Package azkv contains an implementation of the interface that encrypts and decrypts the data key using Azure Key Vault with the Azure Go SDK.



    This section is empty.


    This section is empty.


    This section is empty.


    type MasterKey

    type MasterKey struct {
    	VaultURL string
    	Name     string
    	Version  string
    	EncryptedKey string
    	CreationDate time.Time

      MasterKey is a Azure Key Vault key used to encrypt and decrypt sops' data key.

      func MasterKeysFromURLs

      func MasterKeysFromURLs(urls string) ([]*MasterKey, error)

        MasterKeysFromURLs takes a comma separated list of Azure Key Vault URLs and returns a slice of new MasterKeys for them

        func NewMasterKey

        func NewMasterKey(vaultURL string, keyName string, keyVersion string) *MasterKey

          NewMasterKey creates a new MasterKey from an URL, key name and version, setting the creation date to the current date

          func NewMasterKeyFromURL

          func NewMasterKeyFromURL(url string) (*MasterKey, error)

            NewMasterKeyFromURL takes an Azure Key Vault key URL and returns a new MasterKey URL format is {vaultUrl}/keys/{key-name}/{key-version}

            func (*MasterKey) Decrypt

            func (key *MasterKey) Decrypt() ([]byte, error)

              Decrypt decrypts the EncryptedKey field with Azure Key Vault and returns the result.

              func (*MasterKey) Encrypt

              func (key *MasterKey) Encrypt(dataKey []byte) error

                Encrypt takes a sops data key, encrypts it with Key Vault and stores the result in the EncryptedKey field

                func (*MasterKey) EncryptIfNeeded

                func (key *MasterKey) EncryptIfNeeded(dataKey []byte) error

                  EncryptIfNeeded encrypts the provided sops' data key and encrypts it if it hasn't been encrypted yet

                  func (*MasterKey) EncryptedDataKey

                  func (key *MasterKey) EncryptedDataKey() []byte

                    EncryptedDataKey returns the encrypted data key this master key holds

                    func (*MasterKey) NeedsRotation

                    func (key *MasterKey) NeedsRotation() bool

                      NeedsRotation returns whether the data key needs to be rotated or not.

                      func (*MasterKey) SetEncryptedDataKey

                      func (key *MasterKey) SetEncryptedDataKey(enc []byte)

                        SetEncryptedDataKey sets the encrypted data key for this master key

                        func (MasterKey) ToMap

                        func (key MasterKey) ToMap() map[string]interface{}

                          ToMap converts the MasterKey to a map for serialization purposes

                          func (*MasterKey) ToString

                          func (key *MasterKey) ToString() string

                            ToString converts the key to a string representation

                            Source Files