kms

package
v1.1.0-beta.0...-88a2247 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 6, 2025 License: Apache-2.0, Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// need to keep it exact same as in TiKV ENCRYPTION_VENDOR_NAME_AWS_KMS
	EncryptionVendorNameAwsKms = "AWS"
)
View Source
const (
	// need to keep it exactly same as TiKV STORAGE_VENDOR_NAME_GCP in TiKV
	StorageVendorNameGcp = "gcp"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AwsKms

type AwsKms struct {
	// contains filtered or unexported fields
}

func NewAwsKms

func NewAwsKms(masterKeyConfig *encryptionpb.MasterKeyKms) (*AwsKms, error)

func (*AwsKms) Close

func (a *AwsKms) Close()

func (*AwsKms) DecryptDataKey

func (a *AwsKms) DecryptDataKey(ctx context.Context, dataKey []byte) ([]byte, error)

func (*AwsKms) Name

func (a *AwsKms) Name() string

type CryptographyType

type CryptographyType int

CryptographyType represents different cryptography methods

const (
	CryptographyTypePlain CryptographyType = iota
	CryptographyTypeAesGcm256
)

func (CryptographyType) TargetKeySize

func (c CryptographyType) TargetKeySize() int

type EncryptedKey

type EncryptedKey []byte

EncryptedKey is used to mark data as an encrypted key

func NewEncryptedKey

func NewEncryptedKey(key []byte) (EncryptedKey, error)

func (EncryptedKey) Equal

func (e EncryptedKey) Equal(other *EncryptedKey) bool

Equal method for EncryptedKey

type GcpKms

type GcpKms struct {
	// contains filtered or unexported fields
}

func NewGcpKms

func NewGcpKms(config *encryptionpb.MasterKeyKms) (*GcpKms, error)

func (*GcpKms) Close

func (g *GcpKms) Close()

func (*GcpKms) DecryptDataKey

func (g *GcpKms) DecryptDataKey(ctx context.Context, dataKey []byte) ([]byte, error)

func (*GcpKms) Name

func (g *GcpKms) Name() string

type PlainKey

type PlainKey struct {
	// contains filtered or unexported fields
}

PlainKey is used to mark a byte slice as a plaintext key

func NewPlainKey

func NewPlainKey(key []byte, t CryptographyType) (*PlainKey, error)

func (*PlainKey) Key

func (p *PlainKey) Key() []byte

func (*PlainKey) KeyTag

func (p *PlainKey) KeyTag() CryptographyType

type Provider

type Provider interface {
	DecryptDataKey(ctx context.Context, dataKey []byte) ([]byte, error)
	Name() string
	Close()
}

Provider is an interface for key management service providers implement encrypt data key in future if needed

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL