grant

package
v8.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2020 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func OpenPGPGrant

func OpenPGPGrant(refs reference.Refs, public string, keyring *config.OpenPGPSecret) ([]byte, error)

OpenPGPGrant encrypts and signs a given reference

func OpenPGPReferenceV0

func OpenPGPReferenceV0(grant []byte, keyring *config.OpenPGPSecret) (reference.Refs, error)

func OpenPGPReferenceV1

func OpenPGPReferenceV1(grant []byte, keyring *config.OpenPGPSecret) (reference.Refs, error)

func OpenPGPReferenceV2

func OpenPGPReferenceV2(grant []byte, keyring *config.OpenPGPSecret) (reference.Refs, error)

func PlaintextGrant

func PlaintextGrant(refs reference.Refs) []byte

PlaintextGrant returns an encoded reference

func PlaintextReferenceV0

func PlaintextReferenceV0(ciphertext []byte) reference.Refs

PlaintextReferenceV0 decodes the grant

func PlaintextReferenceV1

func PlaintextReferenceV1(ciphertext []byte) reference.Refs

func PlaintextReferenceV2

func PlaintextReferenceV2(ciphertext []byte) reference.Refs

func SymmetricGrant

func SymmetricGrant(ref reference.Refs, secret []byte) ([]byte, error)

SymmetricGrant encrypts the given reference based on a secret read from the provider store

func SymmetricReferenceV0

func SymmetricReferenceV0(ciphertext, secret []byte) (reference.Refs, error)

SymmetricReferenceV0 decrypts the given grant based on a passphrase read from the provider store TODO: deprecate after migration due to high memory overhead of scrypt

func SymmetricReferenceV1

func SymmetricReferenceV1(ciphertext, secret []byte) (reference.Refs, error)

SymmetricReferenceV1 decrypts the given grant based on a secret read from the provider store

func SymmetricReferenceV2

func SymmetricReferenceV2(ciphertext, secret []byte) (reference.Refs, error)

func Unseal

func Unseal(secret config.SecretsManager, grt *Grant) (reference.Refs, error)

Unseal a Grant exposing its secret reference

Types

type Grant

type Grant struct {
	// The grantSpec provides sufficient information to decrypt the reference
	// if hoard has access to the requisite secret
	Spec                 *Spec    `protobuf:"bytes,1,opt,name=Spec,json=spec,proto3" json:"spec"`
	EncryptedReferences  []byte   `protobuf:"bytes,2,opt,name=EncryptedReferences,json=encryptedreferences,proto3" json:"encryptedreferences"`
	Version              int32    `protobuf:"varint,3,opt,name=Version,json=version,proto3" json:"version"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func Seal

func Seal(secret config.SecretsManager, refs reference.Refs, spec *Spec) (*Grant, error)

Seal this reference into a Grant as specified by Spec

func (*Grant) Descriptor

func (*Grant) Descriptor() ([]byte, []int)

func (*Grant) GetEncryptedReferences

func (m *Grant) GetEncryptedReferences() []byte

func (*Grant) GetSpec

func (m *Grant) GetSpec() *Spec

func (*Grant) GetVersion

func (m *Grant) GetVersion() int32

func (*Grant) ProtoMessage

func (*Grant) ProtoMessage()

func (*Grant) Reset

func (m *Grant) Reset()

func (*Grant) String

func (m *Grant) String() string

func (*Grant) XXX_DiscardUnknown

func (m *Grant) XXX_DiscardUnknown()

func (*Grant) XXX_Marshal

func (m *Grant) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Grant) XXX_Merge

func (m *Grant) XXX_Merge(src proto.Message)

func (*Grant) XXX_Size

func (m *Grant) XXX_Size() int

func (*Grant) XXX_Unmarshal

func (m *Grant) XXX_Unmarshal(b []byte) error

type OpenPGPSpec

type OpenPGPSpec struct {
	PublicKey            string   `protobuf:"bytes,1,opt,name=PublicKey,json=publickey,proto3" json:"publickey"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*OpenPGPSpec) Descriptor

func (*OpenPGPSpec) Descriptor() ([]byte, []int)

func (*OpenPGPSpec) GetPublicKey

func (m *OpenPGPSpec) GetPublicKey() string

func (*OpenPGPSpec) ProtoMessage

func (*OpenPGPSpec) ProtoMessage()

func (*OpenPGPSpec) Reset

func (m *OpenPGPSpec) Reset()

func (*OpenPGPSpec) String

func (m *OpenPGPSpec) String() string

func (*OpenPGPSpec) XXX_DiscardUnknown

func (m *OpenPGPSpec) XXX_DiscardUnknown()

func (*OpenPGPSpec) XXX_Marshal

func (m *OpenPGPSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*OpenPGPSpec) XXX_Merge

func (m *OpenPGPSpec) XXX_Merge(src proto.Message)

func (*OpenPGPSpec) XXX_Size

func (m *OpenPGPSpec) XXX_Size() int

func (*OpenPGPSpec) XXX_Unmarshal

func (m *OpenPGPSpec) XXX_Unmarshal(b []byte) error

type PlaintextSpec

type PlaintextSpec struct {
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*PlaintextSpec) Descriptor

func (*PlaintextSpec) Descriptor() ([]byte, []int)

func (*PlaintextSpec) ProtoMessage

func (*PlaintextSpec) ProtoMessage()

func (*PlaintextSpec) Reset

func (m *PlaintextSpec) Reset()

func (*PlaintextSpec) String

func (m *PlaintextSpec) String() string

func (*PlaintextSpec) XXX_DiscardUnknown

func (m *PlaintextSpec) XXX_DiscardUnknown()

func (*PlaintextSpec) XXX_Marshal

func (m *PlaintextSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PlaintextSpec) XXX_Merge

func (m *PlaintextSpec) XXX_Merge(src proto.Message)

func (*PlaintextSpec) XXX_Size

func (m *PlaintextSpec) XXX_Size() int

func (*PlaintextSpec) XXX_Unmarshal

func (m *PlaintextSpec) XXX_Unmarshal(b []byte) error

type Spec

type Spec struct {
	Plaintext            *PlaintextSpec `protobuf:"bytes,1,opt,name=Plaintext,json=plaintext,proto3" json:"plaintext"`
	Symmetric            *SymmetricSpec `protobuf:"bytes,2,opt,name=Symmetric,json=symmetric,proto3" json:"symmetric"`
	OpenPGP              *OpenPGPSpec   `protobuf:"bytes,3,opt,name=OpenPGP,json=openpgp,proto3" json:"openpgp"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

func (*Spec) Descriptor

func (*Spec) Descriptor() ([]byte, []int)

func (*Spec) GetOpenPGP

func (m *Spec) GetOpenPGP() *OpenPGPSpec

func (*Spec) GetPlaintext

func (m *Spec) GetPlaintext() *PlaintextSpec

func (*Spec) GetSymmetric

func (m *Spec) GetSymmetric() *SymmetricSpec

func (*Spec) ProtoMessage

func (*Spec) ProtoMessage()

func (*Spec) Reset

func (m *Spec) Reset()

func (*Spec) String

func (m *Spec) String() string

func (*Spec) XXX_DiscardUnknown

func (m *Spec) XXX_DiscardUnknown()

func (*Spec) XXX_Marshal

func (m *Spec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Spec) XXX_Merge

func (m *Spec) XXX_Merge(src proto.Message)

func (*Spec) XXX_Size

func (m *Spec) XXX_Size() int

func (*Spec) XXX_Unmarshal

func (m *Spec) XXX_Unmarshal(b []byte) error

type SymmetricSpec

type SymmetricSpec struct {
	// A non-secret identifier for a secret that is 'known' to Hoard (accessible via store or config)
	PublicID             string   `protobuf:"bytes,1,opt,name=PublicID,json=publicid,proto3" json:"publicid"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*SymmetricSpec) Descriptor

func (*SymmetricSpec) Descriptor() ([]byte, []int)

func (*SymmetricSpec) GetPublicID

func (m *SymmetricSpec) GetPublicID() string

func (*SymmetricSpec) ProtoMessage

func (*SymmetricSpec) ProtoMessage()

func (*SymmetricSpec) Reset

func (m *SymmetricSpec) Reset()

func (*SymmetricSpec) String

func (m *SymmetricSpec) String() string

func (*SymmetricSpec) XXX_DiscardUnknown

func (m *SymmetricSpec) XXX_DiscardUnknown()

func (*SymmetricSpec) XXX_Marshal

func (m *SymmetricSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SymmetricSpec) XXX_Merge

func (m *SymmetricSpec) XXX_Merge(src proto.Message)

func (*SymmetricSpec) XXX_Size

func (m *SymmetricSpec) XXX_Size() int

func (*SymmetricSpec) XXX_Unmarshal

func (m *SymmetricSpec) XXX_Unmarshal(b []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL