crypto

package
v1.6.4-dev-20241117 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 15, 2024 License: Apache-2.0 Imports: 7 Imported by: 1

Documentation

Index

Constants

View Source
const (
	CryptoKeyDefaultCipher = "aes-xts-plain64"
	CryptoKeyDefaultHash   = "sha256"
	CryptoKeyDefaultSize   = "256"
	CryptoDefaultPBKDF     = "argon2i"

	// Luks2MinimalVolumeSize the minimal volume size for the LUKS2format encryption.
	//  https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions
	//  Section 10.10 What about the size of the LUKS2 header
	//  The default size is 16MB
	Luks2MinimalVolumeSize = 16 * 1024 * 1024
)

Variables

This section is empty.

Functions

func CloseVolume

func CloseVolume(volume string) error

CloseVolume closes encrypted volume so it can be detached.

func DeviceEncryptionStatus

func DeviceEncryptionStatus(devicePath string) (mappedDevice, mapper string, err error)

DeviceEncryptionStatus looks to identify if the passed device is a LUKS mapping and if so what the device is and the mapper name as used by LUKS. If not, just returns the original device and an empty string.

func EncryptVolume

func EncryptVolume(devicePath, passphrase string, cryptoParams *EncryptParams) error

EncryptVolume encrypts provided device with LUKS.

func IsDeviceMappedToNullPath added in v1.6.3

func IsDeviceMappedToNullPath(device string) (bool, error)

IsDeviceMappedToNullPath determines if encrypted device is already open at a null path. The command 'cryptsetup status [crypted_device]' show "device: (null)"

func IsDeviceOpen

func IsDeviceOpen(device string) (bool, error)

IsDeviceOpen determines if encrypted device is already open.

func OpenVolume

func OpenVolume(volume, devicePath, passphrase string) error

OpenVolume opens volume so that it can be used by the client.

func ResizeEncryptoDevice added in v1.4.0

func ResizeEncryptoDevice(volume, passphrase string) error

func VolumeMapper

func VolumeMapper(volume string) string

VolumeMapper returns the path for mapped encrypted device.

Types

type EncryptParams added in v1.4.0

type EncryptParams struct {
	KeyProvider string
	KeyCipher   string
	KeyHash     string
	KeySize     string
	PBKDF       string
}

EncryptParams keeps the customized cipher options from the secret CR

func NewEncryptParams added in v1.4.0

func NewEncryptParams(keyProvider, keyCipher, keyHash, keySize, pbkdf string) *EncryptParams

func (*EncryptParams) GetKeyCipher added in v1.4.0

func (cp *EncryptParams) GetKeyCipher() string

func (*EncryptParams) GetKeyHash added in v1.4.0

func (cp *EncryptParams) GetKeyHash() string

func (*EncryptParams) GetKeySize added in v1.4.0

func (cp *EncryptParams) GetKeySize() string

func (*EncryptParams) GetPBKDF added in v1.4.0

func (cp *EncryptParams) GetPBKDF() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL