Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewInsecurePlaintextClient ¶
NewClient returns a fake KMS client which will handle keys with uriPrefix prefix. keyURI must have the following format: 'insecure-plaintext-kms://'.
func NewLocalKeyEncryptionClient ¶
func NewLocalKeyEncryptionClient(jsonCleartextKeyEncryptionKeysetReader io.Reader) (registry.KMSClient, error)
NewLocalKeyEncryptionClient returns a KMS client which will handle encryption locally using the supplied, shared Tink keyring. It is up to the implementer to ensure that the supplied keyring is being handled securely. keyURI must have the following format: 'local-key-encryption://'.
Types ¶
type KeyEncrypter ¶
type KeyEncrypter interface {
EncryptKeyToBase64Ciphertext(kmsURI string, data []byte, publicKeyBase64Encoded string) (string, error)
DecryptKeyFromBase64Ciphertext(kmsURI string, ciphertext string, publicKeyBase64Encoded string) ([]byte, error)
}
func NewKeyEncrypterTinkAead ¶
func NewKeyEncrypterTinkAead() (KeyEncrypter, error)
Source Files
Click to show internal directories.
Click to hide internal directories.