common

package

v0.0.0-...-982e07a Latest Latest Go to latest Published: Dec 19, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cossacklabs/acra

Links

Open Source Insights

Documentation ¶

Overview ¶

Package common has shared data betwee gRPC API handler and HTTP API handler.

Index ¶

Constants
Variables
func NewMetricConnectionCallback(connectionType string) *network.MetricConnectionCallback
func RegisterMetrics(serviceName string)
type AcraTranslatorConfig
- func NewConfig() *AcraTranslatorConfig
type ITranslatorService
- func NewPrometheusServiceWrapper(service ITranslatorService, metricType string) (ITranslatorService, error)
type SearchableResponse
type TranslatorData
type TranslatorService
- func NewTranslatorService(translatorData *TranslatorData) (*TranslatorService, error)

Constants ¶

View Source

const (

	// HTTPRequestType http type of request for metric label
	HTTPRequestType = "http"
	// GrpcRequestType grpc type of request for metric label
	GrpcRequestType = "grpc"
)

View Source

const (
	HTTPConnectionType = "http"
	GRPCConnectionType = "grpc"
)

Valid values of connection type for metrics for Acra-Translator API

Variables ¶

View Source

var (
	ErrCantDecrypt                      = errors.New("can't decrypt data")
	ErrClientIDRequired                 = errors.New("clientID is empty")
	ErrCantEncrypt                      = errors.New("can't encrypt data")
	ErrZoneIDAdditionalDataNotSupported = errors.New("AdditionalContext and additional data are not supported")
)

Errors possible during decrypting AcraStructs.

View Source

var (
	ErrKeysNotFound     = errors.New("keys not found")
	ErrEncryptionFailed = errors.New("encryption failed")
	ErrDecryptionFailed = errors.New("decryption failed")
	ErrDetokenize       = errors.New("can't detokenize")
	ErrTokenize         = errors.New("can't tokenize")
)

Errors related with gRPC requests

View Source

var ErrInvalidMetricType = errors.New("unsupported metric type")

ErrInvalidMetricType used unsupported metric type.

View Source

var (
	// RequestProcessingTimeHistogram collect metrics about time of processing requests to http/grpc api
	RequestProcessingTimeHistogram = prometheus.NewHistogramVec(prometheus.HistogramOpts{
		Name:    "acratranslator_request_processing_seconds",
		Help:    "Time of response processing",
		Buckets: []float64{0.000001, 0.00001, 0.00002, 0.00003, 0.00004, 0.00005, 0.00006, 0.00007, 0.00008, 0.00009, 0.0001, 0.0005, 0.001, 0.005, 0.01, 1, 3, 5, 10},
	}, []string{requestTypeLabel, operationLabel})
)

Functions ¶

func NewMetricConnectionCallback ¶

func NewMetricConnectionCallback(connectionType string) *network.MetricConnectionCallback

NewMetricConnectionCallback return initialized MetricConnectionCallback with proper connectionType

func RegisterMetrics ¶

func RegisterMetrics(serviceName string)

RegisterMetrics register metrics in prometheus exporter related with translator

Types ¶

type AcraTranslatorConfig ¶

type AcraTranslatorConfig struct {
	HTTPConnectionWrapper network.HTTPServerConnectionWrapper
	GRPCConnectionWrapper network.GRPCConnectionWrapper
	// contains filtered or unexported fields
}

AcraTranslatorConfig stores keys, poison record settings, connection attributes.

func NewConfig ¶

func NewConfig() *AcraTranslatorConfig

NewConfig creates new AcraTranslatorConfig.

func (*AcraTranslatorConfig) ConfigPath ¶

func (a *AcraTranslatorConfig) ConfigPath() string

ConfigPath returns configuration path for AcraTranslator.

func (*AcraTranslatorConfig) Debug ¶

func (a *AcraTranslatorConfig) Debug() bool

Debug returns if should print debug logs.

func (*AcraTranslatorConfig) DetectPoisonRecords ¶

func (a *AcraTranslatorConfig) DetectPoisonRecords() bool

DetectPoisonRecords returns if AcraTranslator should detect poison records.

func (*AcraTranslatorConfig) GetTLSClientIDExtractor ¶

func (a *AcraTranslatorConfig) GetTLSClientIDExtractor() network.TLSClientIDExtractor

GetTLSClientIDExtractor return configured TLSClietIDExtractor

func (*AcraTranslatorConfig) GetTLSConfig ¶

func (a *AcraTranslatorConfig) GetTLSConfig() *tls.Config

GetTLSConfig return tls.Config which should be used

func (*AcraTranslatorConfig) GetTokenizer ¶

func (a *AcraTranslatorConfig) GetTokenizer() common.Pseudoanonymizer

GetTokenizer return configure tokenizer

func (*AcraTranslatorConfig) GetTraceOptions ¶

func (a *AcraTranslatorConfig) GetTraceOptions() []trace.StartOption

GetTraceOptions for opencensus trace

func (*AcraTranslatorConfig) GetUseClientIDFromConnection ¶

func (a *AcraTranslatorConfig) GetUseClientIDFromConnection() bool

GetUseClientIDFromConnection return true if translator should use clientID from connection

func (*AcraTranslatorConfig) IncomingConnectionGRPCString ¶

func (a *AcraTranslatorConfig) IncomingConnectionGRPCString() string

IncomingConnectionGRPCString returns connection string to listen for gRPC requests.

func (*AcraTranslatorConfig) IncomingConnectionHTTPString ¶

func (a *AcraTranslatorConfig) IncomingConnectionHTTPString() string

IncomingConnectionHTTPString returns connection string to listen for HTTP requests.

func (*AcraTranslatorConfig) KeysDir ¶

func (a *AcraTranslatorConfig) KeysDir() string

KeysDir returns keys directory.

func (*AcraTranslatorConfig) ScriptOnPoison ¶

func (a *AcraTranslatorConfig) ScriptOnPoison() string

ScriptOnPoison returns script-to-run on detection of poison records.

func (*AcraTranslatorConfig) SetConfigPath ¶

func (a *AcraTranslatorConfig) SetConfigPath(configPath string)

SetConfigPath sets configuration path for AcraTranslator.

func (*AcraTranslatorConfig) SetDebug ¶

func (a *AcraTranslatorConfig) SetDebug(debug bool)

SetDebug sets if should print debug logs.

func (*AcraTranslatorConfig) SetDetectPoisonRecords ¶

func (a *AcraTranslatorConfig) SetDetectPoisonRecords(val bool)

SetDetectPoisonRecords sets if AcraTranslator should detect poison records.

func (*AcraTranslatorConfig) SetIncomingConnectionGRPCString ¶

func (a *AcraTranslatorConfig) SetIncomingConnectionGRPCString(incomingConnectionGRPCString string)

SetIncomingConnectionGRPCString sets connection string to listen for gRPC requests.

func (*AcraTranslatorConfig) SetIncomingConnectionHTTPString ¶

func (a *AcraTranslatorConfig) SetIncomingConnectionHTTPString(incomingConnectionHTTPString string)

SetIncomingConnectionHTTPString sets connection string to listen for HTTP requests.

func (*AcraTranslatorConfig) SetKeysDir ¶

func (a *AcraTranslatorConfig) SetKeysDir(keysDir string)

SetKeysDir sets keys directory.

func (*AcraTranslatorConfig) SetScriptOnPoison ¶

func (a *AcraTranslatorConfig) SetScriptOnPoison(scriptOnPoison string)

SetScriptOnPoison sets script-to-run on detection of poison records.

func (*AcraTranslatorConfig) SetStopOnPoison ¶

func (a *AcraTranslatorConfig) SetStopOnPoison(stopOnPoison bool)

SetStopOnPoison sets if AcraTranslator should stop working on detection of poison records.

func (*AcraTranslatorConfig) SetTLSClientIDExtractor ¶

func (a *AcraTranslatorConfig) SetTLSClientIDExtractor(tlsClientIDExtractor network.TLSClientIDExtractor)

SetTLSClientIDExtractor set clientID extractor from TLS metadata

func (*AcraTranslatorConfig) SetTLSConfig ¶

func (a *AcraTranslatorConfig) SetTLSConfig(v *tls.Config)

SetTLSConfig tls.Config which should be used

func (*AcraTranslatorConfig) SetTokenizer ¶

func (a *AcraTranslatorConfig) SetTokenizer(tokenizer common.Pseudoanonymizer)

SetTokenizer set configured tokenizer

func (*AcraTranslatorConfig) SetTraceToLog ¶

func (a *AcraTranslatorConfig) SetTraceToLog(v bool)

SetTraceToLog true if want to log trace data otherwise false

func (*AcraTranslatorConfig) SetUseClientIDFromConnection ¶

func (a *AcraTranslatorConfig) SetUseClientIDFromConnection(v bool)

SetUseClientIDFromConnection use ClientID from connection metadata instead request arguments

func (*AcraTranslatorConfig) StopOnPoison ¶

func (a *AcraTranslatorConfig) StopOnPoison() bool

StopOnPoison returns if AcraTranslator should stop working on detection of poison records.

func (*AcraTranslatorConfig) WithTLS ¶

func (a *AcraTranslatorConfig) WithTLS() bool

WithTLS true if server should use TLS connections to gRPC/HTTP server

type ITranslatorService ¶

type ITranslatorService interface {
	Decrypt(ctx context.Context, acraStruct, clientID, additionalContext []byte) ([]byte, error)
	Encrypt(ctx context.Context, data, clientID, additionalContext []byte) ([]byte, error)
	EncryptSearchable(ctx context.Context, data, clientID, additionalContext []byte) (SearchableResponse, error)
	DecryptSearchable(ctx context.Context, data, hash, clientID, additionalContext []byte) ([]byte, error)
	GenerateQueryHash(context context.Context, data, clientID, additionalContext []byte) ([]byte, error)
	Tokenize(ctx context.Context, data interface{}, dataType tokenCommon.TokenType, clientID, additionalContext []byte) (interface{}, error)
	Detokenize(ctx context.Context, data interface{}, dataType tokenCommon.TokenType, clientID, additionalContext []byte) (interface{}, error)
	EncryptSymSearchable(ctx context.Context, data, clientID, additionalContext []byte) (SearchableResponse, error)
	DecryptSymSearchable(ctx context.Context, data, hash, clientID, additionalContext []byte) ([]byte, error)
	EncryptSym(ctx context.Context, data, clientID, additionalContext []byte) ([]byte, error)
	DecryptSym(ctx context.Context, acraBlock, clientID, additionalContext []byte) ([]byte, error)
}

ITranslatorService interface introduce all supported methods by Acra-Translator

func NewPrometheusServiceWrapper ¶

func NewPrometheusServiceWrapper(service ITranslatorService, metricType string) (ITranslatorService, error)

NewPrometheusServiceWrapper wraps all methods of service with metrics that track time of execution

type SearchableResponse ¶

type SearchableResponse struct {
	EncryptedData []byte
	Hash          []byte
}

SearchableResponse store EncryptedData that may be AcraStruct or AcraBLock and searchable Hash

type TranslatorData ¶

type TranslatorData struct {
	Tokenizer             tokenCommon.Pseudoanonymizer
	Config                *AcraTranslatorConfig
	PoisonRecordCallbacks base.PoisonRecordCallbackStorage
	Keystorage            keystore.TranslationKeyStore
	UseConnectionClientID bool
	TLSClientIDExtractor  network.TLSClientIDExtractor
}

TranslatorData connects KeyStorage and Poison records settings for HTTP and gRPC decryptors.

type TranslatorService ¶

type TranslatorService struct {
	// contains filtered or unexported fields
}

TranslatorService service that implements all Acra-Translator functions

func NewTranslatorService ¶

func NewTranslatorService(translatorData *TranslatorData) (*TranslatorService, error)

NewTranslatorService return new initialized TranslatorService

func (*TranslatorService) Decrypt ¶

func (service *TranslatorService) Decrypt(ctx context.Context, acraStruct, clientID, additionalContext []byte) ([]byte, error)

Decrypt AcraStruct using ClientID

func (*TranslatorService) DecryptSearchable ¶

func (service *TranslatorService) DecryptSearchable(ctx context.Context, data, hash, clientID, additionalContext []byte) ([]byte, error)

DecryptSearchable decrypt AcraStruct using ClientID and then verify hash

func (*TranslatorService) DecryptSym ¶

func (service *TranslatorService) DecryptSym(ctx context.Context, acraBlock, clientID, additionalContext []byte) ([]byte, error)

DecryptSym decrypts AcraBlock using ClientID

func (*TranslatorService) DecryptSymSearchable ¶

func (service *TranslatorService) DecryptSymSearchable(ctx context.Context, data, hash, clientID, additionalContext []byte) ([]byte, error)

DecryptSymSearchable decrypt AcraBlock using ClientID and verify hash

func (*TranslatorService) Detokenize ¶

func (service *TranslatorService) Detokenize(ctx context.Context, data interface{}, dataType tokenCommon.TokenType, clientID, additionalContext []byte) (interface{}, error)

Detokenize data from request according to TokenType using ClientID

func (*TranslatorService) Encrypt ¶

func (service *TranslatorService) Encrypt(ctx context.Context, data, clientID, additionalContext []byte) ([]byte, error)

Encrypt AcraStruct using ClientID

func (*TranslatorService) EncryptSearchable ¶

func (service *TranslatorService) EncryptSearchable(ctx context.Context, data, clientID, additionalContext []byte) (SearchableResponse, error)

EncryptSearchable generate AcraStruct using ClientID and searchable hash

func (*TranslatorService) EncryptSym ¶

func (service *TranslatorService) EncryptSym(ctx context.Context, data, clientID, additionalContext []byte) ([]byte, error)

EncryptSym encrypts data with AcraBlock using ClientID

func (*TranslatorService) EncryptSymSearchable ¶

func (service *TranslatorService) EncryptSymSearchable(ctx context.Context, data, clientID, additionalContext []byte) (SearchableResponse, error)

EncryptSymSearchable encrypts data with AcraBlock using ClientID and searchable hash

func (*TranslatorService) GenerateQueryHash ¶

func (service *TranslatorService) GenerateQueryHash(context context.Context, data, clientID, additionalContext []byte) ([]byte, error)

GenerateQueryHash generates searchable hash for data

func (*TranslatorService) Tokenize ¶

func (service *TranslatorService) Tokenize(ctx context.Context, data interface{}, dataType tokenCommon.TokenType, clientID, additionalContext []byte) (interface{}, error)

Tokenize data from request according to TokenType using ClientID

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL