transit

package module
v2.0.12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 10, 2024 License: MPL-2.0 Imports: 12 Imported by: 8

Documentation

Index

Constants

View Source 
const (
	EnvTransitWrapperMountPath   = "TRANSIT_WRAPPER_MOUNT_PATH"
	EnvVaultTransitSealMountPath = "VAULT_TRANSIT_SEAL_MOUNT_PATH"

	EnvTransitWrapperKeyName   = "TRANSIT_WRAPPER_KEY_NAME"
	EnvVaultTransitSealKeyName = "VAULT_TRANSIT_SEAL_KEY_NAME"

	EnvTransitWrapperDisableRenewal   = "TRANSIT_WRAPPER_DISABLE_RENEWAL"
	EnvVaultTransitSealDisableRenewal = "VAULT_TRANSIT_SEAL_DISABLE_RENEWAL"
)

Variables

This section is empty.

Functions

func WithAddress 

func WithAddress(with string) wrapping.Option

WithAddress provides a way to choose the address

func WithDisableRenewal 

func WithDisableRenewal(with string) wrapping.Option

WithDisableRenewal provides a way to disable renewal

func WithKeyIdPrefix added in v2.0.8 

func WithKeyIdPrefix(with string) wrapping.Option

WithKeyIdPrefix specifies a prefix to prepend to the keyId (key version)

func WithKeyName 

func WithKeyName(with string) wrapping.Option

WithKeyName provides a way to choose the key name

func WithLogger 

func WithLogger(with hclog.Logger) wrapping.Option

WithLogger provides a way to pass in a logger

func WithMountPath 

func WithMountPath(with string) wrapping.Option

WithMountPath provides a way to choose the mount path

func WithNamespace 

func WithNamespace(with string) wrapping.Option

WithNamespace provides a way to choose the namespace

func WithTlsCaCert 

func WithTlsCaCert(with string) wrapping.Option

WithTlsCaCert provides a way to choose the CA cert

func WithTlsCaPath 

func WithTlsCaPath(with string) wrapping.Option

WithTlsCaPath provides a way to choose the CA path

func WithTlsClientCert 

func WithTlsClientCert(with string) wrapping.Option

WithTlsClientCert provides a way to choose the client cert

func WithTlsClientKey 

func WithTlsClientKey(with string) wrapping.Option

WithTlsClientKey provides a way to choose the client key

func WithTlsServerName 

func WithTlsServerName(with string) wrapping.Option

WithTlsServerName provides a way to choose the server name

func WithTlsSkipVerify 

func WithTlsSkipVerify(with bool) wrapping.Option

WithTlsSkipVerify provides a way to skip TLS verification

func WithToken 

func WithToken(with string) wrapping.Option

WithToken provides a way to choose the token

Types

type OptionFunc 

type OptionFunc func(*options) error

OptionFunc holds a function with local options

type TransitClient 

type TransitClient struct {
	// contains filtered or unexported fields
}

func (*TransitClient) Close 

func (c *TransitClient) Close()

func (*TransitClient) Decrypt 

func (c *TransitClient) Decrypt(ctx context.Context, ciphertext []byte) ([]byte, error)

func (*TransitClient) Encrypt 

func (c *TransitClient) Encrypt(ctx context.Context, plaintext []byte) ([]byte, error)

func (*TransitClient) GetApiClient 

func (c *TransitClient) GetApiClient() *api.Client

func (*TransitClient) GetMountPath 

func (c *TransitClient) GetMountPath() string

type Wrapper 

type Wrapper struct {
	// contains filtered or unexported fields
}

Wrapper is a wrapper that leverages Vault's Transit secret engine

func NewWrapper 

func NewWrapper() *Wrapper

NewWrapper creates a new transit wrapper

func (*Wrapper) Decrypt 

func (s *Wrapper) Decrypt(ctx context.Context, in *wrapping.BlobInfo, _ ...wrapping.Option) ([]byte, error)

Decrypt is used to decrypt the ciphertext

func (*Wrapper) Encrypt 

func (s *Wrapper) Encrypt(ctx context.Context, plaintext []byte, _ ...wrapping.Option) (*wrapping.BlobInfo, error)

Encrypt is used to encrypt using Vault's Transit engine

func (*Wrapper) Finalize 

func (s *Wrapper) Finalize(_ context.Context) error

Finalize is called during shutdown

func (*Wrapper) GetClient 

func (s *Wrapper) GetClient() transitClientEncryptor

GetClient returns the transit Wrapper's transitClientEncryptor

func (*Wrapper) Init 

func (s *Wrapper) Init(_ context.Context) error

Init is called during core.Initialize

func (*Wrapper) KeyId 

func (s *Wrapper) KeyId(_ context.Context) (string, error)

KeyId returns the last known key id

func (*Wrapper) SetConfig 

func (s *Wrapper) SetConfig(_ context.Context, opt ...wrapping.Option) (*wrapping.WrapperConfig, error)

SetConfig processes the config info from the server config

func (*Wrapper) Type 

func (s *Wrapper) Type(_ context.Context) (wrapping.WrapperType, error)

Type returns the type for this particular Wrapper implementation

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.