Versions in this module Expand all Collapse all v1 v1.0.4 Oct 27, 2021 Changes in this version + const AESCBC + const AESGCMNoPadding + const DefaultInstructionKeySuffix + const DefaultMinFileSize + const KMSWrap + var AESCBCPadder = Padder(aescbcPadding) + var NoPadder = Padder(noPadder{}) + type CEKEntry func(CipherData) (ContentCipher, error) + type Cipher interface + type CipherData struct + CEKAlgorithm string + EncryptedKey []byte + IV []byte + Key []byte + MaterialDescription MaterialDescription + Padder Padder + TagLength string + WrapAlgorithm string + type CipherDataDecrypter interface + DecryptKey func([]byte) ([]byte, error) + type CipherDataGenerator interface + GenerateCipherData func(int, int) (CipherData, error) + func NewKMSKeyGenerator(kmsClient kmsiface.KMSAPI, cmkID string) CipherDataGenerator + func NewKMSKeyGeneratorWithMatDesc(kmsClient kmsiface.KMSAPI, cmkID string, matdesc MaterialDescription) CipherDataGenerator + type ContentCipher interface + DecryptContents func(io.ReadCloser) (io.ReadCloser, error) + EncryptContents func(io.Reader) (io.Reader, error) + GetCipherData func() CipherData + type ContentCipherBuilder interface + ContentCipher func() (ContentCipher, error) + func AESCBCContentCipherBuilder(generator CipherDataGenerator, padder Padder) ContentCipherBuilder + func AESGCMContentCipherBuilder(generator CipherDataGenerator) ContentCipherBuilder + type CryptoReadCloser struct + Body io.ReadCloser + Decrypter io.Reader + func (rc *CryptoReadCloser) Close() error + func (rc *CryptoReadCloser) Read(b []byte) (int, error) + type Decrypter interface + Decrypt func(io.Reader) io.Reader + type DecryptionClient struct + CEKRegistry map[string]CEKEntry + LoadStrategy LoadStrategy + PadderRegistry map[string]Padder + S3Client s3iface.S3API + WrapRegistry map[string]WrapEntry + func NewDecryptionClient(prov client.ConfigProvider, options ...func(*DecryptionClient)) *DecryptionClient + func (c *DecryptionClient) GetObject(input *s3.GetObjectInput) (*s3.GetObjectOutput, error) + func (c *DecryptionClient) GetObjectRequest(input *s3.GetObjectInput) (*request.Request, *s3.GetObjectOutput) + func (c *DecryptionClient) GetObjectWithContext(ctx aws.Context, input *s3.GetObjectInput, opts ...request.Option) (*s3.GetObjectOutput, error) + type Encrypter interface + Encrypt func(io.Reader) io.Reader + type EncryptionClient struct + ContentCipherBuilder ContentCipherBuilder + MinFileSize int64 + S3Client s3iface.S3API + SaveStrategy SaveStrategy + TempFolderPath string + func NewEncryptionClient(prov client.ConfigProvider, builder ContentCipherBuilder, ...) *EncryptionClient + func (c *EncryptionClient) PutObject(input *s3.PutObjectInput) (*s3.PutObjectOutput, error) + func (c *EncryptionClient) PutObjectRequest(input *s3.PutObjectInput) (*request.Request, *s3.PutObjectOutput) + func (c *EncryptionClient) PutObjectWithContext(ctx aws.Context, input *s3.PutObjectInput, opts ...request.Option) (*s3.PutObjectOutput, error) + type Envelope struct + CEKAlg string + CipherKey string + IV string + MatDesc string + TagLen string + UnencryptedContentLen string + UnencryptedMD5 string + WrapAlg string + type HeaderV2LoadStrategy struct + func (load HeaderV2LoadStrategy) Load(req *request.Request) (Envelope, error) + type HeaderV2SaveStrategy struct + func (strat HeaderV2SaveStrategy) Save(env Envelope, req *request.Request) error + type LoadStrategy interface + Load func(*request.Request) (Envelope, error) + type MaterialDescription map[string]*string + type Padder interface + Name func() string + Pad func([]byte, int) ([]byte, error) + Unpad func([]byte) ([]byte, error) + func NewPKCS7Padder(blockSize int) Padder + type S3LoadStrategy struct + Client *s3.S3 + InstructionFileSuffix string + func (load S3LoadStrategy) Load(req *request.Request) (Envelope, error) + type S3SaveStrategy struct + Client *s3.S3 + InstructionFileSuffix string + func (strat S3SaveStrategy) Save(env Envelope, req *request.Request) error + type SaveStrategy interface + Save func(Envelope, *request.Request) error + type WrapEntry func(Envelope) (CipherDataDecrypter, error) + func NewKMSWrapEntry(kmsClient kmsiface.KMSAPI) WrapEntry