keyservice

package
Version: v0.0.0-...-14a22d7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 12, 2019 License: MPL-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package keyservice implements a gRPC API that can be used by SOPS to encrypt and decrypt the data key using remote master keys.

Package keyservice is a generated protocol buffer package.

It is generated from these files:

keyservice/keyservice.proto

It has these top-level messages:

Key
PgpKey
KmsKey
GcpKmsKey
AzureKeyVaultKey
EncryptRequest
EncryptResponse
DecryptRequest
DecryptResponse

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RegisterKeyServiceServer

func RegisterKeyServiceServer(s *grpc.Server, srv KeyServiceServer)

Types

type AzureKeyVaultKey

type AzureKeyVaultKey struct {
	VaultUrl string `protobuf:"bytes,1,opt,name=vault_url,json=vaultUrl" json:"vault_url,omitempty"`
	Name     string `protobuf:"bytes,2,opt,name=name" json:"name,omitempty"`
	Version  string `protobuf:"bytes,3,opt,name=version" json:"version,omitempty"`
}

func (*AzureKeyVaultKey) Descriptor

func (*AzureKeyVaultKey) Descriptor() ([]byte, []int)

func (*AzureKeyVaultKey) GetName

func (m *AzureKeyVaultKey) GetName() string

func (*AzureKeyVaultKey) GetVaultUrl

func (m *AzureKeyVaultKey) GetVaultUrl() string

func (*AzureKeyVaultKey) GetVersion

func (m *AzureKeyVaultKey) GetVersion() string

func (*AzureKeyVaultKey) ProtoMessage

func (*AzureKeyVaultKey) ProtoMessage()

func (*AzureKeyVaultKey) Reset

func (m *AzureKeyVaultKey) Reset()

func (*AzureKeyVaultKey) String

func (m *AzureKeyVaultKey) String() string

type DecryptRequest

type DecryptRequest struct {
	Key        *Key   `protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
	Ciphertext []byte `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
}

func (*DecryptRequest) Descriptor

func (*DecryptRequest) Descriptor() ([]byte, []int)

func (*DecryptRequest) GetCiphertext

func (m *DecryptRequest) GetCiphertext() []byte

func (*DecryptRequest) GetKey

func (m *DecryptRequest) GetKey() *Key

func (*DecryptRequest) ProtoMessage

func (*DecryptRequest) ProtoMessage()

func (*DecryptRequest) Reset

func (m *DecryptRequest) Reset()

func (*DecryptRequest) String

func (m *DecryptRequest) String() string

type DecryptResponse

type DecryptResponse struct {
	Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`
}

func (*DecryptResponse) Descriptor

func (*DecryptResponse) Descriptor() ([]byte, []int)

func (*DecryptResponse) GetPlaintext

func (m *DecryptResponse) GetPlaintext() []byte

func (*DecryptResponse) ProtoMessage

func (*DecryptResponse) ProtoMessage()

func (*DecryptResponse) Reset

func (m *DecryptResponse) Reset()

func (*DecryptResponse) String

func (m *DecryptResponse) String() string

type EncryptRequest

type EncryptRequest struct {
	Key       *Key   `protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
	Plaintext []byte `protobuf:"bytes,2,opt,name=plaintext,proto3" json:"plaintext,omitempty"`
}

func (*EncryptRequest) Descriptor

func (*EncryptRequest) Descriptor() ([]byte, []int)

func (*EncryptRequest) GetKey

func (m *EncryptRequest) GetKey() *Key

func (*EncryptRequest) GetPlaintext

func (m *EncryptRequest) GetPlaintext() []byte

func (*EncryptRequest) ProtoMessage

func (*EncryptRequest) ProtoMessage()

func (*EncryptRequest) Reset

func (m *EncryptRequest) Reset()

func (*EncryptRequest) String

func (m *EncryptRequest) String() string

type EncryptResponse

type EncryptResponse struct {
	Ciphertext []byte `protobuf:"bytes,1,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
}

func (*EncryptResponse) Descriptor

func (*EncryptResponse) Descriptor() ([]byte, []int)

func (*EncryptResponse) GetCiphertext

func (m *EncryptResponse) GetCiphertext() []byte

func (*EncryptResponse) ProtoMessage

func (*EncryptResponse) ProtoMessage()

func (*EncryptResponse) Reset

func (m *EncryptResponse) Reset()

func (*EncryptResponse) String

func (m *EncryptResponse) String() string

type GcpKmsKey

type GcpKmsKey struct {
	ResourceId string `protobuf:"bytes,1,opt,name=resource_id,json=resourceId" json:"resource_id,omitempty"`
}

func (*GcpKmsKey) Descriptor

func (*GcpKmsKey) Descriptor() ([]byte, []int)

func (*GcpKmsKey) GetResourceId

func (m *GcpKmsKey) GetResourceId() string

func (*GcpKmsKey) ProtoMessage

func (*GcpKmsKey) ProtoMessage()

func (*GcpKmsKey) Reset

func (m *GcpKmsKey) Reset()

func (*GcpKmsKey) String

func (m *GcpKmsKey) String() string

type Key

type Key struct {
	// Types that are valid to be assigned to KeyType:
	//	*Key_KmsKey
	//	*Key_PgpKey
	//	*Key_GcpKmsKey
	//	*Key_AzureKeyvaultKey
	KeyType isKey_KeyType `protobuf_oneof:"key_type"`
}

func KeyFromMasterKey

func KeyFromMasterKey(mk keys.MasterKey) Key

KeyFromMasterKey converts a SOPS internal MasterKey to an RPC Key that can be serialized with Protocol Buffers

func (*Key) Descriptor

func (*Key) Descriptor() ([]byte, []int)

func (*Key) GetAzureKeyvaultKey

func (m *Key) GetAzureKeyvaultKey() *AzureKeyVaultKey

func (*Key) GetGcpKmsKey

func (m *Key) GetGcpKmsKey() *GcpKmsKey

func (*Key) GetKeyType

func (m *Key) GetKeyType() isKey_KeyType

func (*Key) GetKmsKey

func (m *Key) GetKmsKey() *KmsKey

func (*Key) GetPgpKey

func (m *Key) GetPgpKey() *PgpKey

func (*Key) ProtoMessage

func (*Key) ProtoMessage()

func (*Key) Reset

func (m *Key) Reset()

func (*Key) String

func (m *Key) String() string

func (*Key) XXX_OneofFuncs

func (*Key) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

type KeyServiceClient

type KeyServiceClient interface {
	Encrypt(ctx context.Context, in *EncryptRequest, opts ...grpc.CallOption) (*EncryptResponse, error)
	Decrypt(ctx context.Context, in *DecryptRequest, opts ...grpc.CallOption) (*DecryptResponse, error)
}

func NewKeyServiceClient

func NewKeyServiceClient(cc *grpc.ClientConn) KeyServiceClient

type KeyServiceServer

type KeyServiceServer interface {
	Encrypt(context.Context, *EncryptRequest) (*EncryptResponse, error)
	Decrypt(context.Context, *DecryptRequest) (*DecryptResponse, error)
}

type Key_AzureKeyvaultKey

type Key_AzureKeyvaultKey struct {
	AzureKeyvaultKey *AzureKeyVaultKey `protobuf:"bytes,4,opt,name=azure_keyvault_key,json=azureKeyvaultKey,oneof"`
}

type Key_GcpKmsKey

type Key_GcpKmsKey struct {
	GcpKmsKey *GcpKmsKey `protobuf:"bytes,3,opt,name=gcp_kms_key,json=gcpKmsKey,oneof"`
}

type Key_KmsKey

type Key_KmsKey struct {
	KmsKey *KmsKey `protobuf:"bytes,1,opt,name=kms_key,json=kmsKey,oneof"`
}

type Key_PgpKey

type Key_PgpKey struct {
	PgpKey *PgpKey `protobuf:"bytes,2,opt,name=pgp_key,json=pgpKey,oneof"`
}

type KmsKey

type KmsKey struct {
	Arn        string            `protobuf:"bytes,1,opt,name=arn" json:"arn,omitempty"`
	Role       string            `protobuf:"bytes,2,opt,name=role" json:"role,omitempty"`
	Context    map[string]string `` /* 134-byte string literal not displayed */
	AwsProfile string            `protobuf:"bytes,4,opt,name=aws_profile" json:"aws_profile,omitempty"`
}

func (*KmsKey) Descriptor

func (*KmsKey) Descriptor() ([]byte, []int)

func (*KmsKey) GetArn

func (m *KmsKey) GetArn() string

func (*KmsKey) GetContext

func (m *KmsKey) GetContext() map[string]string

func (*KmsKey) GetRole

func (m *KmsKey) GetRole() string

func (*KmsKey) ProtoMessage

func (*KmsKey) ProtoMessage()

func (*KmsKey) Reset

func (m *KmsKey) Reset()

func (*KmsKey) String

func (m *KmsKey) String() string

type LocalClient

type LocalClient struct {
	Server Server
}

LocalClient is a key service client that performs all operations locally

func NewLocalClient

func NewLocalClient() LocalClient

NewLocalClient creates a new local client

func (LocalClient) Decrypt

func (c LocalClient) Decrypt(ctx context.Context,
	req *DecryptRequest, opts ...grpc.CallOption) (*DecryptResponse, error)

Decrypt processes a decrypt request locally See keyservice/server.go for more details

func (LocalClient) Encrypt

func (c LocalClient) Encrypt(ctx context.Context,
	req *EncryptRequest, opts ...grpc.CallOption) (*EncryptResponse, error)

Encrypt processes an encrypt request locally See keyservice/server.go for more details

type PgpKey

type PgpKey struct {
	Fingerprint string `protobuf:"bytes,1,opt,name=fingerprint" json:"fingerprint,omitempty"`
}

func (*PgpKey) Descriptor

func (*PgpKey) Descriptor() ([]byte, []int)

func (*PgpKey) GetFingerprint

func (m *PgpKey) GetFingerprint() string

func (*PgpKey) ProtoMessage

func (*PgpKey) ProtoMessage()

func (*PgpKey) Reset

func (m *PgpKey) Reset()

func (*PgpKey) String

func (m *PgpKey) String() string

type Server

type Server struct {
	// Prompt indicates whether the server should prompt before decrypting or encrypting data
	Prompt bool
}

Server is a key service server that uses SOPS MasterKeys to fulfill requests

func (Server) Decrypt

func (ks Server) Decrypt(ctx context.Context,
	req *DecryptRequest) (*DecryptResponse, error)

Decrypt takes a decrypt request and decrypts the provided ciphertext with the provided key, returning the decrypted result

func (Server) Encrypt

func (ks Server) Encrypt(ctx context.Context,
	req *EncryptRequest) (*EncryptResponse, error)

Encrypt takes an encrypt request and encrypts the provided plaintext with the provided key, returning the encrypted result

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL