Back to godoc.org
github.com/hashicorp/vault/helper/pgpkeys

package pgpkeys

v1.4.3
Latest Go to latest
Published: 4 days ago | License: MPL-2.0 | Module: github.com/hashicorp/vault

Index

Constants

const (
	TestPrivKey1 = "" /* 3724 byte string literal not displayed */

	TestPrivKey2 = "" /* 3724 byte string literal not displayed */

	TestPrivKey3 = "" /* 3724 byte string literal not displayed */

	TestPubKey1 = "" /* 1965 byte string literal not displayed */

	TestPubKey2 = "" /* 1965 byte string literal not displayed */

	TestPubKey3 = "" /* 1965 byte string literal not displayed */

	TestAAPubKey1 = "" /* 2067 byte string literal not displayed */

)

func DecryptBytes

func DecryptBytes(encodedCrypt, privKey string) (*bytes.Buffer, error)

DecryptBytes takes in base64-encoded encrypted bytes and the base64-encoded private key and decrypts it. A bytes.Buffer is returned to allow the caller to do useful thing with it (get it as a []byte, get it as a string, use it as an io.Reader, etc), and also because this function doesn't know if what comes out is binary data or a string, so let the caller decide.

func EncryptShares

func EncryptShares(input [][]byte, pgpKeys []string) ([]string, [][]byte, error)

EncryptShares takes an ordered set of byte slices to encrypt and the corresponding base64-encoded public keys to encrypt them with, encrypts each byte slice with the corresponding public key.

Note: There is no corresponding test function; this functionality is thoroughly tested in the init and rekey command unit tests

func FetchKeybasePubkeys

func FetchKeybasePubkeys(input []string) (map[string]string, error)

FetchKeybasePubkeys fetches public keys from Keybase given a set of usernames, which are derived from correctly formatted input entries. It doesn't use their client code due to both the API and the fact that it is considered alpha and probably best not to rely on it. The keys are returned as base64-encoded strings.

func GetEntities

func GetEntities(pgpKeys []string) ([]*openpgp.Entity, error)

GetEntities takes in a string array of base64-encoded PGP keys and returns the openpgp Entities

func GetFingerprints

func GetFingerprints(pgpKeys []string, entities []*openpgp.Entity) ([]string, error)

GetFingerprints takes in a list of openpgp Entities and returns the fingerprints. If entities is nil, it will instead parse both entities and fingerprints from the pgpKeys string slice.

func ParsePGPKeys

func ParsePGPKeys(keyfiles []string) ([]string, error)

ParsePGPKeys takes a list of PGP keys and parses them either using keybase or reading them from disk and returns the "expanded" list of pgp keys in the same order.

func ReadPGPFile

func ReadPGPFile(path string) (string, error)

ReadPGPFile reads the given PGP file from disk.

type PubKeyFileFlag

type PubKeyFileFlag string

PubKeyFileFlag implements flag.Value and command.Example to receive exactly one PGP or keybase key via a flag.

func (*PubKeyFileFlag) Example

func (p *PubKeyFileFlag) Example() string

func (*PubKeyFileFlag) Set

func (p *PubKeyFileFlag) Set(val string) error

func (*PubKeyFileFlag) String

func (p *PubKeyFileFlag) String() string

type PubKeyFilesFlag

type PubKeyFilesFlag []string

PGPPubKeyFiles implements the flag.Value interface and allows parsing and reading a list of PGP public key files.

func (*PubKeyFilesFlag) Example

func (p *PubKeyFilesFlag) Example() string

func (*PubKeyFilesFlag) Set

func (p *PubKeyFilesFlag) Set(val string) error

func (*PubKeyFilesFlag) String

func (p *PubKeyFilesFlag) String() string
Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
f or F : Jump to identifier