Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type API ¶
type API interface {
UpdateTransitEngine(engine EngineEntity) error
ReadTransitEngine(engine core.MountPathEntity) (*Engine, error)
ListKeys(engine core.MountPathEntity) ([]KeyName, error)
UpdateTransitKey(engine core.MountPathEntity, key KeyEntity) error
ReadTransitKey(engine core.MountPathEntity, key KeyNameEntity) (*Key, error)
DeleteTransitKey(engine core.MountPathEntity, key KeyNameEntity) error
RotateTransitKey(engine core.MountPathEntity, key KeyNameEntity) error
TransitEncrypt(engine core.MountPathEntity, key KeyNameEntity, plainText []byte) (string, error)
TransitDecrypt(engine core.MountPathEntity, key KeyNameEntity, cipherText string) ([]byte, error)
TransitSign(engine core.MountPathEntity, key KeyNameEntity, input []byte) (string, error)
TransitVerify(engine core.MountPathEntity, key KeyNameEntity, input []byte, signature string) (bool, error)
}
type Base64EncodedBlob ¶
type Base64EncodedBlob []byte
func (Base64EncodedBlob) MarshalJSON ¶
func (b Base64EncodedBlob) MarshalJSON() ([]byte, error)
type Engine ¶
type Engine struct {
Path string
PluginName string
Config *EngineConfig
}
func (*Engine) GetMountPath ¶
func (*Engine) GetPluginName ¶
func (*Engine) GetTransitEngineConfig ¶
func (t *Engine) GetTransitEngineConfig() (*EngineConfig, error)
type EngineCacheConfig ¶
type EngineCacheConfig struct {
Size int `json:"size"`
}
type EngineConfig ¶
type EngineConfig struct {
Cache EngineCacheConfig
}
type EngineEntity ¶
type EngineEntity interface {
core.MountPathEntity
GetPluginName() (string, error)
GetTransitEngineConfig() (*EngineConfig, error)
}
type Key ¶
func (*Key) GetTransitKeyConfig ¶
func (*Key) GetTransitKeyName ¶
func (*Key) GetTransitKeyType ¶
type KeyConfig ¶
type KeyConfig struct {
MinimumDecryptionVersion int `json:"min_decryption_version,omitempty"`
MinimumEncryptionVersion int `json:"min_encryption_version,omitempty"`
DeletionAllowed bool `json:"deletion_allowed,omitempty"`
Exportable bool `json:"exportable,omitempty"`
AllowPlaintextBackup bool `json:"allow_plaintext_backup,omitempty"`
}
type KeyEntity ¶
type KeyEntity interface {
KeyNameEntity
GetTransitKeyType() (KeyType, error)
GetTransitKeyConfig() (*KeyConfig, error)
}
type KeyNameEntity ¶
type KeyType ¶
type KeyType string
KeyType are defined keys that the vault transit engine supports. Details: https://www.vaultproject.io/docs/secrets/transit#key-types.
const ( // TypeAes128Gcm96 AES-GCM with a 128-bit AES key and a 96-bit nonce; supports encryption, // decryption, key derivation, and convergent encryption. TypeAes128Gcm96 KeyType = "aes128-gcm96" // TypeAes256Gcm96 AES-GCM with a 256-bit AES key and a 96-bit nonce; supports encryption, // decryption, key derivation, and convergent encryption. TypeAes256Gcm96 KeyType = "aes256-gcm96" // TypeChacha20Poly1305 ChaCha20-Poly1305 with a 256-bit key; supports encryption, decryption, // key derivation, and convergent encryption. TypeChacha20Poly1305 KeyType = "chacha20-poly1305" // TypeED25519 Ed25519; supports signing, signature verification, and key derivation. TypeED25519 KeyType = "ed25519" // TypeEcdsaP256 ECDSA using curve P-256; supports signing and signature verification. TypeEcdsaP256 KeyType = "ecdsa-p256" // TypeEcdsaP384 ECDSA using curve P-384; supports signing and signature verification. TypeEcdsaP384 KeyType = "ecdsa-p384" // TypeEcdsaP521 ECDSA using curve P-521; supports signing and signature verification. TypeEcdsaP521 KeyType = "ecdsa-p521" // TypeRSA2048 2048-bit RSA key; supports encryption, decryption, signing, and signature verification. TypeRSA2048 KeyType = "rsa-2048" // TypeRSA3072 3072-bit RSA key; supports encryption, decryption, signing, and signature verification. TypeRSA3072 KeyType = "rsa-3072" // TypeRSA4096 4096-bit RSA key; supports encryption, decryption, signing, and signature verification. TypeRSA4096 KeyType = "rsa-4096" )
Source Files
Click to show internal directories.
Click to hide internal directories.