kms

package
v0.0.0-...-982e07a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 19, 2023 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const AcraMasterKeyKEKID = "acra_master_key"

AcraMasterKeyKEKID represent ID/alias of encryption key used for MasterKey loading

View Source 
const KeyPolicyCreate = "create"

KeyPolicyCreate represent KMS key policy

View Source 
const TypeAWS = "aws"

TypeAWS supported KMS type AWS

Variables

View Source 
var (
	ErrMissingKeyPurpose     = errors.New("key purpose is required for keyID creating")
	ErrUnsupportedKeyPurpose = errors.New("unsupported KeyPurpose option provided")
	ErrEmptyClientIDProvided = errors.New("empty clientID in key context")
	ErrEmptyZoneIDProvided   = errors.New("empty zoneID in key context")
)

KmsEncryptor errors

View Source 
var ErrUnknownKMSType = errors.New("unknown KMS type provided")

ErrUnknownKMSType error displaying unknown KMS type provided by flags

View Source 
var SupportedPolicies = []string{
	KeyPolicyCreate,
}

SupportedPolicies contains all possible values for flag `--kms_key_policy`

Functions

func NewKeyManager 

func NewKeyManager(options *CLIOptions) (base.KeyManager, error)

NewKeyManager create kms.KeyManager from kms.CLIOptions

func RegisterCLIParametersWithFlags 

func RegisterCLIParametersWithFlags(flags *flag.FlagSet, prefix string, description string)

RegisterCLIParametersWithFlags register kms related flags

Types

type CLIOptions 

type CLIOptions struct {
	KMSType         string
	CredentialsPath string
}

CLIOptions keep command-line options related to KMS ACRA_MASTER_KEY loading.

func ParseCLIParameters 

func ParseCLIParameters(extractor *args.ServiceExtractor) *CLIOptions

ParseCLIParameters parse CLIOptions from CommandLine flags

func ParseCLIParametersFromFlags 

func ParseCLIParametersFromFlags(extractor *args.ServiceExtractor, prefix string) *CLIOptions

ParseCLIParametersFromFlags parse CLIOptions from provided FlagSet

type KeyMapper 

type KeyMapper struct{}

KeyMapper Implement KeyMapper interface for `kms_per_client` strategy

func NewKMSPerClientKeyMapper 

func NewKMSPerClientKeyMapper() *KeyMapper

NewKMSPerClientKeyMapper create new KeyMapper

func (*KeyMapper) GetKeyID 

func (k *KeyMapper) GetKeyID(ctx keystore.KeyContext) ([]byte, error)

GetKeyID implementation method of KeyMapper interface

type Loader 

type Loader struct {
	// contains filtered or unexported fields
}

Loader is implementation of MasterKeyLoader for kms

func NewLoader 

func NewLoader(encryptor base.Encryptor) *Loader

NewLoader create new kms MasterKeyLoader

func (*Loader) LoadMasterKey 

func (loader *Loader) LoadMasterKey() ([]byte, error)

LoadMasterKey implementation kms MasterKeyLoader for loading AcraMasterKey for keystore v1

func (*Loader) LoadMasterKeys 

func (loader *Loader) LoadMasterKeys() (encryption []byte, signature []byte, err error)

LoadMasterKeys implementation kms MasterKeyLoader for loading AcraMasterKey for keystore v2

type MasterKeyEncryptorFabric 

type MasterKeyEncryptorFabric struct{}

MasterKeyEncryptorFabric implementation of keyloader.KeyEncryptorFabric for `kms_encrypted_master_key` strategy

func (MasterKeyEncryptorFabric) GetKeyMapper 

func (k MasterKeyEncryptorFabric) GetKeyMapper() baseKMS.KeyMapper

GetKeyMapper return KeyMapper for `kms_encrypted_master_key` strategy

func (MasterKeyEncryptorFabric) NewKeyEncryptor 

func (k MasterKeyEncryptorFabric) NewKeyEncryptor(extractor *args.ServiceExtractor, prefix string) (keystore.KeyEncryptor, error)

NewKeyEncryptor fabric of keystore.KeyEncryptor for `kms_encrypted_master_key` strategy

func (MasterKeyEncryptorFabric) NewKeyEncryptorSuite 

func (k MasterKeyEncryptorFabric) NewKeyEncryptorSuite(extractor *args.ServiceExtractor, prefix string) (*crypto.KeyStoreSuite, error)

NewKeyEncryptorSuite fabric of crypto.KeyStoreSuite for `kms_encrypted_master_key` strategy

func (MasterKeyEncryptorFabric) RegisterCLIParameters 

func (k MasterKeyEncryptorFabric) RegisterCLIParameters(flags *flag.FlagSet, prefix, description string)

RegisterCLIParameters empty implementation of KMSMasterKeyKeyEncryptorFabric interface

type PerClientKeyEncryptorFabric 

type PerClientKeyEncryptorFabric struct{}

PerClientKeyEncryptorFabric implementation of keyloader.KeyEncryptorFabric for `kms_per_client` strategy

func (PerClientKeyEncryptorFabric) GetKeyMapper 

func (k PerClientKeyEncryptorFabric) GetKeyMapper() baseKMS.KeyMapper

GetKeyMapper return KeyMapper for `kms_per_client` strategy

func (PerClientKeyEncryptorFabric) NewKeyEncryptor 

func (k PerClientKeyEncryptorFabric) NewKeyEncryptor(extractor *args.ServiceExtractor, prefix string) (keystore.KeyEncryptor, error)

NewKeyEncryptor fabric of keystore.KeyEncryptor for `kms_per_client` strategy

func (PerClientKeyEncryptorFabric) NewKeyEncryptorSuite 

func (k PerClientKeyEncryptorFabric) NewKeyEncryptorSuite(extractor *args.ServiceExtractor, prefix string) (*crypto.KeyStoreSuite, error)

NewKeyEncryptorSuite fabric of crypto.KeyStoreSuite for `kms_per_client` strategy

func (PerClientKeyEncryptorFabric) RegisterCLIParameters 

func (k PerClientKeyEncryptorFabric) RegisterCLIParameters(flags *flag.FlagSet, prefix, description string)

RegisterCLIParameters empty implementation of KMSMasterKeyKeyEncryptorFabric interface

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.