Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DynamoDBEnvelope

type DynamoDBEnvelope struct {
	Revoked       bool                   `json:"Revoked,omitempty"`
	Created       int64                  `json:"Created"`
	EncryptedKey  string                 `json:"Key"`
	ParentKeyMeta *appencryption.KeyMeta `json:"ParentKeyMeta,omitempty"`
}

    DynamoDBEnvelope is used to convert the EncryptedKey to a Base64 encoded string to save in DynamoDB.

    type DynamoDBMetastore

    type DynamoDBMetastore struct {
    	// contains filtered or unexported fields
    }

      DynamoDBMetastore implements the Metastore interface.

      func (*DynamoDBMetastore) GetRegionSuffix

      func (d *DynamoDBMetastore) GetRegionSuffix() string

        GetRegionSuffix returns the DynamoDB region suffix or blank if not configured.

        func (*DynamoDBMetastore) GetTableName

        func (d *DynamoDBMetastore) GetTableName() string

          GetTableName returns the DynamoDB table name.

          func (*DynamoDBMetastore) Load

            Load returns the key matching the keyID and created times provided. The envelope will be nil if it does not exist in the metastore.

            func (*DynamoDBMetastore) LoadLatest

              LoadLatest returns the newest record matching the keyID. The return value will be nil if not already present.

              func (*DynamoDBMetastore) Store

              func (d *DynamoDBMetastore) Store(ctx context.Context, keyID string, created int64, envelope *appencryption.EnvelopeKeyRecord) (bool, error)

                Store attempts to insert the key into the metastore if one is not already present. If a key exists, the method will return false. If one is not present, the value will be inserted and we return true.

                type DynamoDBMetastoreOption

                type DynamoDBMetastoreOption func(d *DynamoDBMetastore, p client.ConfigProvider)

                  DynamoDBMetastoreOption is used to configure additional options in a DynamoDBMetastore.

                  func WithDynamoDBRegionSuffix

                  func WithDynamoDBRegionSuffix(enabled bool) DynamoDBMetastoreOption

                    WithDynamoDBRegionSuffix configures the DynamoDBMetastore to use a regional suffix for all writes. This feature should be enabled when using DynamoDB global tables to avoid write conflicts arising from the "last writer wins" method of conflict resolution.

                    func WithTableName

                    func WithTableName(table string) DynamoDBMetastoreOption

                      WithTableName configures the DynamoDBMetastore to use the specified table name.

                      type LoaderFunc

                      type LoaderFunc func(ctx context.Context, key interface{}) (*appencryption.DataRowRecord, error)

                        LoaderFunc is an adapter to allow the use of ordinary functions as Loaders. If f is a function with the appropriate signature, LoaderFunc(f) is an appencryption.Loader that calls f.

                        func (LoaderFunc) Load

                        func (f LoaderFunc) Load(ctx context.Context, key interface{}) (*appencryption.DataRowRecord, error)

                          Load calls f(ctx, key).

                          type MemoryMetastore

                          type MemoryMetastore struct {
                          	sync.RWMutex
                          
                          	Envelopes map[string]map[int64]*appencryption.EnvelopeKeyRecord
                          }

                            MemoryMetastore is an in-memory implementation of a Metastore. NOTE: It should not be used in production and is for testing only!

                            func NewMemoryMetastore

                            func NewMemoryMetastore() *MemoryMetastore

                              NewMemoryMetastore returns a new in-memory metastore.

                              func (*MemoryMetastore) Load

                                Load retrieves a specific key by id and created timestamp. The return value will be nil if not already present.

                                func (*MemoryMetastore) LoadLatest

                                  LoadLatest returns the latest key matching the provided ID. The return value will be nil if not already present.

                                  func (*MemoryMetastore) Store

                                  func (s *MemoryMetastore) Store(_ context.Context, keyID string, created int64, envelope *appencryption.EnvelopeKeyRecord) (bool, error)

                                    Store attempts to insert the key into the metastore if one is not already present. If a key exists, the method will return false. If one is not present, the value will be inserted and we return true.

                                    type SQLMetastore

                                    type SQLMetastore struct {
                                    	// contains filtered or unexported fields
                                    }

                                      SQLMetastore implements the Metastore interface for a RDBMS metastore. See scripts/encryption_key.sql for table structure and required stored procedures.

                                      func NewSQLMetastore

                                      func NewSQLMetastore(dbHandle *sql.DB) *SQLMetastore

                                        NewSQLMetastore returns a new SQLMetastore with the provided policy and sql connection.

                                        func (*SQLMetastore) Load

                                        func (s *SQLMetastore) Load(ctx context.Context, keyID string, created int64) (*appencryption.EnvelopeKeyRecord, error)

                                          Load returns the key matching the id and created timestamp provided. The envelope will be nil if it does not exist in the metastore.

                                          func (*SQLMetastore) LoadLatest

                                          func (s *SQLMetastore) LoadLatest(ctx context.Context, keyID string) (*appencryption.EnvelopeKeyRecord, error)

                                            LoadLatest returns the newest record matching the ID.

                                            func (*SQLMetastore) Store

                                            func (s *SQLMetastore) Store(ctx context.Context, keyID string, created int64, envelope *appencryption.EnvelopeKeyRecord) (bool, error)

                                              Store attempts to insert the key into the metastore if one is not already present. If a key exists, the method will return false. If one is not present, the value will be inserted and we return true. Note that as of this writing, the Go sql package doesn't expose a way to detect duplicate keys, so they are treated similarly to all errors that may happen in the insert.

                                              type StorerFunc

                                              type StorerFunc func(ctx context.Context, d appencryption.DataRowRecord) (interface{}, error)

                                                StorerFunc is an adapter to allow the use of ordinary functions as Storers. If f is a function with the appropriate signature, StorerFunc(f) is an appencryption.Storer that calls f.

                                                func (StorerFunc) Store

                                                func (f StorerFunc) Store(ctx context.Context, d appencryption.DataRowRecord) (interface{}, error)

                                                  Store calls f(ctx, key, d).

                                                  Directories

                                                  Path Synopsis