vault: github.com/hashicorp/vault/vault/seal Index | Files | Directories

package seal

import "github.com/hashicorp/vault/vault/seal"

Index

Package Files

envelope.go seal.go seal_testing.go

Constants

const (
    Shamir        = "shamir"
    PKCS11        = "pkcs11"
    AliCloudKMS   = "alicloudkms"
    AWSKMS        = "awskms"
    GCPCKMS       = "gcpckms"
    AzureKeyVault = "azurekeyvault"
    OCIKMS        = "ocikms"
    Transit       = "transit"
    Test          = "test-auto"

    // HSMAutoDeprecated is a deprecated seal type prior to 0.9.0.
    // It is still referenced in certain code paths for upgrade purporses
    HSMAutoDeprecated = "hsm-auto"
)

type Access Uses

type Access interface {
    SealType() string
    KeyID() string

    Init(context.Context) error
    Finalize(context.Context) error

    Encrypt(context.Context, []byte) (*physical.EncryptedBlobInfo, error)
    Decrypt(context.Context, *physical.EncryptedBlobInfo) ([]byte, error)
}

Access is the embedded implemention of autoSeal that contains logic specific to encrypting and decrypting data, or in this case keys.

type Envelope Uses

type Envelope struct{}

func NewEnvelope Uses

func NewEnvelope() *Envelope

func (*Envelope) Decrypt Uses

func (e *Envelope) Decrypt(data *EnvelopeInfo) ([]byte, error)

func (*Envelope) Encrypt Uses

func (e *Envelope) Encrypt(plaintext []byte) (*EnvelopeInfo, error)

type EnvelopeInfo Uses

type EnvelopeInfo struct {
    Ciphertext []byte
    Key        []byte
    IV         []byte
}

type TestSeal Uses

type TestSeal struct {
    Type string
    // contains filtered or unexported fields
}

func NewTestSeal Uses

func NewTestSeal(secret []byte) *TestSeal

func (*TestSeal) Decrypt Uses

func (t *TestSeal) Decrypt(_ context.Context, dwi *physical.EncryptedBlobInfo) ([]byte, error)

func (*TestSeal) Encrypt Uses

func (t *TestSeal) Encrypt(_ context.Context, plaintext []byte) (*physical.EncryptedBlobInfo, error)

func (*TestSeal) Finalize Uses

func (t *TestSeal) Finalize(_ context.Context) error

func (*TestSeal) Init Uses

func (s *TestSeal) Init(_ context.Context) error

func (*TestSeal) KeyID Uses

func (t *TestSeal) KeyID() string

func (*TestSeal) SealType Uses

func (t *TestSeal) SealType() string

Directories

PathSynopsis
alicloudkms
awskms
azurekeyvault
gcpckms
ocikms
shamir
transit

Package seal imports 10 packages (graph) and is imported by 25 packages. Updated 2019-09-10. Refresh now. Tools for package owners.