Versions in this module Expand all Collapse all v1 v1.0.1 Jun 9, 2021 v1.0.0 Jun 9, 2021 Changes in this version + const EnvKMSAutoEncryption + const InsecureSealAlgorithm + const MetaAlgorithm + const MetaContext + const MetaDataEncryptionKey + const MetaIV + const MetaKeyID + const MetaMultipart + const MetaSealedKeyKMS + const MetaSealedKeyS3 + const MetaSealedKeySSEC + const SealAlgorithm + var ErrCustomerKeyMD5Mismatch = Errorf("The provided SSE-C key MD5 does not match the computed MD5 of the SSE-C key") + var ErrIncompatibleEncryptionMethod = Errorf("Server side encryption specified with both SSE-C and SSE-S3 headers") + var ErrInvalidCustomerAlgorithm = Errorf("The SSE-C algorithm is not supported") + var ErrInvalidCustomerKey = Errorf("The SSE-C client key is invalid") + var ErrInvalidEncryptionMethod = Errorf("The encryption method is not supported") + var ErrMissingCustomerKey = Errorf("The SSE-C request is missing the customer key") + var ErrMissingCustomerKeyMD5 = Errorf("The SSE-C request is missing the customer key MD5") + var ErrSecretKeyMismatch = Errorf("The secret key does not match the secret key used during upload") + var S3 = sses3 + var S3KMS = ssekms + var SSEC = ssec + var SSECopy = ssecCopy + func CreateMultipartMetadata(metadata map[string]string) map[string]string + func DecryptSinglePart(w io.Writer, offset, length int64, key ObjectKey) io.WriteCloser + func EncryptMultiPart(r io.Reader, partID int, key ObjectKey) io.Reader + func EncryptSinglePart(r io.Reader, key ObjectKey) io.Reader + func Errorf(format string, a ...interface{}) error + func GenerateIV(random io.Reader) (iv [32]byte) + func IsETagSealed(etag []byte) bool + func IsMultiPart(metadata map[string]string) bool + func IsSourceEncrypted(metadata map[string]string) bool + func LookupAutoEncryption() bool + func RemoveInternalEntries(metadata map[string]string) + func RemoveSSEHeaders(metadata map[string]string) + func RemoveSensitiveEntries(metadata map[string]string) + func RemoveSensitiveHeaders(h http.Header) + type Error struct + func (e Error) Error() string + func (e Error) Unwrap() error + type ObjectKey [32]byte + func GenerateKey(extKey []byte, random io.Reader) (key ObjectKey) + func (key *ObjectKey) Unseal(extKey []byte, sealedKey SealedKey, domain, bucket, object string) error + func (key ObjectKey) DerivePartKey(id uint32) (partKey [32]byte) + func (key ObjectKey) Seal(extKey []byte, iv [32]byte, domain, bucket, object string) SealedKey + func (key ObjectKey) SealETag(etag []byte) []byte + func (key ObjectKey) UnsealETag(etag []byte) ([]byte, error) + type SealedKey struct + Algorithm string + IV [32]byte + Key [64]byte + type Type interface + IsEncrypted func(map[string]string) bool + IsRequested func(http.Header) bool + func IsEncrypted(metadata map[string]string) (Type, bool) + func IsRequested(h http.Header) (Type, bool)