Documentation ¶
Index ¶
- func ListTablesSupportingRewrap() []string
- func RegisterTableRewrapFn(tableName string, rewrapFn RewrapFn)
- func TestKmsDeleteAllKeys(t testing.TB, conn *db.DB)
- func TestKmsDeleteKeyPurpose(t testing.TB, conn *db.DB, purpose KeyPurpose)
- type DataKeyVersionDestructionJob
- type DataKeyVersionDestructionJobProgress
- type DataKeyVersionDestructionJobRun
- type DataKeyVersionDestructionJobRunAllowedTableName
- type ExternalWrappers
- type GetWrapperer
- type KeyPurpose
- type Kms
- func (k *Kms) AddExternalWrappers(ctx context.Context, opt ...Option) error
- func (k *Kms) CreateKeys(ctx context.Context, scopeId string, opt ...Option) error
- func (k *Kms) DestroyKeyVersion(ctx context.Context, scopeId string, keyVersionId string, _ ...Option) (bool, error)
- func (k *Kms) GetDerivedPurposeCache() *sync.Map
- func (k *Kms) GetExternalWrappers(ctx context.Context) *ExternalWrappers
- func (k *Kms) GetWrapper(ctx context.Context, scopeId string, purpose KeyPurpose, opt ...Option) (wrapping.Wrapper, error)
- func (k *Kms) ListDataKeyVersionDestructionJobs(ctx context.Context, scopeId string, _ ...Option) ([]*DataKeyVersionDestructionJobProgress, error)
- func (k *Kms) ListDataKeyVersionReferencers(ctx context.Context, opt ...Option) ([]string, error)
- func (k *Kms) ListKeys(ctx context.Context, scopeId string, _ ...Option) ([]wrappingKms.Key, error)
- func (k *Kms) MonitorDataKeyVersionDestruction(ctx context.Context) error
- func (k *Kms) MonitorTableRewrappingRuns(ctx context.Context, tableName string, _ ...Option) (retErr error)
- func (k *Kms) ReconcileKeys(ctx context.Context, randomReader io.Reader, opt ...Option) error
- func (k *Kms) RotateKeys(ctx context.Context, scopeId string, opt ...Option) error
- func (k *Kms) VerifyGlobalRoot(ctx context.Context) error
- type MockGetWrapperer
- type MockWrapper
- func (w *MockWrapper) Decrypt(ctx context.Context, ciphertext *wrapping.BlobInfo, options ...wrapping.Option) ([]byte, error)
- func (w *MockWrapper) Encrypt(ctx context.Context, plaintext []byte, options ...wrapping.Option) (*wrapping.BlobInfo, error)
- func (w *MockWrapper) KeyId(ctx context.Context) (string, error)
- func (w *MockWrapper) SetConfig(ctx context.Context, options ...wrapping.Option) (*wrapping.WrapperConfig, error)
- func (w *MockWrapper) Type(ctx context.Context) (wrapping.WrapperType, error)
- type Option
- func WithKeyId(keyId string) Option
- func WithLimit(limit int) Option
- func WithOrderByVersion(orderBy db.OrderBy) Option
- func WithRandomReader(randomReader io.Reader) Option
- func WithReaderWriter(r db.Reader, w db.Writer) Option
- func WithRecoveryWrapper(w wrapping.Wrapper) Option
- func WithRewrap(enableRewrap bool) Option
- func WithRootWrapper(w wrapping.Wrapper) Option
- func WithScopeIds(scopeId ...string) Option
- func WithWorkerAuthStorageWrapper(w wrapping.Wrapper) Option
- func WithWorkerAuthWrapper(w wrapping.Wrapper) Option
- type RewrapFn
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ListTablesSupportingRewrap ¶ added in v0.11.1
func ListTablesSupportingRewrap() []string
ListTablesSupportingRewrap lists all the table names registered with a rewrap function
func RegisterTableRewrapFn ¶ added in v0.11.1
RegisterTableRewrapFn registers a function to be used to rewrap data in a specific table with a new key
func TestKmsDeleteAllKeys ¶ added in v0.9.0
TestKmsDeleteAllKeys allows you to delete all the keys for testing.
func TestKmsDeleteKeyPurpose ¶ added in v0.9.0
func TestKmsDeleteKeyPurpose(t testing.TB, conn *db.DB, purpose KeyPurpose)
TestKmsDeleteKeyPurpose allows you to delete a KeyPurpose for testing.
Types ¶
type DataKeyVersionDestructionJob ¶ added in v0.11.1
type DataKeyVersionDestructionJob struct {
*store.DataKeyVersionDestructionJob
}
DataKeyVersionDestructionJob is used to read and write data key version destruction jobs in the DB.
func (*DataKeyVersionDestructionJob) Clone ¶ added in v0.11.1
func (c *DataKeyVersionDestructionJob) Clone() *DataKeyVersionDestructionJob
Clone a DataKeyVersionDestructionJob
func (*DataKeyVersionDestructionJob) TableName ¶ added in v0.11.1
func (k *DataKeyVersionDestructionJob) TableName() string
type DataKeyVersionDestructionJobProgress ¶ added in v0.11.1
type DataKeyVersionDestructionJobProgress struct {
*store.DataKeyVersionDestructionJobProgress
}
DataKeyVersionDestructionJobProgress is used to read data key version destruction job progress from the DB.
func (*DataKeyVersionDestructionJobProgress) Clone ¶ added in v0.11.1
func (c *DataKeyVersionDestructionJobProgress) Clone() *DataKeyVersionDestructionJobProgress
Clone an DataKeyVersionDestructionJob
func (*DataKeyVersionDestructionJobProgress) TableName ¶ added in v0.11.1
func (k *DataKeyVersionDestructionJobProgress) TableName() string
type DataKeyVersionDestructionJobRun ¶ added in v0.11.1
type DataKeyVersionDestructionJobRun struct {
*store.DataKeyVersionDestructionJobRun
}
DataKeyVersionDestructionJobRun is used to read and write data key version destruction job runs in the DB.
func (*DataKeyVersionDestructionJobRun) Clone ¶ added in v0.11.1
func (c *DataKeyVersionDestructionJobRun) Clone() *DataKeyVersionDestructionJobRun
Clone a DataKeyVersionDestructionJobRun
func (*DataKeyVersionDestructionJobRun) TableName ¶ added in v0.11.1
func (k *DataKeyVersionDestructionJobRun) TableName() string
type DataKeyVersionDestructionJobRunAllowedTableName ¶ added in v0.11.1
type DataKeyVersionDestructionJobRunAllowedTableName struct {
*store.DataKeyVersionDestructionJobRunAllowedTableName
}
DataKeyVersionDestructionJobRunAllowedTableName is used to read the names of tables that reference the data key version.
func (*DataKeyVersionDestructionJobRunAllowedTableName) Clone ¶ added in v0.11.1
func (c *DataKeyVersionDestructionJobRunAllowedTableName) Clone() *DataKeyVersionDestructionJobRunAllowedTableName
Clone an DataKeyVersionDestructionJob
func (*DataKeyVersionDestructionJobRunAllowedTableName) TableName ¶ added in v0.11.1
func (k *DataKeyVersionDestructionJobRunAllowedTableName) TableName() string
type ExternalWrappers ¶
type ExternalWrappers struct {
// contains filtered or unexported fields
}
ExternalWrappers holds wrappers defined outside of Boundary, e.g. in its configuration file.
func (*ExternalWrappers) Recovery ¶
func (e *ExternalWrappers) Recovery() wrapping.Wrapper
Recovery returns the wrapper for recovery operations
func (*ExternalWrappers) Root ¶
func (e *ExternalWrappers) Root() wrapping.Wrapper
Root returns the wrapper for root keys
func (*ExternalWrappers) WorkerAuth ¶
func (e *ExternalWrappers) WorkerAuth() wrapping.Wrapper
WorkerAuth returns the wrapper for worker authentication
type GetWrapperer ¶ added in v0.12.0
type GetWrapperer interface { // GetWrapper returns a wrapper for the given scope and purpose. GetWrapper(ctx context.Context, scopeId string, purpose KeyPurpose, opt ...Option) (wrapping.Wrapper, error) }
GetWrapperer defines (and constrains) the kms features required by the RewrapFn
type KeyPurpose ¶
type KeyPurpose uint
KeyPurpose allows an application to specify the reason they need a key; this is used to select which DEK to return
const ( // KeyPurposeUnknown is the default, and indicates that a correct purpose // wasn't specified KeyPurposeUnknown KeyPurpose = iota // KeyPurposeDatabase is used for general encryption needs for most values // in the database, excluding the oplog KeyPurposeDatabase // KeyPurposeOplog is used for oplogs KeyPurposeOplog // KeyPurposeRecovery is used for recovery access KeyPurposeRecovery // KeyPurposeWorkerAuth is used for worker auth KeyPurposeWorkerAuth // KeyPurposeWorkerAuthStorage is used for worker credential storage KeyPurposeWorkerAuthStorage // KeyPurposeTokens is used for token encryption KeyPurposeTokens // KeyPurposeSessions is used as a base key to derive session-specific encryption keys KeyPurposeSessions // KeyPurposeOidc is used for encrypting oidc states included in // authentication URLs KeyPurposeOidc // KeyPurposeAudit is used for audit operations KeyPurposeAudit // KeyPurposeRootKey is used as the root key KeyPurposeRootKey )
**************************************************************************** IMPORTANT: if you're adding a new KeyPurpose, you should consider whether or not existing scopes need this new type of key. If they do, then you may want to add the new key into kms.ReconcileKeys(...) ****************************************************************************
func ValidDekPurposes ¶ added in v0.9.0
func ValidDekPurposes() []KeyPurpose
ValidDekPurposes returns the current list of valid DEK key purposes
func (KeyPurpose) String ¶
func (k KeyPurpose) String() string
String returns the key purpose cast as a string, just so it can be called as a function instead of direct casting elsewhere, yw
type Kms ¶
type Kms struct {
// contains filtered or unexported fields
}
Kms is a way to access wrappers for a given scope and purpose. Since keys can never change, only be added or (eventually) removed, it opportunistically caches, going to the database as needed.
func New ¶ added in v0.9.0
New creates a Kms using the provided reader and writer. No options are currently supported.
func NewUsingReaderWriter ¶ added in v0.9.0
func NewUsingReaderWriter(ctx context.Context, reader db.Reader, writer db.Writer, _ ...Option) (*Kms, error)
NewUsingReaderWriter creates a Kms using the provided reader and writer. No options are currently supported.
func (*Kms) AddExternalWrappers ¶
AddExternalWrappers allows setting the external keys.
func (*Kms) CreateKeys ¶ added in v0.9.0
CreateKeys creates the root key and DEKs. Supports the WithRandomReader(...) and WithReaderWriter(...) options. When WithReaderWriter(...) is used the caller is responsible for managing the transaction which allows this capability to be shared with the iam repo when it's creating Scopes.
func (*Kms) DestroyKeyVersion ¶ added in v0.11.1
func (k *Kms) DestroyKeyVersion(ctx context.Context, scopeId string, keyVersionId string, _ ...Option) (bool, error)
DestroyKeyVersion starts the process of destroying a key version in the scope. If the key version is a KEK, this simply rewraps any existing DEK version's encrypted with the KEK and destroys the key version. If the key version is a DEK, this creates a key version destruction job, which will rewrap existing data and destroy the key asynchronously. As a special case, if the DEK currently encrypts no data, the DEK is immediately destroyed. The boolean return value indicates whether the key was immediately destroyed. Options are ignored.
func (*Kms) GetDerivedPurposeCache ¶ added in v0.2.0
GetDerivedPurposeCache returns the raw derived purpose cache
func (*Kms) GetExternalWrappers ¶
func (k *Kms) GetExternalWrappers(ctx context.Context) *ExternalWrappers
GetExternalWrappers returns the Kms' ExternalWrappers
func (*Kms) GetWrapper ¶
func (k *Kms) GetWrapper(ctx context.Context, scopeId string, purpose KeyPurpose, opt ...Option) (wrapping.Wrapper, error)
GetWrapper returns a wrapper for the given scope and purpose. When a keyId is passed, it will ensure that the returning wrapper has that key ID in the multiwrapper. This is not necessary for encryption but should be supplied for decryption.
func (*Kms) ListDataKeyVersionDestructionJobs ¶ added in v0.11.1
func (k *Kms) ListDataKeyVersionDestructionJobs(ctx context.Context, scopeId string, _ ...Option) ([]*DataKeyVersionDestructionJobProgress, error)
ListDataKeyVersionDestructionJobs lists any in-progress data key destruction jobs in the scope. Options are ignored.
func (*Kms) ListDataKeyVersionReferencers ¶ added in v0.11.1
ListDataKeyVersionReferencers will list the names of all tables referencing the private_id column of the data key version table. Supported options:
- WithReader (requires WithWriter)
- WithWriter (requires WithReader)
func (*Kms) MonitorDataKeyVersionDestruction ¶ added in v0.11.1
MonitorDataKeyVersionDestruction monitors any pending destruction jobs. If a job has finished rewrapping all rows, it will destroy the key version by calling RevokeKeyVersion on the underlying kms.
func (*Kms) MonitorTableRewrappingRuns ¶ added in v0.11.1
func (k *Kms) MonitorTableRewrappingRuns(ctx context.Context, tableName string, _ ...Option) (retErr error)
MonitorTableRewrappingRuns checks for pending rewrapping job runs for the specified table name, and attempts to execute each job run and start rewrapping data in the specified table. This may be a long running operation. Options are ignored.
func (*Kms) ReconcileKeys ¶ added in v0.7.0
ReconcileKeys will reconcile the keys in the kms against known possible issues. This function reconciles the global scope unless the WithScopeIds(...) option is provided
func (*Kms) RotateKeys ¶ added in v0.11.1
RotateKeys rotates all keys in a given scope. Options supported: withRandomReader, withRewrap, withReader, withWriter When withReader or withWriter is used, both must be passed and the caller will be responsible for managing the underlying db transactions.
type MockGetWrapperer ¶ added in v0.12.0
type MockGetWrapperer struct { // Kms is the underlying kms which is used to provide the mock's default // behavior Kms *Kms // GetErr is a mock value to return for the GetWrapper(...) operation GetErr error // ReturnWrapper is a mock value to return for the GetWrapper(...) operation ReturnWrapper wrapping.Wrapper }
MockGetWrapperer provides a mock for returning a set of mock values for a GetWrapperer
func (*MockGetWrapperer) GetWrapper ¶ added in v0.12.0
func (m *MockGetWrapperer) GetWrapper(ctx context.Context, scopeId string, purpose KeyPurpose, opt ...Option) (wrapping.Wrapper, error)
GetWrapper returns a wrapper for a given scope and purpose. Supports mock values: ReturnWrapper, GetErr
type MockWrapper ¶ added in v0.12.0
type MockWrapper struct { // Wrapper is the underlying wrapping.Wrapper which is used to provide the // mock's default behavior Wrapper wrapping.Wrapper // EncryptErr is a mock value to return for the Encrypt(...) operation EncryptErr error // DecryptErr is a mock value to return for the Decrypt(...) operation DecryptErr error // KeyIdErr is a mock value to return for the KeyId(...) operation KeyIdErr error // KeyIdReturned is a mock value to return for the KeyId(...) operation KeyIdReturned string }
MockWrapper provides a mock for returning a set of mock values for a Wrapper
func (*MockWrapper) Decrypt ¶ added in v0.12.0
func (w *MockWrapper) Decrypt(ctx context.Context, ciphertext *wrapping.BlobInfo, options ...wrapping.Option) ([]byte, error)
Decrypt decrypts the given byte slice and stores the resulting information in the returned byte slice. Mock values supported: DecryptErr
func (*MockWrapper) Encrypt ¶ added in v0.12.0
func (w *MockWrapper) Encrypt(ctx context.Context, plaintext []byte, options ...wrapping.Option) (*wrapping.BlobInfo, error)
/ Encrypt encrypts the given byte slice and stores the resulting information in the returned blob info. Mock values supported: EncryptErr
func (*MockWrapper) KeyId ¶ added in v0.12.0
func (w *MockWrapper) KeyId(ctx context.Context) (string, error)
KeyId is the id of the key currently used for encryption operations. Mock values supported: KeyIdErr, KeyIdReturned
func (*MockWrapper) SetConfig ¶ added in v0.12.0
func (w *MockWrapper) SetConfig(ctx context.Context, options ...wrapping.Option) (*wrapping.WrapperConfig, error)
SetConfig applies the given options to a wrapper and returns configuration information. No mock values supported.
func (*MockWrapper) Type ¶ added in v0.12.0
func (w *MockWrapper) Type(ctx context.Context) (wrapping.WrapperType, error)
Type of the wrapper. No mock values supported
type Option ¶
type Option func(*options)
Option - how Options are passed as arguments
func WithKeyId ¶
WithKeyId allows specifying a key ID that should be found in a scope's multiwrapper; if it is not found, keys will be refreshed
func WithLimit ¶
WithLimit provides an option to provide a limit. Intentionally allowing negative integers. If WithLimit < 0, then unlimited results are returned. If WithLimit == 0, then default limits are used for results.
func WithOrderByVersion ¶ added in v0.2.0
WithOrderByVersion provides an option to specify ordering by the CreateTime field.
func WithRandomReader ¶ added in v0.9.0
WithRandomReader(...) option allows an optional random reader to be provided. By default the reader from crypto/rand will be used.
func WithReaderWriter ¶ added in v0.9.0
WithReaderWriter allows the caller to pass an inflight transaction to be used for all database operations. If WithReaderWriter(...) is used, then the caller is responsible for managing the transaction. The purpose of the WithReaderWriter(...) option is to allow the caller to create the scope and all of its keys in the same transaction.
func WithRecoveryWrapper ¶
WithRecoveryWrapper sets the recovery wrapper for a given scope
func WithRewrap ¶ added in v0.11.1
WithRewrap allows for optionally specifying that the keys should be rewrapped.
func WithRootWrapper ¶
WithRootWrapper sets the external root wrapper for a given scope
func WithScopeIds ¶ added in v0.8.0
WithScopeIds allows the specifying of optional scope ids.
func WithWorkerAuthStorageWrapper ¶ added in v0.9.0
WithWorkerAuthStorageWrapper sets the external pki worker storage wrapper for a given scope
func WithWorkerAuthWrapper ¶
WithWorkerAuthWrapper sets the external worker authentication wrapper for a given scope