for a given scope

func WithScopeIds added in v0.8.0

func WithScopeIds(scopeId ...string) Option

WithScopeIds allows the specifying of optional scope ids.

func WithWorkerAuthStorageWrapper added in v0.9.0

func WithWorkerAuthStorageWrapper(w wrapping.Wrapper) Option

WithWorkerAuthStorageWrapper sets the external pki worker storage wrapper for a given scope

func WithWorkerAuthWrapper

func WithWorkerAuthWrapper(w wrapping.Wrapper) Option

WithWorkerAuthWrapper sets the external worker authentication wrapper for a given scope

type RewrapFn added in v0.11.1

type RewrapFn func(ctx context.Context, dataKeyVersionId string, scopeId string, reader db.Reader, writer db.Writer, kms GetWrapperer) error

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL