grant

package
v8.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 27, 2020 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func OpenPGPGrant 

func OpenPGPGrant(refs reference.Refs, public string, keyring *config.OpenPGPSecret) ([]byte, error)

OpenPGPGrant encrypts and signs a given reference

func OpenPGPReferenceV0 

func OpenPGPReferenceV0(grant []byte, keyring *config.OpenPGPSecret) (reference.Refs, error)

func OpenPGPReferenceV1 

func OpenPGPReferenceV1(grant []byte, keyring *config.OpenPGPSecret) (reference.Refs, error)

func OpenPGPReferenceV2 

func OpenPGPReferenceV2(grant []byte, keyring *config.OpenPGPSecret) (reference.Refs, error)

func PlaintextGrant 

func PlaintextGrant(refs reference.Refs) []byte

PlaintextGrant returns an encoded reference

func PlaintextReferenceV0 

func PlaintextReferenceV0(ciphertext []byte) reference.Refs

PlaintextReferenceV0 decodes the grant

func PlaintextReferenceV1 

func PlaintextReferenceV1(ciphertext []byte) reference.Refs

func PlaintextReferenceV2 

func PlaintextReferenceV2(ciphertext []byte) reference.Refs

func SymmetricGrant 

func SymmetricGrant(ref reference.Refs, secret []byte) ([]byte, error)

SymmetricGrant encrypts the given reference based on a secret read from the provider store

func SymmetricReferenceV0 

func SymmetricReferenceV0(ciphertext, secret []byte) (reference.Refs, error)

SymmetricReferenceV0 decrypts the given grant based on a passphrase read from the provider store TODO: deprecate after migration due to high memory overhead of scrypt

func SymmetricReferenceV1 

func SymmetricReferenceV1(ciphertext, secret []byte) (reference.Refs, error)

SymmetricReferenceV1 decrypts the given grant based on a secret read from the provider store

func SymmetricReferenceV2 

func SymmetricReferenceV2(ciphertext, secret []byte) (reference.Refs, error)

func Unseal 

func Unseal(secret config.SecretsManager, grt *Grant) (reference.Refs, error)

Unseal a Grant exposing its secret reference

Types

type Grant 

type Grant struct {
	// The grantSpec provides sufficient information to decrypt the reference
	// if hoard has access to the requisite secret
	Spec                 *Spec    `protobuf:"bytes,1,opt,name=Spec,json=spec,proto3" json:"spec"`
	EncryptedReferences  []byte   `protobuf:"bytes,2,opt,name=EncryptedReferences,json=encryptedreferences,proto3" json:"encryptedreferences"`
	Version              int32    `protobuf:"varint,3,opt,name=Version,json=version,proto3" json:"version"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func Seal 

func Seal(secret config.SecretsManager, refs reference.Refs, spec *Spec) (*Grant, error)

Seal this reference into a Grant as specified by Spec

func (*Grant) Descriptor 

func (*Grant) Descriptor() ([]byte, []int)

func (*Grant) GetEncryptedReferences 

func (m *Grant) GetEncryptedReferences() []byte

func (*Grant) GetSpec 

func (m *Grant) GetSpec() *Spec

func (*Grant) GetVersion 

func (m *Grant) GetVersion() int32

func (*Grant) ProtoMessage 

func (*Grant) ProtoMessage()

func (*Grant) Reset 

func (m *Grant) Reset()

func (*Grant) String 

func (m *Grant) String() string

func (*Grant) XXX_DiscardUnknown 

func (m *Grant) XXX_DiscardUnknown()

func (*Grant) XXX_Marshal 

func (m *Grant) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Grant) XXX_Merge 

func (m *Grant) XXX_Merge(src proto.Message)

func (*Grant) XXX_Size 

func (m *Grant) XXX_Size() int

func (*Grant) XXX_Unmarshal 

func (m *Grant) XXX_Unmarshal(b []byte) error

type OpenPGPSpec 

type OpenPGPSpec struct {
	PublicKey            string   `protobuf:"bytes,1,opt,name=PublicKey,json=publickey,proto3" json:"publickey"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*OpenPGPSpec) Descriptor 

func (*OpenPGPSpec) Descriptor() ([]byte, []int)

func (*OpenPGPSpec) GetPublicKey 

func (m *OpenPGPSpec) GetPublicKey() string

func (*OpenPGPSpec) ProtoMessage 

func (*OpenPGPSpec) ProtoMessage()

func (*OpenPGPSpec) Reset 

func (m *OpenPGPSpec) Reset()

func (*OpenPGPSpec) String 

func (m *OpenPGPSpec) String() string

func (*OpenPGPSpec) XXX_DiscardUnknown 

func (m *OpenPGPSpec) XXX_DiscardUnknown()

func (*OpenPGPSpec) XXX_Marshal 

func (m *OpenPGPSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*OpenPGPSpec) XXX_Merge 

func (m *OpenPGPSpec) XXX_Merge(src proto.Message)

func (*OpenPGPSpec) XXX_Size 

func (m *OpenPGPSpec) XXX_Size() int

func (*OpenPGPSpec) XXX_Unmarshal 

func (m *OpenPGPSpec) XXX_Unmarshal(b []byte) error

type PlaintextSpec 

type PlaintextSpec struct {
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*PlaintextSpec) Descriptor 

func (*PlaintextSpec) Descriptor() ([]byte, []int)

func (*PlaintextSpec) ProtoMessage 

func (*PlaintextSpec) ProtoMessage()

func (*PlaintextSpec) Reset 

func (m *PlaintextSpec) Reset()

func (*PlaintextSpec) String 

func (m *PlaintextSpec) String() string

func (*PlaintextSpec) XXX_DiscardUnknown 

func (m *PlaintextSpec) XXX_DiscardUnknown()

func (*PlaintextSpec) XXX_Marshal 

func (m *PlaintextSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PlaintextSpec) XXX_Merge 

func (m *PlaintextSpec) XXX_Merge(src proto.Message)

func (*PlaintextSpec) XXX_Size 

func (m *PlaintextSpec) XXX_Size() int

func (*PlaintextSpec) XXX_Unmarshal 

func (m *PlaintextSpec) XXX_Unmarshal(b []byte) error

type Spec 

type Spec struct {
	Plaintext            *PlaintextSpec `protobuf:"bytes,1,opt,name=Plaintext,json=plaintext,proto3" json:"plaintext"`
	Symmetric            *SymmetricSpec `protobuf:"bytes,2,opt,name=Symmetric,json=symmetric,proto3" json:"symmetric"`
	OpenPGP              *OpenPGPSpec   `protobuf:"bytes,3,opt,name=OpenPGP,json=openpgp,proto3" json:"openpgp"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

func (*Spec) Descriptor 

func (*Spec) Descriptor() ([]byte, []int)

func (*Spec) GetOpenPGP 

func (m *Spec) GetOpenPGP() *OpenPGPSpec

func (*Spec) GetPlaintext 

func (m *Spec) GetPlaintext() *PlaintextSpec

func (*Spec) GetSymmetric 

func (m *Spec) GetSymmetric() *SymmetricSpec

func (*Spec) ProtoMessage 

func (*Spec) ProtoMessage()

func (*Spec) Reset 

func (m *Spec) Reset()

func (*Spec) String 

func (m *Spec) String() string

func (*Spec) XXX_DiscardUnknown 

func (m *Spec) XXX_DiscardUnknown()

func (*Spec) XXX_Marshal 

func (m *Spec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Spec) XXX_Merge 

func (m *Spec) XXX_Merge(src proto.Message)

func (*Spec) XXX_Size 

func (m *Spec) XXX_Size() int

func (*Spec) XXX_Unmarshal 

func (m *Spec) XXX_Unmarshal(b []byte) error

type SymmetricSpec 

type SymmetricSpec struct {
	// A non-secret identifier for a secret that is 'known' to Hoard (accessible via store or config)
	PublicID             string   `protobuf:"bytes,1,opt,name=PublicID,json=publicid,proto3" json:"publicid"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*SymmetricSpec) Descriptor 

func (*SymmetricSpec) Descriptor() ([]byte, []int)

func (*SymmetricSpec) GetPublicID 

func (m *SymmetricSpec) GetPublicID() string

func (*SymmetricSpec) ProtoMessage 

func (*SymmetricSpec) ProtoMessage()

func (*SymmetricSpec) Reset 

func (m *SymmetricSpec) Reset()

func (*SymmetricSpec) String 

func (m *SymmetricSpec) String() string

func (*SymmetricSpec) XXX_DiscardUnknown 

func (m *SymmetricSpec) XXX_DiscardUnknown()

func (*SymmetricSpec) XXX_Marshal 

func (m *SymmetricSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SymmetricSpec) XXX_Merge 

func (m *SymmetricSpec) XXX_Merge(src proto.Message)

func (*SymmetricSpec) XXX_Size 

func (m *SymmetricSpec) XXX_Size() int

func (*SymmetricSpec) XXX_Unmarshal 

func (m *SymmetricSpec) XXX_Unmarshal(b []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.