The highest tagged major version is v8.

grant

package

v3.0.1+incompatible Latest Latest Go to latest Published: Mar 4, 2019 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/monax/hoard

Links

Open Source Insights

Documentation ¶

Index ¶

func DeriveSecretKey(secret, salt []byte) ([]byte, error)
func OpenPGPGrant(ref *reference.Ref, public string, keyring *secrets.OpenPGPSecret) ([]byte, error)
func OpenPGPReference(grant []byte, keyring *secrets.OpenPGPSecret) (*reference.Ref, error)
func PlaintextGrant(ref *reference.Ref) []byte
func PlaintextReference(ciphertext []byte) *reference.Ref
func SymmetricGrant(ref *reference.Ref, secret []byte) ([]byte, error)
func SymmetricReference(ciphertext, secret []byte) (*reference.Ref, error)
func Unseal(secret secrets.Manager, grt *Grant) (*reference.Ref, error)
type Grant
- func Seal(secret secrets.Manager, ref *reference.Ref, spec *Spec) (*Grant, error)
type OpenPGPSpec
type PlaintextSpec
type Spec
type SymmetricSpec

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DeriveSecretKey ¶

func DeriveSecretKey(secret, salt []byte) ([]byte, error)

func OpenPGPGrant ¶

func OpenPGPGrant(ref *reference.Ref, public string, keyring *secrets.OpenPGPSecret) ([]byte, error)

OpenPGPGrant encrypts and signs a given reference

func OpenPGPReference ¶

func OpenPGPReference(grant []byte, keyring *secrets.OpenPGPSecret) (*reference.Ref, error)

OpenPGPReference decrypts a given grant

func PlaintextGrant ¶

func PlaintextGrant(ref *reference.Ref) []byte

PlaintextGrant returns an encoded reference

func PlaintextReference ¶

func PlaintextReference(ciphertext []byte) *reference.Ref

PlaintextReference decodes the grant

func SymmetricGrant ¶

func SymmetricGrant(ref *reference.Ref, secret []byte) ([]byte, error)

SymmetricGrant encrypts the given reference based on a secret read from the provider store

func SymmetricReference ¶

func SymmetricReference(ciphertext, secret []byte) (*reference.Ref, error)

SymmetricReference decrypts the given grant based on a secret read from the provider store

func Unseal ¶

func Unseal(secret secrets.Manager, grt *Grant) (*reference.Ref, error)

Unseal a Grant exposing its secret reference

Types ¶

type Grant ¶

type Grant struct {
	// The grantSpec provides sufficient information to decrypt the reference
	// if hoard has access to the requisite secret
	Spec                 *Spec    `protobuf:"bytes,1,opt,name=Spec" json:"Spec,omitempty"`
	EncryptedReference   []byte   `protobuf:"bytes,2,opt,name=EncryptedReference,proto3" json:"EncryptedReference,omitempty"`
	Version              int32    `protobuf:"varint,3,opt,name=Version,proto3" json:"Version,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func Seal ¶

func Seal(secret secrets.Manager, ref *reference.Ref, spec *Spec) (*Grant, error)

Seal this reference into a Grant as specified by Spec

func (*Grant) Descriptor ¶

func (*Grant) Descriptor() ([]byte, []int)

func (*Grant) GetEncryptedReference ¶

func (m *Grant) GetEncryptedReference() []byte

func (*Grant) GetSpec ¶

func (m *Grant) GetSpec() *Spec

func (*Grant) GetVersion ¶

func (m *Grant) GetVersion() int32

func (*Grant) ProtoMessage ¶

func (*Grant) ProtoMessage()

func (*Grant) ProtoSize ¶

func (m *Grant) ProtoSize() (n int)

func (*Grant) Reset ¶

func (m *Grant) Reset()

func (*Grant) String ¶

func (m *Grant) String() string

func (*Grant) XXX_DiscardUnknown ¶

func (m *Grant) XXX_DiscardUnknown()

func (*Grant) XXX_Marshal ¶

func (m *Grant) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Grant) XXX_Merge ¶

func (dst *Grant) XXX_Merge(src proto.Message)

func (*Grant) XXX_Size ¶

func (m *Grant) XXX_Size() int

func (*Grant) XXX_Unmarshal ¶

func (m *Grant) XXX_Unmarshal(b []byte) error

type OpenPGPSpec ¶

type OpenPGPSpec struct {
	PublicKey            string   `protobuf:"bytes,1,opt,name=PublicKey,proto3" json:"PublicKey,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*OpenPGPSpec) Descriptor ¶

func (*OpenPGPSpec) Descriptor() ([]byte, []int)

func (*OpenPGPSpec) GetPublicKey ¶

func (m *OpenPGPSpec) GetPublicKey() string

func (*OpenPGPSpec) ProtoMessage ¶

func (*OpenPGPSpec) ProtoMessage()

func (*OpenPGPSpec) ProtoSize ¶

func (m *OpenPGPSpec) ProtoSize() (n int)

func (*OpenPGPSpec) Reset ¶

func (m *OpenPGPSpec) Reset()

func (*OpenPGPSpec) String ¶

func (m *OpenPGPSpec) String() string

func (*OpenPGPSpec) XXX_DiscardUnknown ¶

func (m *OpenPGPSpec) XXX_DiscardUnknown()

func (*OpenPGPSpec) XXX_Marshal ¶

func (m *OpenPGPSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*OpenPGPSpec) XXX_Merge ¶

func (dst *OpenPGPSpec) XXX_Merge(src proto.Message)

func (*OpenPGPSpec) XXX_Size ¶

func (m *OpenPGPSpec) XXX_Size() int

func (*OpenPGPSpec) XXX_Unmarshal ¶

func (m *OpenPGPSpec) XXX_Unmarshal(b []byte) error

type PlaintextSpec ¶

type PlaintextSpec struct {
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*PlaintextSpec) Descriptor ¶

func (*PlaintextSpec) Descriptor() ([]byte, []int)

func (*PlaintextSpec) ProtoMessage ¶

func (*PlaintextSpec) ProtoMessage()

func (*PlaintextSpec) ProtoSize ¶

func (m *PlaintextSpec) ProtoSize() (n int)

func (*PlaintextSpec) Reset ¶

func (m *PlaintextSpec) Reset()

func (*PlaintextSpec) String ¶

func (m *PlaintextSpec) String() string

func (*PlaintextSpec) XXX_DiscardUnknown ¶

func (m *PlaintextSpec) XXX_DiscardUnknown()

func (*PlaintextSpec) XXX_Marshal ¶

func (m *PlaintextSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PlaintextSpec) XXX_Merge ¶

func (dst *PlaintextSpec) XXX_Merge(src proto.Message)

func (*PlaintextSpec) XXX_Size ¶

func (m *PlaintextSpec) XXX_Size() int

func (*PlaintextSpec) XXX_Unmarshal ¶

func (m *PlaintextSpec) XXX_Unmarshal(b []byte) error

type Spec ¶

type Spec struct {
	Plaintext            *PlaintextSpec `protobuf:"bytes,1,opt,name=Plaintext" json:"Plaintext,omitempty"`
	Symmetric            *SymmetricSpec `protobuf:"bytes,2,opt,name=Symmetric" json:"Symmetric,omitempty"`
	OpenPGP              *OpenPGPSpec   `protobuf:"bytes,3,opt,name=OpenPGP" json:"OpenPGP,omitempty"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

func (*Spec) Descriptor ¶

func (*Spec) Descriptor() ([]byte, []int)

func (*Spec) GetOpenPGP ¶

func (m *Spec) GetOpenPGP() *OpenPGPSpec

func (*Spec) GetPlaintext ¶

func (m *Spec) GetPlaintext() *PlaintextSpec

func (*Spec) GetSymmetric ¶

func (m *Spec) GetSymmetric() *SymmetricSpec

func (*Spec) GetValue ¶

func (this *Spec) GetValue() interface{}

func (*Spec) ProtoMessage ¶

func (*Spec) ProtoMessage()

func (*Spec) ProtoSize ¶

func (m *Spec) ProtoSize() (n int)

func (*Spec) Reset ¶

func (m *Spec) Reset()

func (*Spec) SetValue ¶

func (this *Spec) SetValue(value interface{}) bool

func (*Spec) String ¶

func (m *Spec) String() string

func (*Spec) XXX_DiscardUnknown ¶

func (m *Spec) XXX_DiscardUnknown()

func (*Spec) XXX_Marshal ¶

func (m *Spec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Spec) XXX_Merge ¶

func (dst *Spec) XXX_Merge(src proto.Message)

func (*Spec) XXX_Size ¶

func (m *Spec) XXX_Size() int

func (*Spec) XXX_Unmarshal ¶

func (m *Spec) XXX_Unmarshal(b []byte) error

type SymmetricSpec ¶

type SymmetricSpec struct {
	// A non-secret identifier for a secret that is 'known' to Hoard (accessible via store or config)
	PublicID             string   `protobuf:"bytes,1,opt,name=PublicID,proto3" json:"PublicID,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*SymmetricSpec) Descriptor ¶

func (*SymmetricSpec) Descriptor() ([]byte, []int)

func (*SymmetricSpec) GetPublicID ¶

func (m *SymmetricSpec) GetPublicID() string

func (*SymmetricSpec) ProtoMessage ¶

func (*SymmetricSpec) ProtoMessage()

func (*SymmetricSpec) ProtoSize ¶

func (m *SymmetricSpec) ProtoSize() (n int)

func (*SymmetricSpec) Reset ¶

func (m *SymmetricSpec) Reset()

func (*SymmetricSpec) String ¶

func (m *SymmetricSpec) String() string

func (*SymmetricSpec) XXX_DiscardUnknown ¶

func (m *SymmetricSpec) XXX_DiscardUnknown()

func (*SymmetricSpec) XXX_Marshal ¶

func (m *SymmetricSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SymmetricSpec) XXX_Merge ¶

func (dst *SymmetricSpec) XXX_Merge(src proto.Message)

func (*SymmetricSpec) XXX_Size ¶

func (m *SymmetricSpec) XXX_Size() int

func (*SymmetricSpec) XXX_Unmarshal ¶

func (m *SymmetricSpec) XXX_Unmarshal(b []byte) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL