Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AWSKMS ¶
type AWSKMS struct { Crypto appencryption.AEAD Clients []AWSKMSClient Registry metrics.Registry }
AWSKMS implements the KeyManagementService interface and handles encryption/decryption in KMS.
func NewAWS ¶
func NewAWS(crypto appencryption.AEAD, preferredRegion string, arnMap map[string]string) (*AWSKMS, error)
NewAWS returns a new AWSKMS used for encrypting/decrypting keys with a master key.
func (*AWSKMS) DecryptKey ¶
DecryptKey decrypts an encrypted byte slice and returns the unencrypted key. The preferred region provided in the config is tried first, if this fails the remaining regions are tried.
type AWSKMSClient ¶
AWSKMSClient contains a KMS client and region information used for encrypting a key in KMS.
type KMS ¶
type KMS interface { EncryptWithContext(aws.Context, *kms.EncryptInput, ...request.Option) (*kms.EncryptOutput, error) GenerateDataKeyWithContext(aws.Context, *kms.GenerateDataKeyInput, ...request.Option) (*kms.GenerateDataKeyOutput, error) DecryptWithContext(ctx aws.Context, input *kms.DecryptInput, opts ...request.Option) (*kms.DecryptOutput, error) }
KMS is implemented by the client in the kms package from the AWS SDK. We only use a subset of methods defined below.
type StaticKMS ¶
type StaticKMS struct { Crypto appencryption.AEAD // contains filtered or unexported fields }
StaticKMS is an in-memory static implementation of a KeyManagementService. NOTE: It should not be used in production and is for testing only!
func NewStatic ¶
func NewStatic(key string, crypto appencryption.AEAD) (*StaticKMS, error)
NewStatic constructs a new StaticKMS. The provided key MUST be be 32 bytes in length.
func (*StaticKMS) Close ¶ added in v0.1.5
func (s *StaticKMS) Close()
Close frees the memory locked by the static key. It should be called as soon as its no longer in use.
func (*StaticKMS) DecryptKey ¶
DecryptKey decrypts the encrypted byte slice using the master key.