seal

package

v0.0.0-...-a0f6db5 Latest Latest Go to latest Published: Sep 14, 2022 License: MPL-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tks98/vault

Documentation ¶

Index ¶

type Access
- func NewTestSeal(opts *TestSealOpts) *Access
- func NewToggleableTestSeal(opts *TestSealOpts) (*Access, func(error))
type Envelope
- func NewEnvelope() *Envelope
- func (e *Envelope) Decrypt(data *wrapping.EnvelopeInfo, aad []byte) ([]byte, error)
- func (e *Envelope) Encrypt(plaintext, aad []byte) (*wrapping.EnvelopeInfo, error)
type StoredKeysSupport
- func (s StoredKeysSupport) String() string
type TestSealOpts
type ToggleableWrapper

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Access ¶

type Access struct {
	wrapping.Wrapper
	WrapperType wrapping.WrapperType
}

Access is the embedded implementation of autoSeal that contains logic specific to encrypting and decrypting data, or in this case keys.

func NewTestSeal ¶

func NewTestSeal(opts *TestSealOpts) *Access

func NewToggleableTestSeal ¶

func NewToggleableTestSeal(opts *TestSealOpts) (*Access, func(error))

func (*Access) Decrypt ¶

func (a *Access) Decrypt(ctx context.Context, data *wrapping.BlobInfo, aad []byte) (pt []byte, err error)

Decrypt uses the underlying seal to decrypt the cryptotext and returns it. Note that it is possible depending on the wrapper used that both pt and err are populated.

func (*Access) Encrypt ¶

func (a *Access) Encrypt(ctx context.Context, plaintext, aad []byte) (blob *wrapping.BlobInfo, err error)

Encrypt uses the underlying seal to encrypt the plaintext and returns it.

func (*Access) Finalize ¶

func (a *Access) Finalize(ctx context.Context) error

func (*Access) Init ¶

func (a *Access) Init(ctx context.Context) error

func (*Access) SetType ¶

func (a *Access) SetType(t wrapping.WrapperType)

func (*Access) Type ¶

func (a *Access) Type(ctx context.Context) (wrapping.WrapperType, error)

type Envelope ¶

type Envelope struct {
	// contains filtered or unexported fields
}

func NewEnvelope ¶

func NewEnvelope() *Envelope

func (*Envelope) Decrypt ¶

func (e *Envelope) Decrypt(data *wrapping.EnvelopeInfo, aad []byte) ([]byte, error)

func (*Envelope) Encrypt ¶

func (e *Envelope) Encrypt(plaintext, aad []byte) (*wrapping.EnvelopeInfo, error)

type StoredKeysSupport ¶

type StoredKeysSupport int

const (
	// The 0 value of StoredKeysSupport is an invalid option
	StoredKeysInvalid StoredKeysSupport = iota
	StoredKeysNotSupported
	StoredKeysSupportedGeneric
	StoredKeysSupportedShamirRoot
)

func (StoredKeysSupport) String ¶

func (s StoredKeysSupport) String() string

type TestSealOpts ¶

type TestSealOpts struct {
	Logger     hclog.Logger
	StoredKeys StoredKeysSupport
	Secret     []byte
	Name       wrapping.WrapperType
}

type ToggleableWrapper ¶

type ToggleableWrapper struct {
	wrapping.Wrapper
	// contains filtered or unexported fields
}

func (ToggleableWrapper) Decrypt ¶

func (t ToggleableWrapper) Decrypt(ctx context.Context, info *wrapping.BlobInfo, opts ...wrapping.Option) ([]byte, error)

func (*ToggleableWrapper) Encrypt ¶

func (t *ToggleableWrapper) Encrypt(ctx context.Context, bytes []byte, opts ...wrapping.Option) (*wrapping.BlobInfo, error)

func (*ToggleableWrapper) SetError ¶

func (t *ToggleableWrapper) SetError(err error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL