Documentation ¶
Index ¶
- Variables
- func RegisterAlgoMapping(a Algo, at AlgoType)
- type Algo
- type AlgoFactory
- type AlgoType
- type Algorithm
- type AlgorithmCreator
- type AlgorithmFactory
- type Decryptor
- type EncryptedObject
- func (*EncryptedObject) Descriptor() ([]byte, []int)deprecated
- func (x *EncryptedObject) GetA() Algo
- func (x *EncryptedObject) GetKeyToken() []byte
- func (x *EncryptedObject) GetV() []byte
- func (*EncryptedObject) ProtoMessage()
- func (x *EncryptedObject) ProtoReflect() protoreflect.Message
- func (x *EncryptedObject) Reset()
- func (x *EncryptedObject) String() string
- type EncryptedObjectParser
- type Encryptor
- type Keys
- type TokenKeyDecryptor
- type TokenKeyDecryptorCreator
- type TokenKeyEncryptionCreator
- type TokenKeyEncryptionCreatorID
- type TokenKeyEncryptionCreatorIDList
- type TokenKeyEncryptionFactory
- type TokenKeyEncryptor
- type TokenKeyEncryptorCreator
Constants ¶
This section is empty.
Variables ¶
var ( Algo_name = map[int32]string{ 0: "UnknownAlgo", 1: "GCM", } Algo_value = map[string]int32{ "UnknownAlgo": 0, "GCM": 1, } )
Enum value maps for Algo.
var File_algo_proto protoreflect.FileDescriptor
var File_encrypted_object_proto protoreflect.FileDescriptor
var File_keys_proto protoreflect.FileDescriptor
Functions ¶
func RegisterAlgoMapping ¶
RgisterAlgoMapping provides the ability to specify new mappings between the proto definition and go code
Types ¶
type Algo ¶
type Algo int32
func NewAlgo ¶
NewAlgo returns the corresponding Algo to the AlgoType, or returns Algo_Unknown and an error if not matched
func (Algo) Descriptor ¶
func (Algo) Descriptor() protoreflect.EnumDescriptor
func (Algo) EnumDescriptor
deprecated
func (Algo) Number ¶
func (x Algo) Number() protoreflect.EnumNumber
func (Algo) Type ¶
func (Algo) Type() protoreflect.EnumType
type AlgoFactory ¶
type AlgoFactory struct {
// contains filtered or unexported fields
}
AlgoFactory manufactures instances of Algorithm by invoking the AlgorithmCreator for the required AlgoType
var DefaultAlgoFactory *AlgoFactory
DefaultAlgoFactory is a AlgoFactory pre-filled with existing AlgoTypes, currently GCM
func NewAlgorithmFactory ¶
func NewAlgorithmFactory(as []AlgorithmCreator) (*AlgoFactory, error)
NewAlgorithmFactory returns an instance of AlgoFactory, pre-filled with the specified set of AlgorithmCreators
func (*AlgoFactory) AddAlgorithmCreator ¶
func (f *AlgoFactory) AddAlgorithmCreator(c AlgorithmCreator) error
AddAlgorithmCreator inserts the specified AlgorithmCreator into the AlgoFactory
func (*AlgoFactory) GetAlgorithm ¶
func (f *AlgoFactory) GetAlgorithm(t AlgoType) (Algorithm, error)
GetAlgorithm returns an instance of a Algorithm of the specified AlgoType
type Algorithm ¶
type Algorithm interface { CreateKey() ([]byte, error) GetType() AlgoType GetEncryptor() Encryptor GetDecryptor() Decryptor }
Algorithm provides an Encryptor and Decryptor interface, that implement the specified AlgoType
type AlgorithmCreator ¶
type AlgorithmCreator interface {
New() Algorithm
}
AlgorithmCreator can construct instances of a Algorithm
func NewGCMCreator ¶
func NewGCMCreator() AlgorithmCreator
NewGCMCreator returns an AlgorithmCreator for GCM
type AlgorithmFactory ¶
type AlgorithmFactory interface { AddAlgorithmCreator(a AlgorithmCreator) error GetAlgorithm(t AlgoType) (Algorithm, error) }
AlgorithmFactory returns a Algorithm using the specified algorithm
type EncryptedObject ¶
type EncryptedObject struct { KeyToken []byte `protobuf:"bytes,1,opt,name=keyToken,proto3" json:"keyToken,omitempty"` A Algo `protobuf:"varint,2,opt,name=a,proto3,enum=Algo" json:"a,omitempty"` V []byte `protobuf:"bytes,3,opt,name=v,proto3" json:"v,omitempty"` // contains filtered or unexported fields }
func NewEncryptedObject ¶
func NewEncryptedObject(key []byte, message protoreflect.ProtoMessage, encryptor Encryptor) (*EncryptedObject, error)
NewEncryptedObject creates an instance of EncryptedObject from the supplied message and encryptor details
func NewEncryptedObjectFromToken ¶
func NewEncryptedObjectFromToken(keyToken []byte, message protoreflect.ProtoMessage, encryptor TokenKeyEncryptor) (*EncryptedObject, error)
NewEncryptedObjectFromToken creates an instance of EncryptedObject from the supplied message and encryptor details
func (*EncryptedObject) Descriptor
deprecated
func (*EncryptedObject) Descriptor() ([]byte, []int)
Deprecated: Use EncryptedObject.ProtoReflect.Descriptor instead.
func (*EncryptedObject) GetA ¶
func (x *EncryptedObject) GetA() Algo
func (*EncryptedObject) GetKeyToken ¶
func (x *EncryptedObject) GetKeyToken() []byte
func (*EncryptedObject) GetV ¶
func (x *EncryptedObject) GetV() []byte
func (*EncryptedObject) ProtoMessage ¶
func (*EncryptedObject) ProtoMessage()
func (*EncryptedObject) ProtoReflect ¶
func (x *EncryptedObject) ProtoReflect() protoreflect.Message
func (*EncryptedObject) Reset ¶
func (x *EncryptedObject) Reset()
func (*EncryptedObject) String ¶
func (x *EncryptedObject) String() string
type EncryptedObjectParser ¶
type EncryptedObjectParser struct {
// contains filtered or unexported fields
}
func NewEncryptedObjectParser ¶
func NewEncryptedObjectParser(decryptor TokenKeyDecryptor) (*EncryptedObjectParser, error)
EncryptedObjectParser decrypts EncryptedObjects in a Message, using the supplied TokenKeyDecryptor
func (*EncryptedObjectParser) Parse ¶
func (cp *EncryptedObjectParser) Parse(e *EncryptedObject, message protoreflect.ProtoMessage) error
Parse decrypts using into the supplied ProtoMessage instance
type Encryptor ¶
Encryptor will attempt to use the key to encrypt the plaintext, returning the AlgoType used as well as the ciphertext
type Keys ¶
type Keys struct { Keys map[string][]byte `` /* 149-byte string literal not displayed */ // contains filtered or unexported fields }
func (*Keys) Descriptor
deprecated
func (*Keys) ProtoMessage ¶
func (*Keys) ProtoMessage()
func (*Keys) ProtoReflect ¶
func (x *Keys) ProtoReflect() protoreflect.Message
type TokenKeyDecryptor ¶
type TokenKeyDecryptor interface {
DecryptFromToken(token []byte, a AlgoType, ciphertext []byte) ([]byte, error)
}
TokenKeyDecryptor receives a token value and AlgoType, which is used to retrieve the key required to decrypt and the algo to use to attempt decryption. Behaviour when the key is not available is unspecified.
type TokenKeyDecryptorCreator ¶
type TokenKeyDecryptorCreator func(a Algorithm, keys map[string][]byte) TokenKeyDecryptor
TokenKeyDecryptorCreator returns an initialised TokenKeyDecryptor
type TokenKeyEncryptionCreator ¶
type TokenKeyEncryptionCreator interface { GetID() TokenKeyEncryptionCreatorID GetEncryptionAlgoType() AlgoType GetTokenKeyDecryptor(key []byte, keys *EncryptedObject, factory AlgorithmFactory) (TokenKeyDecryptor, error) GetTokenKeyEncryptor() (TokenKeyEncryptor, error) }
TokenKeyEncryptionCreator can manufacture encryptors and decryptors
func NewTokenKeyEncryptionCreator ¶
func NewTokenKeyEncryptionCreator( id TokenKeyEncryptionCreatorID, a AlgoType, d TokenKeyDecryptorCreator, e TokenKeyEncryptorCreator, f AlgorithmFactory) (TokenKeyEncryptionCreator, error)
NewTokenKeyEncryptionCreator provides a construction mechanism to create instances of TokenKeyEncryptionCreator
type TokenKeyEncryptionCreatorID ¶
type TokenKeyEncryptionCreatorID string
TokenKeyEncryptionCreatorID identifies TokenKeyEncryptionCreators
type TokenKeyEncryptionCreatorIDList ¶
type TokenKeyEncryptionCreatorIDList []TokenKeyEncryptionCreatorID
TokenKeyEncryptionCreatorIDList is a slice of TokenKeyEncryptionCreatorID
func (TokenKeyEncryptionCreatorIDList) Len ¶
func (tl TokenKeyEncryptionCreatorIDList) Len() int
Len returns the number of IDs in the slice
func (TokenKeyEncryptionCreatorIDList) Less ¶
func (tl TokenKeyEncryptionCreatorIDList) Less(i, j int) bool
Less returns true if the ID at i is less than at j
func (TokenKeyEncryptionCreatorIDList) Swap ¶
func (tl TokenKeyEncryptionCreatorIDList) Swap(i, j int)
Swap will switch the IDs at i and j
type TokenKeyEncryptionFactory ¶
type TokenKeyEncryptionFactory interface { GetTokenKeyEncryptionCreatorIDs() TokenKeyEncryptionCreatorIDList AddTokenKeyEncryptionCreator(c TokenKeyEncryptionCreator) error GetTokenKeyDecryptor(i TokenKeyEncryptionCreatorID, key []byte, keys *EncryptedObject, factory AlgorithmFactory) (TokenKeyDecryptor, error) GetTokenKeyEncryptor(i TokenKeyEncryptionCreatorID) (TokenKeyEncryptor, error) }
TokenKeyEncryptionFactory returns the encryptor or decryptor for the specified TokenKeyEncryptionCreatorID
var DefaultTokenKeyEncryptionFactory TokenKeyEncryptionFactory
DefaultTokenKeyEncryptionFactory is a TokenKeyEncryptionFactory pre-filled with with default TokenKeyEncryptionCreators (currently only DefaultGCM)
func NewTokenKeyEncryptionFactory ¶
func NewTokenKeyEncryptionFactory(as []TokenKeyEncryptionCreator) (TokenKeyEncryptionFactory, error)
NewTokenKeyEncryptionFactory returns an instance of TokenKeyEncryptionFactory, pre-filled with the specified set of TokenKeyEncryptionCreators
type TokenKeyEncryptor ¶
type TokenKeyEncryptor interface { EncryptFromToken(token []byte, plaintext []byte) ([]byte, AlgoType, error) GetKeys(key []byte, a Algorithm) (*EncryptedObject, error) }
TokenKeyEncryptor receives a token value which is used to retrieve the key required to encrypt.
The GetKeys function uses the provided key to encrypt the map of tokens->keys inside an EncryptedObject, for secure distribution
type TokenKeyEncryptorCreator ¶
type TokenKeyEncryptorCreator func(a Algorithm) TokenKeyEncryptor
TokenKeyEncryptorCreator returns an initialised TokenKeyEncryptor