The highest tagged major version is v8.

grant

package

v3.0.1+incompatible Latest Latest Go to latest Published: Mar 4, 2019 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/monax/hoard

Links

Open Source Insights

Documentation ¶

Index ¶

func DeriveSecretKey(secret, salt []byte) ([]byte, error)
func OpenPGPGrant(ref *reference.Ref, public string, keyring *secrets.OpenPGPSecret) ([]byte, error)
func OpenPGPReference(grant []byte, keyring *secrets.OpenPGPSecret) (*reference.Ref, error)
func PlaintextGrant(ref *reference.Ref) []byte
func PlaintextReference(ciphertext []byte) *reference.Ref
func SymmetricGrant(ref *reference.Ref, secret []byte) ([]byte, error)
func SymmetricReference(ciphertext, secret []byte) (*reference.Ref, error)
func Unseal(secret secrets.Manager, grt *Grant) (*reference.Ref, error)
type Grant
- func Seal(secret secrets.Manager, ref *reference.Ref, spec *Spec) (*Grant, error)
type OpenPGPSpec
type PlaintextSpec
type Spec
type SymmetricSpec

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DeriveSecretKey ¶

func DeriveSecretKey(secret, salt []byte) ([]byte, error)

func OpenPGPGrant ¶

func OpenPGPGrant(ref *reference.Ref, public string, keyring *secrets.OpenPGPSecret) ([]byte, error)

OpenPGPGrant encrypts and signs a given reference

func OpenPGPReference ¶

func OpenPGPReference(grant []byte, keyring *secrets.OpenPGPSecret) (*reference.Ref, error)

OpenPGPReference decrypts a given grant

func PlaintextGrant ¶

func PlaintextGrant(ref *reference.Ref) []byte

PlaintextGrant returns an encoded reference

func PlaintextReference ¶

func PlaintextReference(ciphertext []byte) *reference.Ref

PlaintextReference decodes the grant

func SymmetricGrant ¶

func SymmetricGrant(ref *reference.Ref, secret []byte) ([]byte, error)

SymmetricGrant encrypts the given reference based on a secret read from the provider store

func SymmetricReference ¶

func SymmetricReference(ciphertext, secret []byte) (*reference.Ref, error)

SymmetricReference decrypts the given grant based on a secret read from the provider store

func Unseal ¶

func Unseal(secret secrets.Manager, grt *Grant) (*reference.Ref, error)

Unseal a Grant exposing its secret reference

Types ¶

type Grant ¶

type Grant struct {
	// The grantSpec provides sufficient information to decrypt the reference
	// if hoard has access to the requisite secret
	Spec                 *Spec    `protobuf:"bytes,1,opt,name=Spec" json:"Spec,omitempty"`
	EncryptedReference   []byte   `protobuf:"bytes,2,opt,name=EncryptedReference,proto3" json:"EncryptedReference,omitempty"`
	Version              int32    `protobuf:"varint,3,opt,name=Version,proto3" json:"Version,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func Seal ¶

func Seal(secret secrets.Manager, ref *reference.Ref, spec *Spec) (*Grant, error)

Seal this reference into a Grant as specified by Spec

func (*Grant) Descriptor ¶

func (*Grant) Descriptor() ([]byte, []int)

func (*Grant) GetEncryptedReference ¶

func (m *Grant) GetEncryptedReference() []byte

func (*Grant) GetSpec ¶

func (m *Grant) GetSpec() *Spec

func (*Grant) GetVersion ¶

func (m *Grant) GetVersion() int32

func (*Grant) ProtoMessage ¶

func (*Grant) ProtoMessage()

func (*Grant) ProtoSize ¶

func (m *Grant) ProtoSize() (n int)

func (*Grant) Reset ¶

func (m *Grant) Reset()

func (*Grant) String ¶

func (m *Grant) String() string

func (*Grant) XXX_DiscardUnknown ¶

func (m *Grant) XXX_DiscardUnknown()

func (*Grant) XXX_Marshal ¶

func (m *Grant) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Grant) XXX_Merge ¶

func (dst *Grant) XXX_Merge(src proto.Message)

func (*Grant) XXX_Size ¶

func (m *Grant) XXX_Size() int

func (*Grant) XXX_Unmarshal ¶

func (m *Grant) XXX_Unmarshal(b []byte) error

type OpenPGPSpec ¶

type OpenPGPSpec struct {
	PublicKey            string   `protobuf:"bytes,1,opt,name=PublicKey,proto3" json:"PublicKey,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*OpenPGPSpec) Descriptor ¶

func (*OpenPGPSpec) Descriptor() ([]byte, []int)

func (*OpenPGPSpec) GetPublicKey ¶

func (m *OpenPGPSpec) GetPublicKey() string

func (*OpenPGPSpec) ProtoMessage ¶

func (*OpenPGPSpec) ProtoMessage()

func (*OpenPGPSpec) ProtoSize ¶

func (m *OpenPGPSpec) ProtoSize() (n int)

func (*OpenPGPSpec) Reset ¶

func (m *OpenPGPSpec) Reset()

func (*OpenPGPSpec) String ¶

func (m *OpenPGPSpec) String() string

func (*OpenPGPSpec) XXX_DiscardUnknown ¶

func (m *OpenPGPSpec) XXX_DiscardUnknown()

func (*OpenPGPSpec) XXX_Marshal ¶

func (m *OpenPGPSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*OpenPGPSpec) XXX_Merge ¶

func (dst *OpenPGPSpec) XXX_Merge(src proto.Message)

func (*OpenPGPSpec) XXX_Size ¶

func (m *OpenPGPSpec) XXX_Size() int

func (*OpenPGPSpec) XXX_Unmarshal ¶

func (m *OpenPGPSpec) XXX_Unmarshal(b []byte) error

type PlaintextSpec ¶

type PlaintextSpec struct {
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*PlaintextSpec) Descriptor ¶

func (*PlaintextSpec) Descriptor() ([]byte, []int)

func (*PlaintextSpec) ProtoMessage ¶

func (*PlaintextSpec) ProtoMessage()

func (*PlaintextSpec) ProtoSize ¶

func (m *PlaintextSpec) ProtoSize() (n int)

func (*PlaintextSpec) Reset ¶

func (m *PlaintextSpec) Reset()

func (*PlaintextSpec) String ¶

func (m *PlaintextSpec) String() string

func (*PlaintextSpec) XXX_DiscardUnknown ¶

func (m *PlaintextSpec) XXX_DiscardUnknown()

func (*PlaintextSpec) XXX_Marshal ¶

func (m *PlaintextSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PlaintextSpec) XXX_Merge ¶

func (dst *PlaintextSpec) XXX_Merge(src proto.Message)

func (*PlaintextSpec) XXX_Size ¶

func (m *PlaintextSpec) XXX_Size() int

func (*PlaintextSpec) XXX_Unmarshal ¶

func (m *PlaintextSpec) XXX_Unmarshal(b []byte) error

type Spec ¶

type Spec struct {
	Plaintext            *PlaintextSpec `protobuf:"bytes,1,opt,name=Plaintext" json:"Plaintext,omitempty"`
	Symmetric            *SymmetricSpec `protobuf:"bytes,2,opt,name=Symmetric" json:"Symmetric,omitempty"`
	OpenPGP              *OpenPGPSpec   `protobuf:"bytes,3,opt,name=OpenPGP" json:"OpenPGP,omitempty"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

func (*Spec) Descriptor ¶

func (*Spec) Descriptor() ([]byte, []int)

func (*Spec) GetOpenPGP ¶

func (m *Spec) GetOpenPGP() *OpenPGPSpec

func (*Spec) GetPlaintext ¶

func (m *Spec) GetPlaintext() *PlaintextSpec

func (*Spec) GetSymmetric ¶

func (m *Spec) GetSymmetric() *SymmetricSpec

func (*Spec) GetValue ¶

func (this *Spec) GetValue() interface{}

func (*Spec) ProtoMessage ¶

func (*Spec) ProtoMessage()

func (*Spec) ProtoSize ¶

func (m *Spec) ProtoSize() (n int)

func (*Spec) Reset ¶

func (m *Spec) Reset()

func (*Spec) SetValue ¶

func (this *Spec) SetValue(value interface{}) bool

func (*Spec) String ¶

func (m *Spec) String() string

func (*Spec) XXX_DiscardUnknown ¶

func (m *Spec) XXX_DiscardUnknown()

func (*Spec) XXX_Marshal ¶

func (m *Spec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Spec) XXX_Merge ¶

func (dst *Spec) XXX_Merge(src proto.Message)

func (*Spec) XXX_Size ¶

func (m *Spec) XXX_Size() int

func (*Spec) XXX_Unmarshal ¶

func (m *Spec) XXX_Unmarshal(b []byte) error

type SymmetricSpec ¶

type SymmetricSpec struct {
	// A non-secret identifier for a secret that is 'known' to Hoard (accessible via store or config)
	PublicID             string   `protobuf:"bytes,1,opt,name=PublicID,proto3" json:"PublicID,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*SymmetricSpec) Descriptor ¶

func (*SymmetricSpec) Descriptor() ([]byte, []int)

func (*SymmetricSpec) GetPublicID ¶

func (m *SymmetricSpec) GetPublicID() string

func (*SymmetricSpec) ProtoMessage ¶

func (*SymmetricSpec) ProtoMessage()

func (*SymmetricSpec) ProtoSize ¶

func (m *SymmetricSpec) ProtoSize() (n int)

func (*SymmetricSpec) Reset ¶

func (m *SymmetricSpec) Reset()

func (*SymmetricSpec) String ¶

func (m *SymmetricSpec) String() string

func (*SymmetricSpec) XXX_DiscardUnknown ¶

func (m *SymmetricSpec) XXX_DiscardUnknown()

func (*SymmetricSpec) XXX_Marshal ¶

func (m *SymmetricSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SymmetricSpec) XXX_Merge ¶

func (dst *SymmetricSpec) XXX_Merge(src proto.Message)

func (*SymmetricSpec) XXX_Size ¶

func (m *SymmetricSpec) XXX_Size() int

func (*SymmetricSpec) XXX_Unmarshal ¶

func (m *SymmetricSpec) XXX_Unmarshal(b []byte) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL