Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MasterKeyFromEnv ¶
MasterKeyFromEnv creates a new instance of a local secret lock Reader to read a master key found in a env variable with key: `envPrefix` + `keyURI`.
func MasterKeyFromPath ¶
MasterKeyFromPath creates a new instance of a local secret lock Reader to read a master key stored in `path`.
func NewService ¶
func NewService(masterKeyReader io.Reader, secLock secretlock.Service) (secretlock.Service, error)
NewService creates a new instance of local secret lock service using a master key in masterKeyReader. If the masterKey is not protected (secLock=nil) this function will attempt to base64 URL Decode the content of masterKeyReader and if it fails, then will attempt to create a secret lock cipher with the raw key as is.
Types ¶
type Lock ¶
type Lock struct {
// contains filtered or unexported fields
}
Lock is a secret lock service responsible for encrypting keys using a master key.
func (*Lock) Decrypt ¶
func (s *Lock) Decrypt(keyURI string, req *secretlock.DecryptRequest) (*secretlock.DecryptResponse, error)
Decrypt a key in req using master key in the local secret lock service (keyURI is used for remote locks, it is ignored by this implementation).
func (*Lock) Encrypt ¶
func (s *Lock) Encrypt(keyURI string, req *secretlock.EncryptRequest) (*secretlock.EncryptResponse, error)
Encrypt a key in req using master key in the local secret lock service (keyURI is used for remote locks, it is ignored by this implementation).
Source Files
Directories