ukms

package module

v2.10.0 Latest Latest Go to latest Published: Jun 14, 2023 License: MPL-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hxfs/go-kms-wrapping

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func WithLogger(with hclog.Logger) wrapping.Option
type KMSClient
type OptionFunc
type Wrapper
- func NewWrapper() *Wrapper

Constants ¶

View Source

const (
	EnvUCloudKmsWrapperKeyId   = "UCLOUDKMS_WRAPPER_KEY_ID"
	EnvVaultUCloudKmsSealKeyId = "VAULT_UCLOUDKMS_SEAL_KEY_ID"
)

These constants contain the accepted env vars; the Vault one is for backwards compat

Variables ¶

This section is empty.

Functions ¶

func WithLogger ¶

func WithLogger(with hclog.Logger) wrapping.Option

WithLogger provides a way to pass in a logger

Types ¶

type KMSClient ¶

type KMSClient struct {
	// contains filtered or unexported fields
}

type OptionFunc ¶

type OptionFunc func(*options) error

OptionFunc holds a function with local options

type Wrapper ¶

type Wrapper struct {
	// contains filtered or unexported fields
}

Wrapper is a Wrapper that uses AliCloud's KMS

func NewWrapper ¶

func NewWrapper() *Wrapper

NewWrapper creates a new AliCloud Wrapper

func (*Wrapper) Decrypt ¶

func (k *Wrapper) Decrypt(_ context.Context, in *wrapping.BlobInfo, opt ...wrapping.Option) ([]byte, error)

Decrypt is used to decrypt the ciphertext. This should be called after Init.

func (*Wrapper) Encrypt ¶

func (k *Wrapper) Encrypt(_ context.Context, plaintext []byte, opt ...wrapping.Option) (*wrapping.BlobInfo, error)

Encrypt is used to encrypt the master key using the the ucloud ukms. This returns the ciphertext, and/or any errors from this call. This should be called after the KMS client has been instantiated.

func (*Wrapper) KeyId ¶

func (k *Wrapper) KeyId(_ context.Context) (string, error)

KeyId returns the last known key id

func (*Wrapper) SetConfig ¶

func (k *Wrapper) SetConfig(_ context.Context, opt ...wrapping.Option) (*wrapping.WrapperConfig, error)

SetConfig sets the fields on the AliCloudKMSWrapper object based on values from the config parameter.

Order of precedence AliCloud values: * Environment variable * Value from Vault configuration file * Instance metadata role (access key and secret key)

func (*Wrapper) Type ¶

func (k *Wrapper) Type(_ context.Context) (wrapping.WrapperType, error)

Type returns the type for this particular wrapper implementation

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL