secrets

package
v0.0.0-...-3af9a59 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 28, 2018 License: MIT Imports: 21 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// A256GCM identifies the encryption algorithm
	A256GCM = "A256GCM"

	// B5JWKJSON identifies content type
	B5JWKJSON = "b5+jwk+json"
)

Variables

This section is empty.

Functions

func DecryptEnvelope 

func DecryptEnvelope(envelope *Envelope) ([]byte, error)

DecryptEnvelope will access the key service and decrypt the envelope.

Types

type AwsKeyService 

type AwsKeyService struct {
	// contains filtered or unexported fields
}

AwsKeyService represents connection to Amazon Web Services KMS

func NewAwsKeyService 

func NewAwsKeyService(region string, masterKeyID string) *AwsKeyService

NewAwsKeyService creates a new AwsKeyService in given AWS region and with the given masterKey identifier.

func (*AwsKeyService) DecryptKey 

func (s *AwsKeyService) DecryptKey(key *EncryptionKey) error

DecryptKey decrypts an existing ServerKey.

func (*AwsKeyService) GenerateKey 

func (s *AwsKeyService) GenerateKey(kid string) (*EncryptionKey, error)

GenerateKey generates a brand new ServerKey.

type DevKeyService 

type DevKeyService struct {
	// contains filtered or unexported fields
}

DevKeyService contains DevKeyService information

func NewDevKeyService 

func NewDevKeyService() *DevKeyService

NewDevKeyService returns an empty DevKeyService object

func (*DevKeyService) DecryptKey 

func (s *DevKeyService) DecryptKey(key *EncryptionKey) error

DecryptKey decrypts the dev key

func (*DevKeyService) GenerateKey 

func (s *DevKeyService) GenerateKey(kid string) (*EncryptionKey, error)

GenerateKey generates a new server key

type EncryptionKey 

type EncryptionKey struct {
	KID    string `json:"kid"`
	Enc    string `json:"enc"`
	EncKey string `json:"encKey"`
	RawKey []byte `json:"-"`
}

EncryptionKey contians server key information

func (*EncryptionKey) Decrypt 

func (key *EncryptionKey) Decrypt(message []byte) ([]byte, error)

Decrypt decrypts a given ciphertext byte array using the web crypto key

func (*EncryptionKey) Encrypt 

func (key *EncryptionKey) Encrypt(plaintext []byte) ([]byte, error)

Encrypt encrypts a given plaintext byte array

type Envelope 

type Envelope struct {
	Env         string `json:"env"`
	Region      string `json:"region,omitempty"`
	MasterKeyID string `json:"master,omitempty"`

	Key EncryptionKey `json:"key"`

	Data string `json:"data"`
}

Envelope defines JSON structure that wraps the encrypted content

func EncryptEnvelope 

func EncryptEnvelope(env, region, masterKeyID string, message []byte) (*Envelope, error)

EncryptEnvelope will generate a new key and encrypt the message. It returns the Envelope that contains everything that is needed to decrypt the message (if the access to the KeyService is granted).

type KeyService 

type KeyService interface {
	GenerateKey(kid string) (*EncryptionKey, error)
	DecryptKey(key *EncryptionKey) error
}

KeyService defines key methods

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.