Documentation ¶
Index ¶
- func Decrypt(v Vault, id string, down provider.Downloader) (provider.Downloader, error)
- func Encrypt(v Vault, id, alg string, up provider.Uploader) (provider.Uploader, error)
- type Cipher
- type DecryptedDownloader
- type EncryptedUploader
- type FixedKeyResolver
- type FixedKeySource
- type NilVault
- type Vault
- type VaultProvider
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Decrypt ¶
func Decrypt(v Vault, id string, down provider.Downloader) (provider.Downloader, error)
Types ¶
type DecryptedDownloader ¶
type DecryptedDownloader struct {
// contains filtered or unexported fields
}
func (DecryptedDownloader) Close ¶
func (d DecryptedDownloader) Close() error
func (DecryptedDownloader) ReadCompressed ¶
func (d DecryptedDownloader) ReadCompressed() int64
func (DecryptedDownloader) ReadUncompressed ¶
func (d DecryptedDownloader) ReadUncompressed() int64
type EncryptedUploader ¶
type EncryptedUploader struct {
// contains filtered or unexported fields
}
func (EncryptedUploader) Cancel ¶
func (e EncryptedUploader) Cancel() error
func (EncryptedUploader) Close ¶
func (e EncryptedUploader) Close() error
func (EncryptedUploader) Path ¶
func (e EncryptedUploader) Path() string
func (EncryptedUploader) WroteCompressed ¶
func (e EncryptedUploader) WroteCompressed() int64
func (EncryptedUploader) WroteUncompressed ¶
func (e EncryptedUploader) WroteUncompressed() int64
type FixedKeyResolver ¶ added in v1.3.0
type FixedKeySource ¶ added in v1.0.4
type FixedKeySource struct { // Enabled turns on fixed key derivation. // Enabled bool // PBKDF2 is the id of a secret, stored in the provider // backend vault, from which we will derive encrpytion // parameters. // PBKDF2 string // Literal provides paths to algorithm-specific key and // initialization vector values stored in the vault. // Literal struct { AES128 struct { Key string IV string } AES192 struct { Key string IV string } AES256 struct { Key string IV string } } }
FixedKeySource represents operator configuration for the source and derivation of a single fixed cipher's static key and initialization vector.
We currently support the following methods:
PBKDF2 Password-Based Key Derivation; the operator points us at a secret *in* the vault, and we use that as an input to a deterministic function for deriving key + iv. Literal The key and the iv, encoded as fixed-length hexadecimal values, are to be found in the vault at fixed locations. Different paths (ids) in the vault are used for different algorithms.
type NilVault ¶
type NilVault struct{}
func (NilVault) FixedKeyResolver ¶ added in v1.3.0
func (NilVault) FixedKeyResolver() FixedKeyResolver
Click to show internal directories.
Click to hide internal directories.