decrypter

Documentation

Index

• func NewPGPPacketConfig(cipher, hash string) *packet.Config
• func SplitPALValue(line string) (decrypterType string, base64 bool, value string)
• type Decrypter
  • func NewPGPDecrypter(cipher, hash, keyRingPath, passphrase string) (Decrypter, error)
  • func NewRODecrypter(name, password, server, caPath string) (Decrypter, error)
• type Secret

Functions

func NewPGPPacketConfig

func NewPGPPacketConfig(cipher, hash string) *packet.Config

NewPGPPacketConfig constructs a new OpenPGP packet configuration from the given cipher and hash, as specified in RFC 4880.

func SplitPALValue

func SplitPALValue(line string) (decrypterType string, base64 bool, value string)

SplitPALValue parses a PAL secret, returning the parsed decrypter type, whether or not the plaintext is itself base64-encoded, and the value of the ciphertext.

Types

type Decrypter

type Decrypter interface {
	// Decrypt the ciphertext r.
	Decrypt(r io.Reader) (*Secret, error)
}

A Decrypter is a generic interface that abstracts away the details of performing a decryption. Currently, PGP and Red October are supported.

func NewPGPDecrypter

func NewPGPDecrypter(cipher, hash, keyRingPath, passphrase string) (Decrypter, error)

NewPGPDecrypter returns a new Decrypter that operates by using the provided keyring and credentials to perform PGP decryption on ciphertexts.

func NewRODecrypter

func NewRODecrypter(name, password, server, caPath string) (Decrypter, error)

NewRODecrypter returns a new Decrypter that operates by making decryption requests to the specified Red October server with the given credentials.

caPath is a path to a CA file that will be used to validate the server's identity. If it is empty, the system's default CA pool will be used.

type Secret

type Secret struct {
	Labels []string `json:"labels"`
	Value  []byte   `json:"value"`
}

A Secret represents a decrypted secret. Each secret can have multiple labels and multiple values.