Documentation ¶
Index ¶
- Constants
- func WithAccessKey(with string) wrapping.Option
- func WithIdentityEndpoint(with string) wrapping.Option
- func WithProject(with string) wrapping.Option
- func WithRegion(with string) wrapping.Option
- func WithSecretKey(with string) wrapping.Option
- type OptionFunc
- type Wrapper
- func (k *Wrapper) Decrypt(_ context.Context, in *wrapping.BlobInfo, opt ...wrapping.Option) ([]byte, error)
- func (k *Wrapper) Encrypt(_ context.Context, plaintext []byte, opt ...wrapping.Option) (*wrapping.BlobInfo, error)
- func (k *Wrapper) KeyId(_ context.Context) (string, error)
- func (k *Wrapper) SetConfig(_ context.Context, opt ...wrapping.Option) (*wrapping.WrapperConfig, error)
- func (k *Wrapper) Type(_ context.Context) (wrapping.WrapperType, error)
Constants ¶
const (
EnvHuaweiCloudKmsWrapperKeyId = "HUAWEICLOUDKMS_WRAPPER_KEY_ID"
)
These constants contain the accepted env vars; the Vault one is for backwards compat
Variables ¶
This section is empty.
Functions ¶
func WithAccessKey ¶
WithAccessKey provides a way to specify an access key
func WithIdentityEndpoint ¶
WithIdentityEndpoint provides a way to choose an identity endpoint
func WithProject ¶
WithProject provides a way to chose the project
func WithRegion ¶
WithRegion provides a way to chose the region
func WithSecretKey ¶
WithSecretKey provides a way to specify a secret key
Types ¶
type OptionFunc ¶
type OptionFunc func(*options) error
OptionFunc holds a function with local options
type Wrapper ¶
type Wrapper struct {
// contains filtered or unexported fields
}
Wrapper is a Wrapper that uses HuaweiCloud's KMS
func (*Wrapper) Decrypt ¶
func (k *Wrapper) Decrypt(_ context.Context, in *wrapping.BlobInfo, opt ...wrapping.Option) ([]byte, error)
Decrypt is used to decrypt the ciphertext. This should be called after Init.
func (*Wrapper) Encrypt ¶
func (k *Wrapper) Encrypt(_ context.Context, plaintext []byte, opt ...wrapping.Option) (*wrapping.BlobInfo, error)
Encrypt is used to encrypt the master key using the the HuaweiCloud CMK. This returns the ciphertext, and/or any errors from this call. This should be called after the KMS client has been instantiated.
func (*Wrapper) SetConfig ¶
func (k *Wrapper) SetConfig(_ context.Context, opt ...wrapping.Option) (*wrapping.WrapperConfig, error)
SetConfig sets the fields on the HuaweiCloudKmsWrapper object based on values from the config parameter.
Order of precedence HuaweiCloud values: * Environment variable * Value from Vault configuration file * Instance metadata role (access key and secret key)