The highest tagged major version is v2.

azurekeyvault

package

v0.7.1 Latest Latest Go to latest Published: Mar 4, 2022 License: MPL-2.0 Imports: 15 Imported by: 5

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hashicorp/go-kms-wrapping

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func ParseKeyVersion(kid string) string
type Wrapper
- func NewWrapper(opts *wrapping.WrapperOptions) *Wrapper

Constants ¶

View Source

const (
	EnvAzureKeyVaultWrapperVaultName = "AZUREKEYVAULT_WRAPPER_VAULT_NAME"
	EnvVaultAzureKeyVaultVaultName   = "VAULT_AZUREKEYVAULT_VAULT_NAME"

	EnvAzureKeyVaultWrapperKeyName = "AZUREKEYVAULT_WRAPPER_KEY_NAME"
	EnvVaultAzureKeyVaultKeyName   = "VAULT_AZUREKEYVAULT_KEY_NAME"
)

Variables ¶

This section is empty.

Functions ¶

func ParseKeyVersion ¶ added in v0.6.0

func ParseKeyVersion(kid string) string

Kid gets returned as a full URL, get the last bit which is just the version

Types ¶

type Wrapper ¶

type Wrapper struct {
	// contains filtered or unexported fields
}

Wrapper is an Wrapper that uses Azure Key Vault for crypto operations. Azure Key Vault currently does not support keys that can encrypt long data (RSA keys). Due to this fact, we generate and AES key and wrap the key using Key Vault and store it with the data

func NewWrapper ¶

func NewWrapper(opts *wrapping.WrapperOptions) *Wrapper

NewWrapper creates a new wrapper with the given options

func (*Wrapper) BaseURL ¶ added in v0.6.0

func (v *Wrapper) BaseURL() string

BaseURL returns the base URL for key management operation requests based on the Azure Vault name and environment.

func (*Wrapper) Client ¶ added in v0.6.0

func (v *Wrapper) Client() *keyvault.BaseClient

Client returns the AzureKeyVault client used by the wrapper.

func (*Wrapper) Decrypt ¶

func (v *Wrapper) Decrypt(ctx context.Context, in *wrapping.EncryptedBlobInfo, aad []byte) (pt []byte, err error)

Decrypt is used to decrypt the ciphertext

func (*Wrapper) Encrypt ¶

func (v *Wrapper) Encrypt(ctx context.Context, plaintext, aad []byte) (blob *wrapping.EncryptedBlobInfo, err error)

Encrypt is used to encrypt using Azure Key Vault. This returns the ciphertext, and/or any errors from this call.

func (*Wrapper) Finalize ¶

func (v *Wrapper) Finalize(context.Context) error

Finalize is called during shutdown. This is a no-op.

func (*Wrapper) HMACKeyID ¶

func (v *Wrapper) HMACKeyID() string

HMACKeyID returns the last known HMAC key id

func (*Wrapper) Init ¶

func (v *Wrapper) Init(context.Context) error

Init is called during core.Initialize. This is a no-op.

func (*Wrapper) KeyID ¶

func (v *Wrapper) KeyID() string

KeyID returns the last known key id

func (*Wrapper) Logger ¶ added in v0.6.0

func (v *Wrapper) Logger() hclog.Logger

Logger returns the logger used by the wrapper.

func (*Wrapper) SetConfig ¶

func (v *Wrapper) SetConfig(config map[string]string) (map[string]string, error)

SetConfig sets the fields on the Wrapper object based on values from the config parameter.

Order of precedence: * Environment variable * Passed in config map * Managed Service Identity for instance

func (*Wrapper) Type ¶

func (v *Wrapper) Type() string

Type returns the type for this particular Wrapper implementation

Source Files ¶

View all Source files

azurekeyvault.go

Directories ¶

Path	Synopsis
module

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL