Documentation ¶
Index ¶
- Constants
- func CloseVolume(volume, dataEngine string) error
- func DeviceEncryptionStatus(devicePath string) (mappedDevice, mapper string, err error)
- func EncryptVolume(devicePath, passphrase string, cryptoParams *EncryptParams) error
- func IsDeviceMappedToNullPath(device string) (bool, error)
- func IsDeviceOpen(device string) (bool, error)
- func OpenVolume(volume, dataEngine, devicePath, passphrase string) error
- func ResizeEncryptoDevice(volume, dataEngine, passphrase string) error
- func VolumeMapper(volume, dataEngine string) string
- type EncryptParams
Constants ¶
const ( CryptoKeyDefaultCipher = "aes-xts-plain64" CryptoKeyDefaultHash = "sha256" CryptoKeyDefaultSize = "256" CryptoDefaultPBKDF = "argon2i" // Luks2MinimalVolumeSize the minimal volume size for the LUKS2format encryption. // https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions // Section 10.10 What about the size of the LUKS2 header // The default size is 16MB Luks2MinimalVolumeSize = 16 * 1024 * 1024 )
Variables ¶
This section is empty.
Functions ¶
func CloseVolume ¶
CloseVolume closes encrypted volume so it can be detached.
func DeviceEncryptionStatus ¶
DeviceEncryptionStatus looks to identify if the passed device is a LUKS mapping and if so what the device is and the mapper name as used by LUKS. If not, just returns the original device and an empty string.
func EncryptVolume ¶
func EncryptVolume(devicePath, passphrase string, cryptoParams *EncryptParams) error
EncryptVolume encrypts provided device with LUKS.
func IsDeviceMappedToNullPath ¶ added in v1.6.3
IsDeviceMappedToNullPath determines if encrypted device is already open at a null path. The command 'cryptsetup status [crypted_device]' show "device: (null)"
func IsDeviceOpen ¶
IsDeviceOpen determines if encrypted device is already open.
func OpenVolume ¶
OpenVolume opens volume so that it can be used by the client. devicePath is the path of the volume on the host that will be opened for instance '/dev/longhorn/volume1'
func ResizeEncryptoDevice ¶ added in v1.4.0
func VolumeMapper ¶
VolumeMapper returns the path for mapped encrypted device.
Types ¶
type EncryptParams ¶ added in v1.4.0
type EncryptParams struct { KeyProvider string KeyCipher string KeyHash string KeySize string PBKDF string }
EncryptParams keeps the customized cipher options from the secret CR
func NewEncryptParams ¶ added in v1.4.0
func NewEncryptParams(keyProvider, keyCipher, keyHash, keySize, pbkdf string) *EncryptParams
func (*EncryptParams) GetKeyCipher ¶ added in v1.4.0
func (cp *EncryptParams) GetKeyCipher() string
func (*EncryptParams) GetKeyHash ¶ added in v1.4.0
func (cp *EncryptParams) GetKeyHash() string
func (*EncryptParams) GetKeySize ¶ added in v1.4.0
func (cp *EncryptParams) GetKeySize() string
func (*EncryptParams) GetPBKDF ¶ added in v1.4.0
func (cp *EncryptParams) GetPBKDF() string