Documentation
¶
Index ¶
- Variables
- func DecryptKey(w http.ResponseWriter, r *http.Request)
- func EncryptAndStoreKeyOrToken(req models.KeysHolder) ([]byte, error)
- func Getkey(w http.ResponseWriter, r *http.Request)
- func GlobalSettings(w http.ResponseWriter, r *http.Request)
- func InitStore(state *global.State)
- func InitStoreMock() *systemMock
- func ReInit(w http.ResponseWriter, r *http.Request)
- func SecurityRules(w http.ResponseWriter, r *http.Request)
- func Status(w http.ResponseWriter, r *http.Request)
- func StoreCloudProxyKey(w http.ResponseWriter, r *http.Request)
- func StoreKey(w http.ResponseWriter, r *http.Request)
- func SystemStatus(w http.ResponseWriter, r *http.Request)
- func TsxvaultInit(w http.ResponseWriter, r *http.Request)
- func UpdateDeviceHygieneSetting(w http.ResponseWriter, r *http.Request)
- func UpdateDynamicAccessSetting(w http.ResponseWriter, r *http.Request)
- func UpdateEmailSetting(w http.ResponseWriter, r *http.Request)
- func UpdatePasswordPolicy(w http.ResponseWriter, r *http.Request)
- func UpdateSecurityRule(w http.ResponseWriter, r *http.Request)
- type GlobalSettingsResp
- type SysStatus
- type UpdateSecurityRulesReq
- type VaultInit
- type VaultInitResp
- type VaultStatus
Constants ¶
This section is empty.
Variables ¶
var HoldDecryptShard [][]byte
HoldDecryptShard hods state of encryption key retreival during shamir deduce function
var Store adapter
Store is the package state variable which contains database connections
Functions ¶
func DecryptKey ¶
func DecryptKey(w http.ResponseWriter, r *http.Request)
DecryptKey retrieves token from vaultDecrypt function and store it in vaultEncryption Token. This is only available option for tsxtsxvault. TODO @sshahcodes compose this handler to smaller functions
func EncryptAndStoreKeyOrToken ¶
func EncryptAndStoreKeyOrToken(req models.KeysHolder) ([]byte, error)
EncryptAndStoreKeyOrToken is helper function which encrypts key or token and store it in database.
func Getkey ¶
func Getkey(w http.ResponseWriter, r *http.Request)
Getkey retrieves key or token from database. should fetch and return key tag rather than key value.
func GlobalSettings ¶
func GlobalSettings(w http.ResponseWriter, r *http.Request)
GlobalSettings returns all global settings
func InitStoreMock ¶
func InitStoreMock() *systemMock
InitStoreMock will init mock state of this package
func ReInit ¶
func ReInit(w http.ResponseWriter, r *http.Request)
ReInit purpose is to delete exisiting vault configs and instances from database. Clients should immediately send another request to vault init when this handler returns success response.
func SecurityRules ¶
func SecurityRules(w http.ResponseWriter, r *http.Request)
SecurityRules retrieves orgWide security rules
func Status ¶
func Status(w http.ResponseWriter, r *http.Request)
Status returns vault's current status.
func StoreCloudProxyKey ¶
func StoreCloudProxyKey(w http.ResponseWriter, r *http.Request)
StoreCloudProxyKey handles signed TRASA cloud proxy access key storage.
func StoreKey ¶
func StoreKey(w http.ResponseWriter, r *http.Request)
StoreKey stores keys in database. Keys should be encrypted and tag value must be generated. Before storing key, check if the key is valid and working.
func SystemStatus ¶
func SystemStatus(w http.ResponseWriter, r *http.Request)
SystemStatus returns information about system TRASA is running on.
func TsxvaultInit ¶
func TsxvaultInit(w http.ResponseWriter, r *http.Request)
TsxvaultInit initializes TRASA built in secure storage. master key for encryption is Shamir'ed into 5 keys with minimum 3 keys threshold and responded back to administrator.
func UpdateDeviceHygieneSetting ¶
func UpdateDeviceHygieneSetting(w http.ResponseWriter, r *http.Request)
UpdateDeviceHygieneSetting updates device hygiene enforce settings
func UpdateDynamicAccessSetting ¶
func UpdateDynamicAccessSetting(w http.ResponseWriter, r *http.Request)
UpdateDynamicAccessSetting updates dynamic access settings
func UpdateEmailSetting ¶
func UpdateEmailSetting(w http.ResponseWriter, r *http.Request)
UpdateEmailSetting updates email settings
func UpdatePasswordPolicy ¶
func UpdatePasswordPolicy(w http.ResponseWriter, r *http.Request)
UpdatePasswordPolicy updates password policy in global settings
func UpdateSecurityRule ¶
func UpdateSecurityRule(w http.ResponseWriter, r *http.Request)
UpdateSecurityRule updates system security rules
Types ¶
type GlobalSettingsResp ¶
type GlobalSettingsResp struct {
DynamicAccess models.GlobalSettings `json:"dynamicAccess"`
PasswordPolicy models.GlobalSettings `json:"passPolicy"`
EmailSettings models.GlobalSettings `json:"emailSettings"`
DeviceHygiene models.GlobalSettings `json:"deviceHygiene"`
}
type UpdateSecurityRulesReq ¶
type VaultInitResp ¶
type VaultStatus ¶
type VaultStatus struct {
InitStatus models.GlobalSettings `json:"initStatus"`
SealStatus *hashicorpVault.SealStatusResponse `json:"sealStatus"`
TokenStatus hashicorpVault.SealStatusResponse `json:"tokenStatus"`
// TsxVault is TRASA's built in tsxvault. if false, caller should assume hashicorp vault is used instead.
Tsxvault bool `json:"tsxvault"`
Setting string `json:"setting"`
}
Source Files