Documentation
¶
Index ¶
- Constants
- func ConvertEphemeralPublicKeyBytesToECDSAPublicKey(ephemeralPublicKeyBytes []byte) (*ecdsa.PublicKey, error)
- type Config
- type CryptoProvider
- type Error
- type StandardConfig
- type StandardCrypto
- func (s StandardCrypto) Close()
- func (s StandardCrypto) ECCertificate(identifier string) (string, error)
- func (s StandardCrypto) ECPublicKey(identifier string) (string, error)
- func (s StandardCrypto) GenerateEphemeralKasKeys() (any, []byte, error)
- func (s StandardCrypto) GenerateNanoTDFSessionKey(privateKey any, ephemeralPublicKeyPEM []byte) ([]byte, error)
- func (s StandardCrypto) GenerateNanoTDFSymmetricKey(ephemeralPublicKeyBytes []byte) ([]byte, error)
- func (s StandardCrypto) RSADecrypt(_ crypto.Hash, keyID string, _ string, ciphertext []byte) ([]byte, error)
- func (s StandardCrypto) RSAPublicKey(keyID string) (string, error)
- func (s StandardCrypto) RSAPublicKeyAsJSON(keyID string) (string, error)
- type StandardECCrypto
- type StandardKeyInfo
- type StandardRSACrypto
Constants ¶
View Source
const ( ErrCertNotFound = Error("not found") ErrCertificateEncode = Error("certificate encode error") ErrPublicKeyMarshal = Error("public key marshal error") ErrHSMUnexpected = Error("hsm unexpected") ErrHSMDecrypt = Error("hsm decrypt error") ErrHSMNotFound = Error("hsm unavailable") ErrKeyConfig = Error("key configuration error") ErrUnknownHashFunction = Error("unknown hash function") )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Config ¶
type Config struct {
Type string `yaml:"type" default:"standard"`
// StandardConfig is the configuration for the standard key provider
StandardConfig StandardConfig `yaml:"standard,omitempty" mapstructure:"standard"`
}
type CryptoProvider ¶
type CryptoProvider interface {
RSAPublicKey(keyID string) (string, error)
RSAPublicKeyAsJSON(keyID string) (string, error)
RSADecrypt(hash crypto.Hash, keyID string, keyLabel string, ciphertext []byte) ([]byte, error)
ECPublicKey(keyID string) (string, error)
ECCertificate(keyID string) (string, error)
GenerateNanoTDFSymmetricKey(ephemeralPublicKeyBytes []byte) ([]byte, error)
GenerateEphemeralKasKeys() (any, []byte, error)
GenerateNanoTDFSessionKey(privateKeyHandle any, ephemeralPublicKey []byte) ([]byte, error)
Close()
}
func NewCryptoProvider ¶
func NewCryptoProvider(cfg Config) (CryptoProvider, error)
type StandardConfig ¶
type StandardConfig struct {
RSAKeys map[string]StandardKeyInfo `yaml:"rsa,omitempty" mapstructure:"rsa"`
ECKeys map[string]StandardKeyInfo `yaml:"ec,omitempty" mapstructure:"ec"`
}
type StandardCrypto ¶
type StandardCrypto struct {
// contains filtered or unexported fields
}
func NewStandardCrypto ¶
func NewStandardCrypto(cfg StandardConfig) (*StandardCrypto, error)
NewStandardCrypto Create a new instance of standard crypto
func (StandardCrypto) Close ¶
func (s StandardCrypto) Close()
func (StandardCrypto) ECCertificate ¶ added in v0.4.4
func (s StandardCrypto) ECCertificate(identifier string) (string, error)
func (StandardCrypto) ECPublicKey ¶
func (s StandardCrypto) ECPublicKey(identifier string) (string, error)
func (StandardCrypto) GenerateEphemeralKasKeys ¶
func (s StandardCrypto) GenerateEphemeralKasKeys() (any, []byte, error)
func (StandardCrypto) GenerateNanoTDFSessionKey ¶
func (s StandardCrypto) GenerateNanoTDFSessionKey(privateKey any, ephemeralPublicKeyPEM []byte) ([]byte, error)
func (StandardCrypto) GenerateNanoTDFSymmetricKey ¶
func (s StandardCrypto) GenerateNanoTDFSymmetricKey(ephemeralPublicKeyBytes []byte) ([]byte, error)
func (StandardCrypto) RSADecrypt ¶
func (StandardCrypto) RSAPublicKey ¶
func (s StandardCrypto) RSAPublicKey(keyID string) (string, error)
func (StandardCrypto) RSAPublicKeyAsJSON ¶
func (s StandardCrypto) RSAPublicKeyAsJSON(keyID string) (string, error)
type StandardECCrypto ¶
type StandardECCrypto struct {
Identifier string
// contains filtered or unexported fields
}
type StandardKeyInfo ¶
type StandardRSACrypto ¶
type StandardRSACrypto struct {
Identifier string
// contains filtered or unexported fields
}
Source Files
Click to show internal directories.
Click to hide internal directories.