kms

package
v1.113.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 20, 2024 License: AGPL-3.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// MockChecksumMismatch can be used as a key info version to signal to mockGsmClient to return a checksum that does not match.
	MockChecksumMismatch = "mock-checksum-mismatch"

	// MockAccessSecretVersionError can be used as a key info version to signal to mockGsmClient to return an error from AccessSecretVersion method.
	MockAccessSecretVersionError = "mock-access-secret-version-error"

	// MockKeyNotFound can be used as a key info version to signal to mockGsmClient to return no payload data from AccessSecretVersion.
	MockKeyNotFound = "mock-key-not-found"
)
View Source
var (
	// Error is the default error class for the package.
	Error = errs.Class("kms")
)

Functions

This section is empty.

Types

type Config

type Config struct {
	KeyInfos         KeyInfos `help:"semicolon-separated key-id:version,checksum." default:""`
	DefaultMasterKey int      `help:"the key ID to use for passphrase encryption." default:"1"`
	TestMasterKey    string   `` /* 193-byte string literal not displayed */
	MockClient       bool     `` /* 132-byte string literal not displayed */
}

Config is a configuration struct for secret management Service.

type KeyInfo added in v1.108.1

type KeyInfo struct {
	SecretVersion  string
	SecretChecksum int64
}

KeyInfo contains the location and checksum of a key.

type KeyInfos added in v1.108.1

type KeyInfos struct {
	Values map[int]KeyInfo
}

KeyInfos is a map of key IDs to key infos.

func (*KeyInfos) Set added in v1.108.1

func (ki *KeyInfos) Set(s string) error

Set sets the list of keys to the parsed string.

func (*KeyInfos) String added in v1.108.1

func (ki *KeyInfos) String() string

func (KeyInfos) Type added in v1.108.1

func (KeyInfos) Type() string

Type returns the type of the pflag.Value.

type SecretsService

type SecretsService interface {
	// GetKey gets a key from the secret service.
	GetKey(ctx context.Context, keyInfo KeyInfo) (*storj.Key, error)
	// Close closes the service.
	Close() error
}

SecretsService is a service for retrieving keys.

architecture: Service

type Service

type Service struct {
	// contains filtered or unexported fields
}

Service is a service for encrypting/decrypting project passphrases.

architecture: Service

func NewService

func NewService(config Config) *Service

NewService creates a new Service.

func (*Service) DecryptPassphrase

func (s *Service) DecryptPassphrase(ctx context.Context, keyID int, encryptedPassphrase []byte) ([]byte, error)

DecryptPassphrase decrypts the provided encrypted passphrase using the masterKey.

func (*Service) EncryptPassphrase

func (s *Service) EncryptPassphrase(ctx context.Context, passphrase []byte) (_ []byte, keyID int, err error)

EncryptPassphrase encrypts the provided passphrase using the masterKey in an XSalsa20 and Poly1305 encryption.

func (*Service) GenerateEncryptedPassphrase

func (s *Service) GenerateEncryptedPassphrase(ctx context.Context) (_ []byte, keyID int, err error)

GenerateEncryptedPassphrase generates a cryptographically random passphrase, returning its encrypted form and the id of the encryption key.

func (*Service) Initialize

func (s *Service) Initialize(ctx context.Context) (err error)

Initialize initializes the service.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL