secrets

package

v0.0.0-...-95e6a1e Latest Latest Go to latest Published: Aug 26, 2021 License: GPL-2.0 Imports: 7 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nutmegdevelopment/nutcracker

Documentation ¶

Index ¶

Constants
func IsSealed() bool
func Seal()
func Unseal(masterKey *Secret, key []byte) (err error)
func Zero(in []byte)
type Key
type Secret
- func Initialise() (masterKey *Secret, err error)
- func New(name string, message []byte) (s *Secret, err error)

Constants ¶

View Source

const MasterKeyName = "master"

Variables ¶

This section is empty.

Functions ¶

func IsSealed ¶

func IsSealed() bool

func Seal ¶

func Seal()

func Unseal ¶

func Unseal(masterKey *Secret, key []byte) (err error)

func Zero ¶

func Zero(in []byte)

Zero wipes a byte slice in memory

Types ¶

type Key ¶

type Key struct {
	ID       uint   `gorm:"primary_key" json:"-"`
	Name     string `sql:"not null;unique" json:"Id,omitempty"`
	Key      []byte `json:",omitempty"`
	Nonce    []byte `json:"-"`
	Public   []byte `json:"-"`
	ReadOnly bool
	// contains filtered or unexported fields
}

func (*Key) Decrypt ¶

func (k *Key) Decrypt() (err error)

Decrypts the key with the master key. Requires the master key to be unsealed.

func (*Key) Display ¶

func (k *Key) Display() []byte

Display prints the unexported raw key

func (*Key) Encrypt ¶

func (k *Key) Encrypt()

Encrypts the key with the master key. Requires the master key to be unsealed.

func (*Key) New ¶

func (k *Key) New(name string) (err error)

Creates a new key

func (*Key) Zero ¶

func (k *Key) Zero()

Zero erases the private portion of a key in memory

type Secret ¶

type Secret struct {
	ID      uint   `gorm:"primary_key" json:"-"`
	Name    string `sql:"not null"`
	Message []byte `json:",omitempty"`
	Nonce   []byte `json:"-"`
	Key     Key    `json:",omitempty"`
	Pubkey  []byte `json:"-"`
	KeyID   uint   `json:"-"`
	Root    bool   `json:"-"`
}

func Initialise ¶

func Initialise() (masterKey *Secret, err error)

Create a new master secret.

func New ¶

func New(name string, message []byte) (s *Secret, err error)

New creates a new secret container with a unique key. Requires the master key to be unsealed.

func (*Secret) Decrypt ¶

func (s *Secret) Decrypt(shared *Secret, key []byte) (message []byte, err error)

Decrypt decrypts a secret given a shared key and a secret key provided by the user. This does not require the master key to be unsealed.

func (s *Secret) Share(key *Key) (shared *Secret, err error)

Share creates a shared key, which the given key can use to decrypt the secret. Requires the master key to be unsealed.

func (*Secret) Update ¶

func (s *Secret) Update(message []byte) (err error)

Source Files ¶

View all Source files

secrets.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL