Documentation
¶
Index ¶
- type Client
- type Config
- type HealthZ
- type KeyManagementServiceServer
- func (s *KeyManagementServiceServer) Decrypt(ctx context.Context, request *kmsv1.DecryptRequest) (*kmsv1.DecryptResponse, error)
- func (s *KeyManagementServiceServer) Encrypt(ctx context.Context, request *kmsv1.EncryptRequest) (*kmsv1.EncryptResponse, error)
- func (s *KeyManagementServiceServer) Version(_ context.Context, _ *kmsv1.VersionRequest) (*kmsv1.VersionResponse, error)
- type KeyManagementServiceV2Server
- func (s *KeyManagementServiceV2Server) Decrypt(ctx context.Context, request *kmsv2.DecryptRequest) (*kmsv2.DecryptResponse, error)
- func (s *KeyManagementServiceV2Server) Encrypt(ctx context.Context, request *kmsv2.EncryptRequest) (*kmsv2.EncryptResponse, error)
- func (s *KeyManagementServiceV2Server) Status(ctx context.Context, _ *kmsv2.StatusRequest) (*kmsv2.StatusResponse, error)
- type KeyVaultClient
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client interface {
Encrypt(
ctx context.Context,
plain []byte,
encryptionAlgorithm kv.JSONWebKeyEncryptionAlgorithm,
) (*service.EncryptResponse, error)
Decrypt(
ctx context.Context,
cipher []byte,
encryptionAlgorithm kv.JSONWebKeyEncryptionAlgorithm,
apiVersion string,
annotations map[string][]byte,
decryptRequestKeyID string,
) ([]byte, error)
GetUserAgent() string
GetVaultURL() string
}
Client interface for interacting with Keyvault.
type Config ¶ added in v0.3.0
type Config struct {
ConfigFilePath string
KeyVaultName string
KeyName string
KeyVersion string
ManagedHSM bool
ProxyMode bool
ProxyAddress string
ProxyPort int
}
Config is the configuration for the KMS plugin.
type HealthZ ¶
type HealthZ struct {
KMSv1Server *KeyManagementServiceServer
KMSv2Server *KeyManagementServiceV2Server
HealthCheckURL *url.URL
UnixSocketPath string
RPCTimeout time.Duration
}
HealthZ is the health check server for the KMS plugin.
type KeyManagementServiceServer ¶
type KeyManagementServiceServer struct {
// contains filtered or unexported fields
}
KeyManagementServiceServer is a gRPC server.
func NewKMSv1Server ¶ added in v0.5.0
func NewKMSv1Server(kvClient Client) (*KeyManagementServiceServer, error)
NewKMSv1Server creates an instance of the KMS Service Server.
func (*KeyManagementServiceServer) Decrypt ¶
func (s *KeyManagementServiceServer) Decrypt(ctx context.Context, request *kmsv1.DecryptRequest) (*kmsv1.DecryptResponse, error)
Decrypt message.
func (*KeyManagementServiceServer) Encrypt ¶
func (s *KeyManagementServiceServer) Encrypt(ctx context.Context, request *kmsv1.EncryptRequest) (*kmsv1.EncryptResponse, error)
Encrypt message.
func (*KeyManagementServiceServer) Version ¶
func (s *KeyManagementServiceServer) Version(_ context.Context, _ *kmsv1.VersionRequest) (*kmsv1.VersionResponse, error)
Version of kms.
type KeyManagementServiceV2Server ¶ added in v0.5.0
type KeyManagementServiceV2Server struct {
// contains filtered or unexported fields
}
KeyManagementServiceV2Server is a gRPC server.
func NewKMSv2Server ¶ added in v0.5.0
func NewKMSv2Server(kvClient Client) (*KeyManagementServiceV2Server, error)
NewKMSv2Server creates an instance of the KMS Service Server with v2 apis.
func (*KeyManagementServiceV2Server) Decrypt ¶ added in v0.5.0
func (s *KeyManagementServiceV2Server) Decrypt(ctx context.Context, request *kmsv2.DecryptRequest) (*kmsv2.DecryptResponse, error)
Decrypt message.
func (*KeyManagementServiceV2Server) Encrypt ¶ added in v0.5.0
func (s *KeyManagementServiceV2Server) Encrypt(ctx context.Context, request *kmsv2.EncryptRequest) (*kmsv2.EncryptResponse, error)
Encrypt message.
func (*KeyManagementServiceV2Server) Status ¶ added in v0.5.0
func (s *KeyManagementServiceV2Server) Status(ctx context.Context, _ *kmsv2.StatusRequest) (*kmsv2.StatusResponse, error)
Status returns the health status of the KMS plugin.
type KeyVaultClient ¶ added in v0.5.0
type KeyVaultClient struct {
// contains filtered or unexported fields
}
KeyVaultClient is a client for interacting with Keyvault.
func (*KeyVaultClient) Decrypt ¶ added in v0.5.0
func (kvc *KeyVaultClient) Decrypt( ctx context.Context, cipher []byte, encryptionAlgorithm kv.JSONWebKeyEncryptionAlgorithm, apiVersion string, annotations map[string][]byte, decryptRequestKeyID string, ) ([]byte, error)
Decrypt decrypts the given cipher text using the keyvault key.
func (*KeyVaultClient) Encrypt ¶ added in v0.5.0
func (kvc *KeyVaultClient) Encrypt( ctx context.Context, plain []byte, encryptionAlgorithm kv.JSONWebKeyEncryptionAlgorithm, ) (*service.EncryptResponse, error)
Encrypt encrypts the given plain text using the keyvault key.
func (*KeyVaultClient) GetUserAgent ¶ added in v0.5.0
func (kvc *KeyVaultClient) GetUserAgent() string
func (*KeyVaultClient) GetVaultURL ¶ added in v0.5.0
func (kvc *KeyVaultClient) GetVaultURL() string
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.