core

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 9, 2022 License: MIT Imports: 3 Imported by: 0

Documentation

Overview

Package core contains the encryption logic model and service interfaces.

Index

Constants

View Source 
const (
	StateActive   = "ACTIVE"
	StateDisabled = "DISABLED"
	StateDeleted  = "DELETED"
)

Encryption key lifecycle states.

Variables

View Source 
var (
	ErrPeristKeyFailure  = errors.New("failed to persist encryption key(s)")
	ErrGetKeyFailure     = errors.New("failed to get encryption key(s)")
	ErrRenableKeyFailure = errors.New("failed to renable encryption key(s)")
	ErrDisableKeyFailure = errors.New("failed to disable encryption key")
	ErrDeleteKeyFailure  = errors.New("failed to delete encryption key")
	ErrKeyNotFound       = errors.New("encryption key not found")
)

Errors returned by KeyEngine implementations

View Source 
var (
	ErrEnryptionFailure  = errors.New("failed to encrypt data")
	ErrDecryptionFailure = errors.New("failed to decrypt data")
)

Errors returned by Encrypter implementations

Functions

This section is empty.

Types

type Encrypter 

type Encrypter interface {

	// Encrypt encrypts the given plain text values and returns a cipher text.
	Encrypt(namespace string, key Key, plainTxt string) (cipherTxt string, err error)

	// Decrypt decrypts the given cipher text and return the original value.
	Decrypt(namespace string, key Key, cipherTxt string) (plainTxt string, err error)

	// KeyGen returns a function that generates a valid key
	// according to the implemented algorithm.
	KeyGen() KeyGen
}

Encrypter presents a service responsible for implementing encryption logic based on a specific algorithm.

type IDKey 

type IDKey struct {
	// contains filtered or unexported fields
}

IDKey presents a pair to combine a Key and its ID.

func NewIDKey 

func NewIDKey(id, key string) IDKey

NewIDKey returns new IdKey value of the given Key and ID.

func (IDKey) ID 

func (ik IDKey) ID() string

func (IDKey) Key 

func (ik IDKey) Key() Key

type Key 

type Key string

Key presents the plain text value of an encryption key

func (Key) String 

func (k Key) String() string

String overwrites the default to string behavior to protect the key sensitive value.

type KeyEngine 

type KeyEngine interface {

	// GetKeys returns a map of keys for the given keyIDs within the given namespace.
	// It doesn't return a key if it's disabled or deleted.
	// The total count of the result should be less or equal to keyIDs' count.
	// The returned map of keys is indexed by keyIDs.
	GetKeys(ctx context.Context, namespace string, keyIDs []string) (keys KeyMap, err error)

	// GetOrCreateKeys returns the existing keys for the given keyIDs
	// within the given namespace and creates new ones for the fresh new keyIDs.
	//
	// Note that it will not create a new key for a deleted keyID.
	GetOrCreateKeys(ctx context.Context, namespace string, keyIDs []string, keyGen KeyGen) (KeyMap, error)

	// DisableKey disables the associated key of the given keyID.
	// It returns ErrKeyNotFound error if the key is already deleted.
	DisableKey(ctx context.Context, namespace, keyID string) error

	// RenableKey renables the associated key of the given keyID.
	// It returns ErrKeyNotFound error if the key is already deleted.
	RenableKey(ctx context.Context, namespace, keyID string) error

	// DeleteKey deletes the associated key of the given keyID.
	DeleteKey(ctx context.Context, namespace, keyID string) error

	// DeleteUnusedKeys delete unused keys which were disabled
	// for longer or equal to the configured grace period.
	DeleteUnusedKeys(ctx context.Context, namespace string) error
}

KeyEngine presents the service responsible for managing encryption keys.

type KeyEngineCache 

type KeyEngineCache interface {
	KeyEngineWrapper

	// ClearCache invalidates the cache of encryption keys based on a time-to-live configuration.
	// 'force' parameter allows to bypass the TTL check and immediately invalidates the cache.
	ClearCache(ctx context.Context, namespace string, force bool) error
}

KeyEngineCache is a KetEngine wrapper used for cache purpose.

type KeyEngineConfig 

type KeyEngineConfig struct {
	GracePeriod time.Duration
}

KeyEngineConfig presents the basic configuration of KeyEngine Implementations may extend it and add specific configuration.

func NewKeyEngineConfig 

func NewKeyEngineConfig() KeyEngineConfig

NewKeyEngineConfig returns a default KeyEngineConfig mainly to avoid an empty GracePeriod configuration which seems to be critical.

type KeyEngineWrapper 

type KeyEngineWrapper interface {
	KeyEngine

	// Origin returns the wrapped Key engine.
	Origin() KeyEngine
}

KeyEngineWrapper presents a wrapper on top of an existing Key engine. It overrides and enhances behaviors such as caching and client-side encryption of keys' values.

type KeyGen 

type KeyGen func(ctx context.Context, namespace, keyID string) (string, error)

KeyGen presents a function used by Key engines to generate keys

type KeyMap 

type KeyMap map[string]Key

KeyMap presents a map of Keys indexed by keyID.

func NewKeyMap 

func NewKeyMap() KeyMap

NewKeyMap returns a new empty KeyMap.

func (KeyMap) KeyIDs 

func (km KeyMap) KeyIDs() []string

KeyIDs returns Key IDs.

type KeyState 

type KeyState string

KeyState presents encryption key lifecycle states

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.