Back to

Package secrets

Latest Go to latest

The latest major version is .

Published: Oct 26, 2018 | License: MIT | Module:



const (
	// A256GCM identifies the encryption algorithm
	A256GCM = "A256GCM"

	// B5JWKJSON identifies content type
	B5JWKJSON = "b5+jwk+json"

func Decrypt

func Decrypt(contents []byte) ([]byte, error)

Decrypt will access the key service and decrypt the protected values in the content.

func Encrypt

func Encrypt(contents []byte) ([]byte, error)

Encrypt will generate a new key and encrypt the protected values.

func FormatASTFile

func FormatASTFile(file *ast.File) ([]byte, error)

FormatASTFile returns formatted text representation of the file

func Read

func Read(url string) ([]byte, error)

Read loads and decrypt the contents at the specifed URL. It also processes and merges all included files specified in the header.

type AwsKeyService

type AwsKeyService struct {
	// contains filtered or unexported fields

AwsKeyService represents connection to Amazon Web Services KMS

func NewAwsKeyService

func NewAwsKeyService(region string, masterKeyID string) *AwsKeyService

NewAwsKeyService creates a new AwsKeyService in given AWS region and with the given masterKey identifier.

func (*AwsKeyService) DecryptKey

func (s *AwsKeyService) DecryptKey(key *EncryptionKey) error

DecryptKey decrypts an existing ServerKey.

func (*AwsKeyService) GenerateKey

func (s *AwsKeyService) GenerateKey(kid string) (*EncryptionKey, error)

GenerateKey generates a brand new ServerKey.

type DevKeyService

type DevKeyService struct {
	// contains filtered or unexported fields

DevKeyService contains DevKeyService information

func NewDevKeyService

func NewDevKeyService() *DevKeyService

NewDevKeyService returns an empty DevKeyService object

func (*DevKeyService) DecryptKey

func (s *DevKeyService) DecryptKey(key *EncryptionKey) error

DecryptKey decrypts the dev key

func (*DevKeyService) GenerateKey

func (s *DevKeyService) GenerateKey(kid string) (*EncryptionKey, error)

GenerateKey generates a new server key

type EncryptionKey

type EncryptionKey struct {
	KID    string `json:"kid"`
	Enc    string `json:"enc"`
	EncKey string `json:"encKey"`
	RawKey []byte `json:"-"`

EncryptionKey contians server key information

func (*EncryptionKey) Decrypt

func (key *EncryptionKey) Decrypt(message []byte) ([]byte, error)

Decrypt decrypts a given ciphertext byte array using the web crypto key

func (*EncryptionKey) Encrypt

func (key *EncryptionKey) Encrypt(plaintext []byte) ([]byte, error)

Encrypt encrypts a given plaintext byte array

type Header struct {
	Encrypted bool
	Key       string

	Service ServiceParams
	Protect []string
	Include []string

Header is a special entry in the .hcl file that defines encryption parameters

type KeyService

type KeyService interface {
	GenerateKey(kid string) (*EncryptionKey, error)
	DecryptKey(key *EncryptionKey) error

KeyService defines key methods

type ServiceParams

type ServiceParams struct {
	Type      string
	Region    string
	MasterKey string

ServiceParams is a part of the header entry with crypto service type and parameters

type Wrapper

type Wrapper struct {
	Header Header `hcl:"eh"`

Wrapper allows access to the echl Header entry

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier