awscloud

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 6, 2017 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrMissingEncType = newSecureS3ClientError("Object metadata missing encryptionType")

ErrMissingEncType indicates the object metadata missing encryptionType

View Source 
var ErrMissingIV = newSecureS3ClientError("Object metadata missing encryptionIV")

ErrMissingIV indicates object metadata missing encryptionIv

Functions

func NewCredProvider 

func NewCredProvider(accessKeyID string, secretKey string) credentials.Provider

NewCredProvider returns an implementation of aws credentials.Provider. The returned object stores the credentials in memory and does not support key rotation.

Types

type AESDecryptor 

type AESDecryptor struct {
	// contains filtered or unexported fields
}

AESDecryptor is an implementation of io.Reader that takes a cipher text reader and converts it into plain text

func NewAESDecryptor 

func NewAESDecryptor(encKey []byte, encIv []byte, reader io.ReadCloser) (*AESDecryptor, error)

NewAESDecryptor returns a new decryptor stream that decrypts using the given key and iv

func (*AESDecryptor) Close 

func (e *AESDecryptor) Close() error

Close closes the underlying stream

func (*AESDecryptor) Read 

func (e *AESDecryptor) Read(p []byte) (int, error)

Read reads cipher text and returns plain text

type AESEncryptor 

type AESEncryptor struct {
	// contains filtered or unexported fields
}

AESEncryptor is an implementation of io.Reader that takes a plain text Reader and converts it into AES cipher text

func NewAESEncryptor 

func NewAESEncryptor(encKey []byte, encIv []byte, reader io.Reader) (*AESEncryptor, error)

NewAESEncryptor returns a new encryptor stream that encrypts using the given key and iv

func (*AESEncryptor) Read 

func (e *AESEncryptor) Read(p []byte) (int, error)

Read reads plain text and returns cipher text

type CredProvider 

type CredProvider struct {
	// contains filtered or unexported fields
}

CredProvider is an implementation of aws credentials.Provider interface

func (*CredProvider) IsExpired 

func (p *CredProvider) IsExpired() bool

IsExpired returns true if the credentials are expired. Always returns false

func (*CredProvider) Retrieve 

func (p *CredProvider) Retrieve() (credentials.Value, error)

Retrieve returns the credentials stored

type SecureS3Client 

type SecureS3Client interface {
	// Get fetches an object from S3 and decrypts it
	Get(bucket string, key string) (io.ReadCloser, error)
	// Put encrypts and stores the object in S3
	Put(bucket string, key string, body io.Reader) error
	// List lists objects with prefix
	List(bucket string, prefix string) (map[string]int64, error)
}

SecureS3Client is an interface that all implementations doing client side encryption and decryption on top of s3 must adhere to.

func NewSecureS3Client 

func NewSecureS3Client(region string, credProvider credentials.Provider, aesKey []byte) SecureS3Client

NewSecureS3Client creates and returns a new SecureS3Client The returned client will do client side encryption and decryption for all objects stored / fetched from S3. Only objects previously stored using this client can be retrieved. For decryption, its the caller's responsiblility to make sure the same aes key used for encryption is supplied.

type SecureS3ClientError 

type SecureS3ClientError struct {
	// contains filtered or unexported fields
}

SecureS3ClientError indicates any 

error from SecureS3Client

func (*SecureS3ClientError) Error 

func (c *SecureS3ClientError) Error() string

Error implements error interface

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.