GO-2024-2703: Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output in github.com/kopia/kopia

encryption

package

v0.6.4 Latest Latest Go to latest Published: Sep 2, 2020 License: Apache-2.0 Imports: 14 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kopia/kopia

Links

Open Source Insights

Documentation ¶

Overview ¶

Package encryption manages content encryption algorithms.

Index ¶

Constants
func Register(name, description string, deprecated bool, newEncryptor EncryptorFactory)
func SupportedAlgorithms(includeDeprecated bool) []string
type Encryptor
- func CreateEncryptor(p Parameters) (Encryptor, error)
type EncryptorFactory
type Parameters

Constants ¶

View Source

const DefaultAlgorithm = "AES256-GCM-HMAC-SHA256"

DefaultAlgorithm is the name of the default encryption algorithm.

View Source

const DeprecatedNoneAlgorithm = "NONE"

DeprecatedNoneAlgorithm is the name of the algorithm that does not encrypt.

Variables ¶

This section is empty.

Functions ¶

func Register ¶

func Register(name, description string, deprecated bool, newEncryptor EncryptorFactory)

Register registers new encryption algorithm.

func SupportedAlgorithms ¶

func SupportedAlgorithms(includeDeprecated bool) []string

SupportedAlgorithms returns the names of the supported encryption methods

Types ¶

type Encryptor ¶

type Encryptor interface {
	// Encrypt appends the encrypted bytes corresponding to the given plaintext to a given slice.
	// Must not clobber the input slice and return ciphertext with additional padding and checksum.
	Encrypt(output, plainText, contentID []byte) ([]byte, error)

	// Decrypt appends the unencrypted bytes corresponding to the given ciphertext to a given slice.
	// Must not clobber the input slice. If IsAuthenticated() == true, Decrypt will perform
	// authenticity check before decrypting.
	Decrypt(output, cipherText, contentID []byte) ([]byte, error)

	// IsAuthenticated returns true if encryption is authenticated.
	// In this case Decrypt() is expected to perform authenticity check.
	IsAuthenticated() bool

	// IsDeprecated returns true if encryption is not recommended for new repositories.
	IsDeprecated() bool

	// MaxOverhead is the maximum number of bytes of overhead added by Encrypt()
	MaxOverhead() int
}

Encryptor performs encryption and decryption of contents of data.

func CreateEncryptor ¶

func CreateEncryptor(p Parameters) (Encryptor, error)

CreateEncryptor creates an Encryptor for given parameters.

type EncryptorFactory ¶

type EncryptorFactory func(p Parameters) (Encryptor, error)

EncryptorFactory creates new Encryptor for given parameters.

type Parameters ¶

type Parameters interface {
	GetEncryptionAlgorithm() string
	GetMasterKey() []byte
}

Parameters encapsulates all encryption parameters.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL