seal

package

v1.1.0-beta2 Latest Latest Go to latest Published: Mar 5, 2019 License: MPL-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/timotheenicolas/vault

Documentation ¶

Index ¶

Constants
type Access
type Envelope
- func NewEnvelope() *Envelope
- func (e *Envelope) Decrypt(data *EnvelopeInfo) ([]byte, error)
- func (e *Envelope) Encrypt(plaintext []byte) (*EnvelopeInfo, error)
type EnvelopeInfo
type TestSeal
- func NewTestSeal(secret []byte) *TestSeal

Constants ¶

View Source

const (
	Shamir        = "shamir"
	PKCS11        = "pkcs11"
	AliCloudKMS   = "alicloudkms"
	AWSKMS        = "awskms"
	GCPCKMS       = "gcpckms"
	AzureKeyVault = "azurekeyvault"
	Transit       = "transit"
	Test          = "test-auto"

	// HSMAutoDeprecated is a deprecated seal type prior to 0.9.0.
	// It is still referenced in certain code paths for upgrade purporses
	HSMAutoDeprecated = "hsm-auto"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Access ¶ added in v1.0.0

type Access interface {
	SealType() string
	KeyID() string

	Init(context.Context) error
	Finalize(context.Context) error

	Encrypt(context.Context, []byte) (*physical.EncryptedBlobInfo, error)
	Decrypt(context.Context, *physical.EncryptedBlobInfo) ([]byte, error)
}

Access is the embedded implemention of autoSeal that contains logic specific to encrypting and decrypting data, or in this case keys.

type Envelope ¶ added in v1.0.0

type Envelope struct{}

func NewEnvelope ¶ added in v1.0.0

func NewEnvelope() *Envelope

func (*Envelope) Decrypt ¶ added in v1.0.0

func (e *Envelope) Decrypt(data *EnvelopeInfo) ([]byte, error)

func (*Envelope) Encrypt ¶ added in v1.0.0

func (e *Envelope) Encrypt(plaintext []byte) (*EnvelopeInfo, error)

type EnvelopeInfo ¶ added in v1.0.0

type EnvelopeInfo struct {
	Ciphertext []byte
	Key        []byte
	IV         []byte
}

type TestSeal ¶ added in v1.0.0

type TestSeal struct {
	Type string
	// contains filtered or unexported fields
}

func NewTestSeal ¶ added in v1.0.0

func NewTestSeal(secret []byte) *TestSeal

func (*TestSeal) Decrypt ¶ added in v1.0.0

func (t *TestSeal) Decrypt(_ context.Context, dwi *physical.EncryptedBlobInfo) ([]byte, error)

func (*TestSeal) Encrypt ¶ added in v1.0.0

func (t *TestSeal) Encrypt(_ context.Context, plaintext []byte) (*physical.EncryptedBlobInfo, error)

func (*TestSeal) Finalize ¶ added in v1.0.0

func (t *TestSeal) Finalize(_ context.Context) error

func (*TestSeal) Init ¶ added in v1.0.0

func (s *TestSeal) Init(_ context.Context) error

func (*TestSeal) KeyID ¶ added in v1.0.0

func (t *TestSeal) KeyID() string

func (*TestSeal) SealType ¶ added in v1.0.0

func (t *TestSeal) SealType() string

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
alicloudkms
awskms
azurekeyvault
gcpckms
transit

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL