vault_components

package

v0.0.0-...-40dd295 Latest Latest Go to latest Published: Jun 12, 2022 License: MPL-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Dawnflash/vault-exfiltrate

Links

Open Source Insights

Documentation ¶

Overview ¶

Index ¶

Constants
type EncodedKeyring
type Key
- func DeserializeKey(buf []byte) (*Key, error)
- func (k *Key) Serialize() ([]byte, error)
type Keyring
- func DeserializeKeyring(buf []byte) (*Keyring, error)
- func NewKeyring() *Keyring

Constants ¶

View Source

const (
	AESGCMVersion1 = 0x1
	AESGCMVersion2 = 0x2
)

from vault/barrier_aes_gcm.go

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type EncodedKeyring ¶

type EncodedKeyring struct {
	MasterKey []byte
	Keys      []*Key
}

EncodedKeyring is used for serialization of the keyring

type Key ¶

type Key struct {
	Term                uint32
	Version             int
	Value               []byte
	InstallTime         time.Time
	Encryptions         uint64
	ReportedEncryptions uint64 `json:",omitempty"`
}

Key represents a single term, along with the key used.

func DeserializeKey ¶

func DeserializeKey(buf []byte) (*Key, error)

DeserializeKey is used to deserialize and return a new key

func (*Key) Serialize ¶

func (k *Key) Serialize() ([]byte, error)

Serialize is used to create a byte encoded key

type Keyring ¶

type Keyring struct {
	// contains filtered or unexported fields
}

Keyring is used to manage multiple encryption keys used by the barrier. New keys can be installed and each has a sequential term. The term used to encrypt a key is prefixed to the key written out. All data is encrypted with the latest key, but storing the old keys allows for decryption of keys written previously. Along with the encryption keys, the keyring also tracks the master key. This is necessary so that when a new key is added to the keyring, we can encrypt with the master key and write out the new keyring.

func DeserializeKeyring ¶

func DeserializeKeyring(buf []byte) (*Keyring, error)

DeserializeKeyring is used to deserialize and return a new keyring

func NewKeyring ¶

func NewKeyring() *Keyring

NewKeyring creates a new keyring

func (*Keyring) ActiveKey ¶

func (k *Keyring) ActiveKey() *Key

ActiveKey returns the active encryption key, or nil

func (*Keyring) ActiveTerm ¶

func (k *Keyring) ActiveTerm() uint32

ActiveTerm returns the currently active term

func (*Keyring) AddEncryptionEstimate ¶

func (k *Keyring) AddEncryptionEstimate(term uint32, delta uint64)

func (*Keyring) AddKey ¶

func (k *Keyring) AddKey(key *Key) (*Keyring, error)

AddKey adds a new key to the keyring

func (*Keyring) Clone ¶

func (k *Keyring) Clone() *Keyring

Clone returns a new copy of the keyring

func (*Keyring) MasterKey ¶

func (k *Keyring) MasterKey() []byte

MasterKey returns the master key

func (*Keyring) RemoveKey ¶

func (k *Keyring) RemoveKey(term uint32) (*Keyring, error)

RemoveKey removes a key from the keyring

func (*Keyring) Serialize ¶

func (k *Keyring) Serialize() ([]byte, error)

Serialize is used to create a byte encoded keyring

func (*Keyring) SetMasterKey ¶

func (k *Keyring) SetMasterKey(val []byte) *Keyring

SetMasterKey is used to update the master key

func (*Keyring) TermKey ¶

func (k *Keyring) TermKey(term uint32) *Key

TermKey returns the key for the given term, or nil

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL