luks

package
v0.4.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 11, 2024 License: MPL-2.0 Imports: 17 Imported by: 1

Documentation

Overview

Package luks provides a way to call LUKS2 cryptsetup.

Package luks provides a way to call LUKS2 cryptsetup.

Index

Constants

View Source 
const (
	// AESXTSPlain64CipherString string representation of aes-xts-plain64 cipher.
	AESXTSPlain64CipherString = "aes-xts-plain64"
	// XChaCha12String string representation of xchacha12 cipher.
	XChaCha12String = "xchacha12,aes-adiantum-plain64"
	// XChaCha20String string representation of xchacha20 cipher.
	XChaCha20String = "xchacha20,aes-adiantum-plain64"
	// AESXTSPlain64Cipher represents aes-xts-plain64 encryption cipher.
	AESXTSPlain64Cipher Cipher = iota
	// XChaCha12Cipher represents xchacha12 encryption cipher.
	XChaCha12Cipher
	// XChaCha20Cipher represents xchacha20 encryption cipher.
	XChaCha20Cipher
)
View Source 
const (
	// PerfNoReadWorkqueue sets --perf-no_read_workqueue.
	PerfNoReadWorkqueue = "no_read_workqueue"
	// PerfNoWriteWorkqueue sets --perf-no_write_workqueue.
	PerfNoWriteWorkqueue = "no_write_workqueue"
	// PerfSameCPUCrypt sets --perf-same_cpu_crypt.
	PerfSameCPUCrypt = "same_cpu_crypt"
)

Variables

This section is empty.

Functions

func ValidatePerfOption 

func ValidatePerfOption(value string) error

ValidatePerfOption checks that specified string is a valid perf option.

Types

type Cipher 

type Cipher int

Cipher LUKS2 cipher type.

func ParseCipherKind 

func ParseCipherKind(s string) (Cipher, error)

ParseCipherKind converts cipher string into cipher type.

func (Cipher) String 

func (c Cipher) String() (string, error)

String converts to command line string parameter value.

type LUKS 

type LUKS struct {
	// contains filtered or unexported fields
}

LUKS implements LUKS2 encryption provider.

func New 

func New(cipher Cipher, options ...Option) *LUKS

New creates new LUKS2 encryption provider.

func (*LUKS) AddKey 

func (l *LUKS) AddKey(devname string, key, newKey *encryption.Key) error

AddKey adds a new key at the LUKS encryption slot.

func (*LUKS) CheckKey 

func (l *LUKS) CheckKey(devname string, key *encryption.Key) (bool, error)

CheckKey checks if the key is valid.

func (*LUKS) Close 

func (l *LUKS) Close(devname string) error

Close implements encryption.Provider.

func (*LUKS) Encrypt 

func (l *LUKS) Encrypt(deviceName string, key *encryption.Key) error

Encrypt implements encryption.Provider.

func (*LUKS) Open 

func (l *LUKS) Open(deviceName string, key *encryption.Key) (string, error)

Open runs luksOpen on a device and returns mapped device path.

func (*LUKS) ReadKeyslots 

func (l *LUKS) ReadKeyslots(deviceName string) (*encryption.Keyslots, error)

ReadKeyslots returns deserialized LUKS2 keyslots JSON.

func (*LUKS) ReadToken added in v0.4.6 

func (l *LUKS) ReadToken(devname string, slot int, token token.Token) error

ReadToken reads arbitrary token from the luks metadata.

func (*LUKS) RemoveKey 

func (l *LUKS) RemoveKey(devname string, slot int, key *encryption.Key) error

RemoveKey removes a key at the specified LUKS encryption slot.

func (*LUKS) RemoveToken added in v0.4.6 

func (l *LUKS) RemoveToken(devname string, slot int) error

RemoveToken removes token from the luks metadata.

func (*LUKS) Resize added in v0.4.7 

func (l *LUKS) Resize(devname string, key *encryption.Key) error

Resize implements encryption.Provider.

func (*LUKS) SetKey 

func (l *LUKS) SetKey(devname string, oldKey, newKey *encryption.Key) error

SetKey sets new key value at the LUKS encryption slot.

func (*LUKS) SetToken added in v0.4.6 

func (l *LUKS) SetToken(devname string, slot int, token token.Token) error

SetToken adds arbitrary token to the key slot. Token id == slot id: only one token per key slot is supported.

type Option 

type Option func(l *LUKS)

Option represents luks configuration callback.

func WithBlockSize 

func WithBlockSize(value uint64) Option

WithBlockSize sets block size.

func WithIterTime 

func WithIterTime(value time.Duration) Option

WithIterTime sets iter-time parameter.

func WithKeySize 

func WithKeySize(value uint) Option

WithKeySize sets generated key size.

func WithPBKDFForceIterations 

func WithPBKDFForceIterations(value uint) Option

WithPBKDFForceIterations sets pbkdf-force-iterations parameter.

func WithPBKDFMemory 

func WithPBKDFMemory(value uint64) Option

WithPBKDFMemory sets pbkdf-memory parameter.

func WithPerfOptions 

func WithPerfOptions(options ...string) Option

WithPerfOptions enables encryption perf options.

type Token added in v0.4.6 

type Token[UserData any] struct {
	UserData UserData `json:",inline"`
	Type     string   `json:"type"`
}

Token defines LUKS2 token.

func (*Token[UserData]) Bytes added in v0.4.6 

func (t *Token[UserData]) Bytes() ([]byte, error)

Bytes encodes token into bytes.

func (*Token[UserData]) Decode added in v0.4.6 

func (t *Token[UserData]) Decode(in []byte) error

Decode reads token data from bytes.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.