The highest tagged major version is v2.

yandexcloudkms

package

v0.7.1 Latest Latest Go to latest Published: Mar 4, 2022 License: MPL-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hashicorp/go-kms-wrapping

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type Wrapper
- func NewWrapper(opts *wrapping.WrapperOptions) *Wrapper

Constants ¶

View Source

const (
	// Accepted env vars
	EnvYandexCloudOAuthToken            = "YANDEXCLOUD_OAUTH_TOKEN"
	EnvYandexCloudServiceAccountKeyFile = "YANDEXCLOUD_SERVICE_ACCOUNT_KEY_FILE"
	EnvYandexCloudKMSKeyID              = "YANDEXCLOUD_KMS_KEY_ID"

	// Accepted config parameters
	CfgYandexCloudOAuthToken            = "oauth_token"
	CfgYandexCloudServiceAccountKeyFile = "service_account_key_file"
	CfgYandexCloudKMSKeyID              = "kms_key_id"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Wrapper ¶

type Wrapper struct {
	// contains filtered or unexported fields
}

Wrapper represents credentials and key information for the KMS Key used to encryption and decryption

func NewWrapper ¶

func NewWrapper(opts *wrapping.WrapperOptions) *Wrapper

NewWrapper creates a new Yandex.Cloud wrapper

func (*Wrapper) Decrypt ¶

func (k *Wrapper) Decrypt(ctx context.Context, in *wrapping.EncryptedBlobInfo, aad []byte) (pt []byte, err error)

Decrypt is used to decrypt the ciphertext. This should be called after Init.

func (*Wrapper) Encrypt ¶

func (k *Wrapper) Encrypt(ctx context.Context, plaintext, aad []byte) (blob *wrapping.EncryptedBlobInfo, err error)

Encrypt is used to encrypt the master key using Yandex.Cloud symmetric key. This returns the ciphertext, and/or any errors from this call. This should be called after the KMS client has been instantiated.

func (*Wrapper) Finalize ¶

func (k *Wrapper) Finalize(_ context.Context) error

Finalize is called during shutdown. This is a no-op since Wrapper doesn't require any cleanup.

func (*Wrapper) HMACKeyID ¶

func (k *Wrapper) HMACKeyID() string

HMACKeyID returns the last known HMAC key id

func (*Wrapper) Init ¶

func (k *Wrapper) Init(_ context.Context) error

Init is called during core.Initialize. No-op at the moment.

func (*Wrapper) KeyID ¶

func (k *Wrapper) KeyID() string

KeyID returns the last known key id

func (*Wrapper) SetConfig ¶

func (k *Wrapper) SetConfig(config map[string]string) (map[string]string, error)

SetConfig sets the fields on the Wrapper object based on values from the config parameter.

Order of precedence Yandex.Cloud values: * Environment variable * Value from Vault configuration file * Compute Instance metadata

func (*Wrapper) Type ¶

func (k *Wrapper) Type() string

Type returns the wrapping type for this particular Wrapper implementation

Source Files ¶

View all Source files

yandexcloudkms.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL