Documentation ¶
Index ¶
- type AesKey
- func (k *AesKey) Decrypt(version uint32, ciphertext []byte, context map[string]*string) (plaintext []byte, err error)
- func (k *AesKey) EncryptAndPackage(plaintext []byte, context map[string]*string) (result []byte, err error)
- func (k *AesKey) GetArn() string
- func (k *AesKey) GetKeyType() KeyType
- func (k *AesKey) GetMetadata() *KeyMetadata
- func (k *AesKey) GetParametersForImport() *ParametersForImport
- func (k *AesKey) GetPolicy() string
- func (k *AesKey) ImportKeyMaterial(m []byte) error
- func (k *AesKey) RotateIfNeeded() bool
- func (k *AesKey) SetParametersForImport(p *ParametersForImport)
- func (k *AesKey) UnmarshalYAML(unmarshal func(interface{}) error) error
- type BaseKey
- type EccKey
- func (k *EccKey) GetArn() string
- func (k *EccKey) GetKeyType() KeyType
- func (k *EccKey) GetMetadata() *KeyMetadata
- func (k *EccKey) GetPolicy() string
- func (k *EccKey) HashAndSign(message []byte, algorithm SigningAlgorithm) ([]byte, error)
- func (k *EccKey) HashAndVerify(signature []byte, message []byte, algorithm SigningAlgorithm) (bool, error)
- func (k *EccKey) Sign(digest []byte, algorithm SigningAlgorithm) ([]byte, error)
- func (k *EccKey) UnmarshalYAML(unmarshal func(interface{}) error) error
- func (k *EccKey) Verify(signature []byte, digest []byte, algorithm SigningAlgorithm) (bool, error)
- type EcdsaPrivateKey
- type EncryptionAlgorithm
- type ExpirationModel
- type InvalidDigestLength
- type InvalidSigningAlgorithm
- type Key
- type KeyMetadata
- type KeyOrigin
- type KeySpec
- type KeyState
- type KeyType
- type KeyUsage
- type ParametersForImport
- type RsaKey
- func (k *RsaKey) Decrypt(ciphertext []byte, algorithm EncryptionAlgorithm) (plaintext []byte, err error)
- func (k *RsaKey) Encrypt(plaintext []byte, algorithm EncryptionAlgorithm) (result []byte, err error)
- func (k *RsaKey) GetArn() string
- func (k *RsaKey) GetKeyType() KeyType
- func (k *RsaKey) GetMetadata() *KeyMetadata
- func (k *RsaKey) GetPolicy() string
- func (k *RsaKey) HashAndSign(message []byte, algorithm SigningAlgorithm) ([]byte, error)
- func (k *RsaKey) HashAndVerify(signature []byte, message []byte, algorithm SigningAlgorithm) (bool, error)
- func (k *RsaKey) Sign(digest []byte, algorithm SigningAlgorithm) ([]byte, error)
- func (k *RsaKey) UnmarshalYAML(unmarshal func(interface{}) error) error
- func (k *RsaKey) Verify(signature []byte, digest []byte, algorithm SigningAlgorithm) (bool, error)
- type RsaPrivateKey
- type SigningAlgorithm
- type SigningKey
- type UnmarshalYAMLError
- type WrappingAlgorithm
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AesKey ¶
type AesKey struct { BaseKey BackingKeys [][32]byte NextKeyRotation time.Time ParametersForImport ParametersForImport }
func (*AesKey) EncryptAndPackage ¶
func (*AesKey) GetKeyType ¶
func (*AesKey) GetMetadata ¶
func (k *AesKey) GetMetadata() *KeyMetadata
func (*AesKey) GetParametersForImport ¶
func (k *AesKey) GetParametersForImport() *ParametersForImport
func (*AesKey) ImportKeyMaterial ¶
func (*AesKey) RotateIfNeeded ¶
func (*AesKey) SetParametersForImport ¶
func (k *AesKey) SetParametersForImport(p *ParametersForImport)
func (*AesKey) UnmarshalYAML ¶
type BaseKey ¶
type BaseKey struct { Type KeyType Metadata KeyMetadata Policy string }
type EccKey ¶
type EccKey struct { BaseKey PrivateKey EcdsaPrivateKey }
func (*EccKey) GetKeyType ¶
func (*EccKey) GetMetadata ¶
func (k *EccKey) GetMetadata() *KeyMetadata
func (*EccKey) HashAndSign ¶
func (k *EccKey) HashAndSign(message []byte, algorithm SigningAlgorithm) ([]byte, error)
func (*EccKey) HashAndVerify ¶
func (*EccKey) Sign ¶
func (k *EccKey) Sign(digest []byte, algorithm SigningAlgorithm) ([]byte, error)
func (*EccKey) UnmarshalYAML ¶
---------------------------------------------------- Construct key from YAML (seeding) ---
type EcdsaPrivateKey ¶
type EcdsaPrivateKey ecdsa.PrivateKey
We create our own type to manage JSON Marshaling
func (*EcdsaPrivateKey) MarshalJSON ¶
func (k *EcdsaPrivateKey) MarshalJSON() ([]byte, error)
func (*EcdsaPrivateKey) UnmarshalJSON ¶
func (k *EcdsaPrivateKey) UnmarshalJSON(data []byte) error
ecdsa.PrivateKey.Curve is an interface type, so we need to Unmarshal it ourselves to set the concrete type.
type EncryptionAlgorithm ¶
type EncryptionAlgorithm string
const ( EncryptionAlgorithmAes EncryptionAlgorithm = "SYMMETRIC_DEFAULT" EncryptionAlgorithmRsaOaepSha1 EncryptionAlgorithm = "RSAES_OAEP_SHA_1" EncryptionAlgorithmRsaOaepSha256 EncryptionAlgorithm = "RSAES_OAEP_SHA_256" )
type ExpirationModel ¶
type ExpirationModel string
const ( ExpirationModelKeyMaterialExpires ExpirationModel = "KEY_MATERIAL_EXPIRES" ExpirationModelKeyMaterialDoesNotExpire ExpirationModel = "KEY_MATERIAL_DOES_NOT_EXPIRE" )
type InvalidDigestLength ¶
type InvalidDigestLength struct{}
func (*InvalidDigestLength) Error ¶
func (v *InvalidDigestLength) Error() string
type InvalidSigningAlgorithm ¶
type InvalidSigningAlgorithm struct{}
func (*InvalidSigningAlgorithm) Error ¶
func (v *InvalidSigningAlgorithm) Error() string
type Key ¶
type Key interface { GetArn() string GetPolicy() string GetKeyType() KeyType GetMetadata() *KeyMetadata }
type KeyMetadata ¶
type KeyMetadata struct { AWSAccountId string `json:",omitempty"` Arn string `json:",omitempty"` CreationDate int64 `json:",omitempty"` DeletionDate int64 `json:",omitempty"` Description *string `yaml:"Description"` Enabled bool `yaml:"Enabled"` ExpirationModel ExpirationModel `json:",omitempty"` KeyId string `json:",omitempty" yaml:"KeyId"` KeyManager string `json:",omitempty"` KeyState KeyState `json:",omitempty"` KeyUsage KeyUsage `json:",omitempty" yaml:"KeyUsage"` Origin KeyOrigin `json:",omitempty" yaml:"Origin"` ValidTo int64 `json:",omitempty"` SigningAlgorithms []SigningAlgorithm `json:",omitempty"` EncryptionAlgorithms []EncryptionAlgorithm `json:",omitempty"` KeySpec KeySpec `json:",omitempty"` CustomerMasterKeySpec KeySpec `json:",omitempty"` }
type KeySpec ¶
type KeySpec string
const ( SpecSymmetricDefault KeySpec = "SYMMETRIC_DEFAULT" SpecEccNistP256 KeySpec = "ECC_NIST_P256" SpecEccNistP384 KeySpec = "ECC_NIST_P384" SpecEccNistP521 KeySpec = "ECC_NIST_P521" SpecEccSecp256k1 KeySpec = "ECC_SECG_P256K1" SpecRsa2048 KeySpec = "RSA_2048" SpecRsa3072 KeySpec = "RSA_3072" SpecRsa4096 KeySpec = "RSA_4096" )
type ParametersForImport ¶
type ParametersForImport struct { ParametersValidTo int64 ImportToken []byte PrivateKey rsa.PrivateKey WrappingAlgorithm WrappingAlgorithm }
type RsaKey ¶
type RsaKey struct { BaseKey PrivateKey RsaPrivateKey }
func (*RsaKey) Decrypt ¶
func (k *RsaKey) Decrypt(ciphertext []byte, algorithm EncryptionAlgorithm) (plaintext []byte, err error)
func (*RsaKey) Encrypt ¶
func (k *RsaKey) Encrypt(plaintext []byte, algorithm EncryptionAlgorithm) (result []byte, err error)
func (*RsaKey) GetKeyType ¶
func (*RsaKey) GetMetadata ¶
func (k *RsaKey) GetMetadata() *KeyMetadata
func (*RsaKey) HashAndSign ¶
func (k *RsaKey) HashAndSign(message []byte, algorithm SigningAlgorithm) ([]byte, error)
func (*RsaKey) HashAndVerify ¶
func (*RsaKey) Sign ¶
func (k *RsaKey) Sign(digest []byte, algorithm SigningAlgorithm) ([]byte, error)
func (*RsaKey) UnmarshalYAML ¶
---------------------------------------------------- Construct key from YAML (seeding) ---
type RsaPrivateKey ¶
type RsaPrivateKey rsa.PrivateKey
type SigningAlgorithm ¶
type SigningAlgorithm string
const ( SigningAlgorithmEcdsaSha256 SigningAlgorithm = "ECDSA_SHA_256" SigningAlgorithmEcdsaSha384 SigningAlgorithm = "ECDSA_SHA_384" SigningAlgorithmEcdsaSha512 SigningAlgorithm = "ECDSA_SHA_512" SigningAlgorithmRsaPssSha256 SigningAlgorithm = "RSASSA_PSS_SHA_256" SigningAlgorithmRsaPssSha384 SigningAlgorithm = "RSASSA_PSS_SHA_384" SigningAlgorithmRsaPssSha512 SigningAlgorithm = "RSASSA_PSS_SHA_512" SigningAlgorithmRsaPkcsSha256 SigningAlgorithm = "RSASSA_PKCS1_V1_5_SHA_256" SigningAlgorithmRsaPkcsSha384 SigningAlgorithm = "RSASSA_PKCS1_V1_5_SHA_384" SigningAlgorithmRsaPkcsSha512 SigningAlgorithm = "RSASSA_PKCS1_V1_5_SHA_512" )
type SigningKey ¶
type SigningKey interface { Key Sign(digest []byte, algorithm SigningAlgorithm) ([]byte, error) HashAndSign(message []byte, algorithm SigningAlgorithm) ([]byte, error) Verify(signature []byte, digest []byte, algorithm SigningAlgorithm) (bool, error) HashAndVerify(signature []byte, digest []byte, algorithm SigningAlgorithm) (bool, error) }
type UnmarshalYAMLError ¶
type UnmarshalYAMLError struct {
// contains filtered or unexported fields
}
func (*UnmarshalYAMLError) Error ¶
func (e *UnmarshalYAMLError) Error() string
type WrappingAlgorithm ¶
type WrappingAlgorithm string
const ( WrappingAlgorithmPkcs1V15 WrappingAlgorithm = "RSAES_PKCS1_V1_5" WrappingAlgorithmOaepSha1 WrappingAlgorithm = "RSAES_OAEP_SHA_1" WrappingAlgorithmOaepSh256 WrappingAlgorithm = "RSAES_OAEP_SHA_256" )
Click to show internal directories.
Click to hide internal directories.