aws_encryption_sdk

package

v0.5.2 Latest Latest Go to latest Published: Mar 25, 2024 License: MIT Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/applauseoss/decrypt-and-start

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type Algorithm
type EncDataKey
type Frame
type KmsHelper
- func NewKmsHelper(region string, assumedRole string) *KmsHelper
- func (k *KmsHelper) Decrypt(data []byte) ([]byte, error)
type Message
- func NewMessage() *Message

Constants ¶

View Source

const (
	ALGORITHM_TYPE_AES = 1
	ALGORITHM_MODE_GCM = 1
)

View Source

const (
	CONTENT_TYPE_NON_FRAMED = 1
	CONTENT_TYPE_FRAMED     = 2
	SEQUENCE_NUMBER_END     = 0xFFFFFFFF
	STRING_ID_FRAME         = `AWSKMSEncryptionClient Frame`
	STRING_ID_FINAL_FRAME   = `AWSKMSEncryptionClient Final Frame`
	STRING_ID_NON_FRAMED    = `AWSKMSEncryptionClient Single Block`
)

Variables ¶

View Source

var Algorithms = []Algorithm{
	{
		Id:            0x0378,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 32,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      sha512.New384,
	},
	{
		Id:            0x0346,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 24,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      sha512.New384,
	},
	{
		Id:            0x0214,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 16,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      sha256.New,
	},
	{
		Id:            0x0178,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 32,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      sha256.New,
	},
	{
		Id:            0x0146,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 24,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      sha256.New,
	},
	{
		Id:            0x0114,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 16,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      sha256.New,
	},
	{
		Id:            0x0078,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 32,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      nil,
	},
	{
		Id:            0x0046,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 24,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      nil,
	},
	{
		Id:            0x0014,
		Type:          ALGORITHM_TYPE_AES,
		DataKeyLength: 16,
		Mode:          ALGORITHM_MODE_GCM,
		IVLength:      12,
		AuthTagLength: 16,
		HashFunc:      nil,
	},
}

List of encryption algorithms for AWS Encryption SDK https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/algorithms-reference.html

Functions ¶

This section is empty.

Types ¶

type Algorithm ¶

type Algorithm struct {
	Id            uint16
	Type          uint8
	DataKeyLength uint16
	Mode          uint8
	IVLength      uint8
	AuthTagLength uint8
	HashFunc      func() hash.Hash
}

type EncDataKey ¶

type EncDataKey struct {
	ProviderId   string
	ProviderInfo string
	EncKeyData   []byte
}

The following structs implements the AWS Encryption SDK Message Format https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/message-format.html

type Frame ¶

type Frame struct {
	Final            bool
	SeqNumber        uint32
	IV               []byte
	EncContentLength uint32
	EncContent       []byte
	AuthTag          []byte
	AADContentString []byte
}

type KmsHelper ¶

type KmsHelper struct {
	// contains filtered or unexported fields
}

func NewKmsHelper ¶

func NewKmsHelper(region string, assumedRole string) *KmsHelper

func (*KmsHelper) Decrypt ¶

func (k *KmsHelper) Decrypt(data []byte) ([]byte, error)

Decryption entrypoint

type Message ¶

type Message struct {
	Version          uint8
	Type             uint8
	AlgorithmId      uint16
	Algorithm        *Algorithm
	MessageId        [16]byte
	EncContextLength uint16
	EncContext       map[string]string
	EncDataKeyCount  uint16
	EncDataKeys      []EncDataKey
	ContentType      uint8
	Reserved         uint32
	IVLength         uint8
	FrameLength      uint32
	HeaderAuth       struct {
		IV      []byte
		AuthTag []byte
	}
	Frames          []Frame
	SignatureLength uint16
	Signature       []byte
}

func NewMessage ¶

func NewMessage() *Message

func (*Message) Decode ¶

func (m *Message) Decode(r io.Reader) error

func (*Message) DecodeBody ¶

func (m *Message) DecodeBody(r io.Reader) error

func (*Message) DecodeDataKeys ¶

func (m *Message) DecodeDataKeys(r io.Reader) error

func (*Message) DecodeEncContext ¶

func (m *Message) DecodeEncContext(r io.Reader) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL