Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewServer ¶
func NewServer(prompt bool, homeDir string) keyservice.KeyServiceServer
Types ¶
type LocalClient ¶
type LocalClient struct {
Server keyservice.KeyServiceServer
}
LocalClient is a key service client that performs all operations locally. The sole reason this exists is because the go.mozilla.org/sops/v3/keyservice.LocalClient does not implement the KeyServiceServer interface.
func NewLocalClient ¶
func NewLocalClient(server keyservice.KeyServiceServer) LocalClient
NewLocalClient creates a new local client that embeds the given KeyServiceServer.
func (LocalClient) Decrypt ¶
func (c LocalClient) Decrypt(ctx context.Context, req *keyservice.DecryptRequest, opts ...grpc.CallOption) (*keyservice.DecryptResponse, error)
Decrypt processes a decrypt request locally.
func (LocalClient) Encrypt ¶
func (c LocalClient) Encrypt(ctx context.Context, req *keyservice.EncryptRequest, opts ...grpc.CallOption) (*keyservice.EncryptResponse, error)
Encrypt processes an encrypt request locally.
type Server ¶
type Server struct { // Prompt indicates whether the server should prompt before decrypting // or encrypting data. Prompt bool // HomeDir configures the home directory used for PGP operations. HomeDir string // DefaultServer is the server used for any other request than a PGP // encryption/decryption. DefaultServer keyservice.KeyServiceServer }
Server is a key service server that uses SOPS MasterKeys to fulfill requests. It intercepts encryption and decryption requests made for PGP keys, so that they can be run in a contained environment, instead of the default implementation which heavily utilizes environmental variables. Any other request is forwarded to the embedded DefaultServer.
func (Server) Decrypt ¶
func (ks Server) Decrypt(ctx context.Context, req *keyservice.DecryptRequest) (*keyservice.DecryptResponse, error)
Decrypt takes a decrypt request and decrypts the provided ciphertext with the provided key, returning the decrypted result.
func (Server) Encrypt ¶
func (ks Server) Encrypt(ctx context.Context, req *keyservice.EncryptRequest) (*keyservice.EncryptResponse, error)
Encrypt takes an encrypt request and encrypts the provided plaintext with the provided key, returning the encrypted result.