fakekms

package
v2.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2025 License: Apache-2.0 Imports: 10 Imported by: 2

Documentation

Overview

Package fakekms provides a fake implementation of registry.KMSClient.

Normally, a 'keyURI' identifies a key that is stored remotely by the KMS, and every operation is executed remotely using a RPC call to the KMS, since the key should not be sent to the client. In this fake implementation we want to avoid these RPC calls. We achieve this by encoding the key in the 'keyURI'. So the client simply needs to decode the key and generate an AEAD out of it. This is of course insecure and should only be used in testing.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAEAD added in v2.3.0 

func NewAEAD(keyURI string) (tink.AEAD, error)

NewAEAD returns a new tink.AEAD for the given keyURI.

func NewAEADWithContext added in v2.3.0 

func NewAEADWithContext(keyURI string) (tink.AEADWithContext, error)

NewAEADWithContext returns a new tink.AeadWithContext for the given keyURI.

The returned AEADWithContext will fail if the context is canceled.

func NewClient 

func NewClient(uriPrefix string) (registry.KMSClient, error)

NewClient returns a fake KMS client which will handle keys with uriPrefix prefix. keyURI must have the following format: 'fake-kms://<base64 encoded aead keyset>'.

func NewKeyURI 

func NewKeyURI() (string, error)

NewKeyURI returns a new, random fake KMS key URI.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.