multiwrapper

package
v0.7.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 4, 2022 License: MPL-2.0 Imports: 4 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrKeyNotFound = errors.New("given key ID not found")

Functions

This section is empty.

Types

type MultiWrapper 

type MultiWrapper struct {
	// contains filtered or unexported fields
}

MultiWrapper allows multiple wrappers to be used for decryption based on key ID. This allows for rotation of data by allowing data to be decrypted across multiple (possibly derived) wrappers and encrypted with the default. Functions on this type will likely panic if the wrapper is not created via NewMultiWrapper.

func NewMultiWrapper 

func NewMultiWrapper(base wrapping.Wrapper) *MultiWrapper

NewMultiWrapper creates a MultiWrapper and sets its encrypting wrapper to the one that is passed in. This function will panic if base is nil.

func (*MultiWrapper) AddWrapper 

func (m *MultiWrapper) AddWrapper(w wrapping.Wrapper) (added bool)

AddWrapper adds a wrapper to the MultiWrapper. For safety, it will refuse to overwrite an existing wrapper; use RemoveWrapper to remove that one first. The return parameter indicates if the wrapper was successfully added, that is, it will be false if an existing wrapper would have been overridden. If you want to change the encrypting wrapper, create a new MultiWrapper or call SetEncryptingWrapper. This function will panic if w is nil.

func (*MultiWrapper) Decrypt 

func (m *MultiWrapper) Decrypt(ctx context.Context, ct *wrapping.EncryptedBlobInfo, aad []byte) ([]byte, error)

Decrypt will use the embedded KeyID in the encrypted blob info to select which wrapper to use for decryption. If there is no key info it will attempt decryption with the current encryptor. It will return an ErrKeyNotFound if it cannot find a suitable key.

func (*MultiWrapper) Encrypt 

func (m *MultiWrapper) Encrypt(ctx context.Context, pt []byte, aad []byte) (*wrapping.EncryptedBlobInfo, error)

Encrypt encrypts using the current encryptor

func (*MultiWrapper) Finalize 

func (m *MultiWrapper) Finalize(context.Context) error

This does nothing; it's up to the user to initialize and finalize any given wrapper

func (*MultiWrapper) HMACKeyID 

func (m *MultiWrapper) HMACKeyID() string

HMACKeyID returns the HMACKeyID of the current encryptor

func (*MultiWrapper) Init 

func (m *MultiWrapper) Init(context.Context) error

This does nothing; it's up to the user to initialize and finalize any given wrapper

func (*MultiWrapper) KeyID 

func (m *MultiWrapper) KeyID() string

KeyID returns the KeyID of the current encryptor

func (*MultiWrapper) RemoveWrapper 

func (m *MultiWrapper) RemoveWrapper(keyID string) (removed bool)

RemoveWrapper removes a wrapper from the MultiWrapper, identified by key ID. It will not remove the encrypting wrapper; use SetEncryptingWrapper for that. Returns whether or not a wrapper was removed, which will always be true unless it was the base encryptor.

func (*MultiWrapper) SetEncryptingWrapper 

func (m *MultiWrapper) SetEncryptingWrapper(w wrapping.Wrapper) (success bool)

SetEncryptingWrapper resets the encrypting wrapper to the one passed in. It will also add the previous encrypting wrapper to the set of decrypting wrappers; it can then be removed via its key ID and RemoveWrapper if desired. It will panic if w is nil. It will return false (not successful) if the given key ID is already in use.

func (*MultiWrapper) Type 

func (m *MultiWrapper) Type() string

func (*MultiWrapper) WrapperForKeyID added in v0.5.14 

func (m *MultiWrapper) WrapperForKeyID(keyID string) wrapping.Wrapper

WrapperForKeyID returns the wrapper for the given keyID. Returns nil if no wrapper was found for the given key ID.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.