encryptedbk

package
v0.0.11 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 4, 2016 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

Copyright 2015 Gravitational, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

package encryptedbk implements encryption layer for any backend.

Copyright 2015 Gravitational, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright 2015 Gravitational, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func KeyFromString 

func KeyFromString(b64key string) (encryptor.Key, error)

func KeyToString 

func KeyToString(key encryptor.Key) (string, error)

func LoadKeyFromFile 

func LoadKeyFromFile(filename string) (encryptor.Key, error)

func SaveKeyToFile 

func SaveKeyToFile(key encryptor.Key, filename string) error

Types

type BoltKeyStore 

type BoltKeyStore struct {
	*sync.Mutex
	// contains filtered or unexported fields
}

func NewKeyStore 

func NewKeyStore(filename string) (*BoltKeyStore, error)

func (*BoltKeyStore) AddKey 

func (b *BoltKeyStore) AddKey(key encryptor.Key) error

func (*BoltKeyStore) Close 

func (b *BoltKeyStore) Close()

func (*BoltKeyStore) DeleteKey 

func (b *BoltKeyStore) DeleteKey(id string) error

func (*BoltKeyStore) GetKey 

func (b *BoltKeyStore) GetKey(id string) (encryptor.Key, error)

func (*BoltKeyStore) GetKeys 

func (b *BoltKeyStore) GetKeys() ([]encryptor.Key, error)

func (*BoltKeyStore) HasKey 

func (b *BoltKeyStore) HasKey(id string) bool

type EncryptedBackend 

type EncryptedBackend struct {
	KeyID string
	// contains filtered or unexported fields
}

func (*EncryptedBackend) AcquireLock 

func (b *EncryptedBackend) AcquireLock(token string, ttl time.Duration) error

func (*EncryptedBackend) CompareAndSwap 

func (b *EncryptedBackend) CompareAndSwap(path []string, key string, val []byte, ttl time.Duration, prevVal []byte) ([]byte, error)

func (*EncryptedBackend) DeleteAll 

func (b *EncryptedBackend) DeleteAll() error

func (*EncryptedBackend) DeleteBucket 

func (b *EncryptedBackend) DeleteBucket(path []string, bkt string) error

func (*EncryptedBackend) DeleteKey 

func (b *EncryptedBackend) DeleteKey(path []string, key string) error

func (*EncryptedBackend) GetKeys 

func (b *EncryptedBackend) GetKeys(path []string) ([]string, error)

func (*EncryptedBackend) GetVal 

func (b *EncryptedBackend) GetVal(path []string, key string) ([]byte, error)

func (*EncryptedBackend) GetValAndTTL 

func (b *EncryptedBackend) GetValAndTTL(path []string, key string) ([]byte, time.Duration, error)

func (*EncryptedBackend) ReleaseLock 

func (b *EncryptedBackend) ReleaseLock(token string) error

func (*EncryptedBackend) Sign 

func (b *EncryptedBackend) Sign() error

Add special value. Encrypted with public key and signed with private key.

func (*EncryptedBackend) UpsertVal 

func (b *EncryptedBackend) UpsertVal(path []string, key string, val []byte, ttl time.Duration) error

func (*EncryptedBackend) VerifySign 

func (b *EncryptedBackend) VerifySign() error

Try to decrypt the special value and verify its sign.

type KeyStore 

type KeyStore interface {
	AddKey(key encryptor.Key) error
	HasKey(keyID string) bool
	GetKey(keyID string) (encryptor.Key, error)
	GetKeys() ([]encryptor.Key, error)
	DeleteKey(keyID string) error
	Close()
}

type ReplicatedBackend 

type ReplicatedBackend struct {
	// contains filtered or unexported fields
}

func NewReplicatedBackend 

func NewReplicatedBackend(backend backend.Backend, keysFile string,
	additionalKeys []encryptor.Key,
	keyGenerator encryptor.KeyGenerator) (*ReplicatedBackend, error)

func (*ReplicatedBackend) AcquireLock 

func (b *ReplicatedBackend) AcquireLock(token string, ttl time.Duration) error

func (*ReplicatedBackend) AddSealKey 

func (b *ReplicatedBackend) AddSealKey(key encryptor.Key) error

func (*ReplicatedBackend) CompareAndSwap 

func (b *ReplicatedBackend) CompareAndSwap(path []string, key string, val []byte, ttl time.Duration, prevVal []byte) ([]byte, error)

func (*ReplicatedBackend) DeleteBucket 

func (b *ReplicatedBackend) DeleteBucket(path []string, bkt string) error

func (*ReplicatedBackend) DeleteKey 

func (b *ReplicatedBackend) DeleteKey(path []string, key string) error

func (*ReplicatedBackend) DeleteSealKey 

func (b *ReplicatedBackend) DeleteSealKey(id string) error

func (*ReplicatedBackend) GenerateSealKey 

func (b *ReplicatedBackend) GenerateSealKey(name string) (encryptor.Key, error)

func (*ReplicatedBackend) GetKeys 

func (b *ReplicatedBackend) GetKeys(path []string) ([]string, error)

func (*ReplicatedBackend) GetSealKey 

func (b *ReplicatedBackend) GetSealKey(id string) (encryptor.Key, error)

func (*ReplicatedBackend) GetSealKeys 

func (b *ReplicatedBackend) GetSealKeys() ([]encryptor.Key, error)

func (*ReplicatedBackend) GetSignKey 

func (b *ReplicatedBackend) GetSignKey() (encryptor.Key, error)

func (*ReplicatedBackend) GetVal 

func (b *ReplicatedBackend) GetVal(path []string, key string) ([]byte, error)

func (*ReplicatedBackend) GetValAndTTL 

func (b *ReplicatedBackend) GetValAndTTL(path []string, key string) ([]byte, time.Duration, error)

func (*ReplicatedBackend) ReleaseLock 

func (b *ReplicatedBackend) ReleaseLock(token string) error

func (*ReplicatedBackend) RewriteData 

func (b *ReplicatedBackend) RewriteData() error

func (*ReplicatedBackend) SetSignKey 

func (b *ReplicatedBackend) SetSignKey(key encryptor.Key) error

func (*ReplicatedBackend) UpdateLocalKeysFromCluster 

func (b *ReplicatedBackend) UpdateLocalKeysFromCluster() error

func (*ReplicatedBackend) UpsertVal 

func (b *ReplicatedBackend) UpsertVal(path []string, key string, val []byte, ttl time.Duration) error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.