vaultlib

package module

v1.4.6 Latest Latest Go to latest Published: Sep 29, 2022 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/alexballas/vaultlib

Links

Open Source Insights

README ¶

vaultlib

Higher level Hashicorp Vault library. NOT feature complete.

Documentation ¶

Index ¶

Variables
type Config
- func NewConfig() *Config
type KeyConfig
type KeyInfo
type Transit
- func NewTransitClient(c *Config, key string) (*Transit, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrNoKey = errors.New("no key provided")
)

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	Address   string
	Token     string
	NameSpace string
}

func NewConfig ¶

func NewConfig() *Config

type KeyConfig ¶ added in v1.4.4

type KeyConfig struct {
	MinDecrypion         int64
	MinEncryption        int64
	DeletionAllowed      bool
	Exportable           bool
	AllowPlaintextBackup bool
}

type KeyInfo ¶ added in v1.4.4

type KeyInfo struct {
	Name string `mapstructure:"name"`
	Type string `mapstructure:"type"`
	Keys struct {
		Num1 int64 `mapstructure:"1"`
	} `mapstructure:"keys"`
	MinEncryptionVersion int64 `mapstructure:"min_encryption_version"`
	MinDecryptionVersion int64 `mapstructure:"min_decryption_version"`
	AllowPlaintextBackup bool  `mapstructure:"allow_plaintext_backup"`
	Exportable           bool  `mapstructure:"exportable"`
	Derived              bool  `mapstructure:"derived"`
	DeletionAllowed      bool  `mapstructure:"deletion_allowed"`
	SupportsEncryption   bool  `mapstructure:"supports_encryption"`
	SupportsDecryption   bool  `mapstructure:"supports_decryption"`
	SupportsDerivation   bool  `mapstructure:"supports_derivation"`
	SupportsSigning      bool  `mapstructure:"supports_signing"`
}

type Transit ¶

type Transit struct {
	Key string
	// contains filtered or unexported fields
}

func NewTransitClient ¶

func NewTransitClient(c *Config, key string) (*Transit, error)

NewTransitClient - Generate new transit client.

func (*Transit) Backup ¶

func (c *Transit) Backup(ctx context.Context) (backup string, err error)

Backup returns a plaintext backup of a named key. The backup contains all the configuration data and keys of all the versions along with the HMAC key. https://www.vaultproject.io/api/secret/transit#backup-key

func (*Transit) Config ¶

func (c *Transit) Config(ctx context.Context, keycfg *KeyConfig) (err error)

Config key - Allows tuning configuration values for a given key. https://www.vaultproject.io/api/secret/transit#update-key-configuration

func (*Transit) Decrypt ¶

func (c *Transit) Decrypt(ctx context.Context, a string) (text string, err error)

Decrypt the provided ciphertext using the named key. https://www.vaultproject.io/api/secret/transit#decrypt-data

func (*Transit) Delete ¶

func (c *Transit) Delete(ctx context.Context) (err error)

Delete a named encryption key. It will no longer be possible to decrypt any data encrypted with the named key. https://www.vaultproject.io/api/secret/transit#delete-key

func (*Transit) Encrypt ¶

func (c *Transit) Encrypt(ctx context.Context, a string) (cipher string, version int64, err error)

Encrypt the provided plaintext using the named key. https://www.vaultproject.io/api/secret/transit#encrypt-data

func (*Transit) ListKeys ¶ added in v1.4.3

func (c *Transit) ListKeys(ctx context.Context) (keys []interface{}, err error)

ListKeys returns a list of keys. Only the key names are returned (not the actual keys themselves). https://www.vaultproject.io/api/secret/transit#list-keys

func (*Transit) NewKeyConfig ¶ added in v1.4.4

func (c *Transit) NewKeyConfig() (*KeyConfig, error)

NewKeyConfig - Generate new key configuration.

func (*Transit) Read ¶

func (c *Transit) Read(ctx context.Context) (key *KeyInfo, err error)

Read returns information about a named encryption key. https://www.vaultproject.io/api/secret/transit#read-key

func (*Transit) Restore ¶

func (c *Transit) Restore(ctx context.Context, backup string) (err error)

Restore the backup as a named key. This will restore the key configurations and all the versions of the named key along with HMAC keys.

func (*Transit) Rewrap ¶

func (c *Transit) Rewrap(ctx context.Context, a string) (cipher string, version int64, err error)

Rewrap the provided ciphertext using the latest version of the named key. Because this never returns plaintext, it is possible to delegate this functionality to untrusted users or scripts.. https://www.vaultproject.io/api/secret/transit#rewrap-data

func (*Transit) Rotate ¶

func (c *Transit) Rotate(ctx context.Context) (err error)

Rotate the version of the named key. After rotation, new plaintext requests will be encrypted with the new version of the key. https://www.vaultproject.io/api/secret/transit#rotate-key

func (*Transit) Trim ¶

func (c *Transit) Trim(ctx context.Context, d int64) (err error)

Trim older key versions setting a minimum version for the keyring. Once trimmed, previous versions of the key cannot be recovered. https://www.vaultproject.io/api/secret/transit#trim-key

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
examples

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL