service

package

v0.32.0 Latest Latest Go to latest Published: Dec 11, 2024 License: Apache-2.0 Imports: 5 Imported by: 5

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubernetes/kms

Links

Open Source Insights

Documentation ¶

Index ¶

type DecryptRequest
type EncryptResponse
type GRPCService
- func NewGRPCService(address string, timeout time.Duration, kmsService Service) *GRPCService
type Service
type StatusResponse

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type DecryptRequest ¶

type DecryptRequest struct {
	Ciphertext  []byte
	KeyID       string
	Annotations map[string][]byte
}

DecryptRequest is the request to the Envelope service when decrypting data.

type EncryptResponse ¶

type EncryptResponse struct {
	Ciphertext  []byte
	KeyID       string
	Annotations map[string][]byte
}

EncryptResponse is the response from the Envelope service when encrypting data.

type GRPCService ¶

type GRPCService struct {
	// contains filtered or unexported fields
}

GRPCService is a grpc server that runs the kms v2 alpha1 API.

func NewGRPCService ¶

func NewGRPCService(
	address string,
	timeout time.Duration,

	kmsService Service,
) *GRPCService

NewGRPCService creates an instance of GRPCService.

func (*GRPCService) Close ¶

func (s *GRPCService) Close()

Close stops the server by closing all connections immediately and cancels all active RPCs.

func (*GRPCService) Decrypt ¶

func (s *GRPCService) Decrypt(ctx context.Context, req *kmsapi.DecryptRequest) (*kmsapi.DecryptResponse, error)

Decrypt sends a decryption request to specified kms service.

func (*GRPCService) Encrypt ¶

func (s *GRPCService) Encrypt(ctx context.Context, req *kmsapi.EncryptRequest) (*kmsapi.EncryptResponse, error)

Encrypt sends an encryption request to specified kms service.

func (*GRPCService) ListenAndServe ¶

func (s *GRPCService) ListenAndServe() error

ListenAndServe accepts incoming connections on a Unix socket. It is a blocking method. Returns non-nil error unless Close or Shutdown is called.

func (*GRPCService) Shutdown ¶

func (s *GRPCService) Shutdown()

Shutdown performs a graceful shutdown. Doesn't accept new connections and blocks until all pending RPCs are finished.

func (*GRPCService) Status ¶

func (s *GRPCService) Status(ctx context.Context, _ *kmsapi.StatusRequest) (*kmsapi.StatusResponse, error)

Status sends a status request to specified kms service.

type Service ¶

type Service interface {
	// Decrypt a given bytearray to obtain the original data as bytes.
	Decrypt(ctx context.Context, uid string, req *DecryptRequest) ([]byte, error)
	// Encrypt bytes to a ciphertext.
	Encrypt(ctx context.Context, uid string, data []byte) (*EncryptResponse, error)
	// Status returns the status of the KMS.
	Status(ctx context.Context) (*StatusResponse, error)
}

Service allows encrypting and decrypting data using an external Key Management Service.

type StatusResponse ¶

type StatusResponse struct {
	Version string
	Healthz string
	KeyID   string
}

StatusResponse is the response from the Envelope service when getting the status of the service.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL