auricvault

package module

v1.2.0 Latest Latest Go to latest Published: Jul 9, 2018 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/lfaoro/auricvault

Links

Open Source Insights

README ¶

AuricVault API library

Simple Go-API used to store sensitive data using the AuricVault PCI/HIPAA compliant encryption service.

Installation

$ go get github.com/lfaoro/auricvault

import "github.com/lfaoro/auricvault"

Quick start

# Provide a .env file in your project with the following variables or export them.
# the .env file will be automatically parsed.
$ cat > .env << EOF
AURIC_URL="https://vault01.auricsystems.com/vault/v2/"
AURIC_URL2="https://vault02.auricsystems.com/vault/v2/" # optional
AURIC_CONFIGURATION=""
AURIC_MTID=""
AURIC_MTID_SECRET=""
AURIC_SEGMENT=""
EOF

// Instance a new Vault, choose the retention period
vault := auricvault.New(auricvault.Forever)

// If you want to see Debug information
auricvault.SetDebug()

data := "VISA,475055XXXX314032,0818"

// Encrypt using an auto-generated token
token, err := vault.Encrypt(data)
if err != nil {
    log.Fatal(err)
}
fmt.Println("token: ", token)

// Encrypt using your own token
token, err := vault.Encrypt(data, "khR8pew41q0URCxtivea")
if err != nil {
    log.Fatal(err)
}
fmt.Println("token: ", token)

// Retrieve the string data from the vault using the token
data, err := vault.Decrypt("khR8pew41q0URCxtivea")
if err != nil {
    log.Fatal(err)
}
fmt.Println(data)

Contibuting

Any help and suggestions are very welcome and appreciated.

Fork the project
Create your feature branch git checkout -b my-new-feature
Commit your changes git commit -am 'Add my feature'
Push to the branch git push origin my-new-feature
Create a new pull request against the master branch

Documentation ¶

Overview ¶

Package auricvault is a simple Go-API used to store sensitive data using the AuricVault PCI/HIPAA compliant encryption service.

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func SetDebug ¶

func SetDebug()

Types ¶

type Params ¶

type Params struct {
	ConfigurationID string    `json:"configurationId,omitempty"`
	Last4           string    `json:"last4,omitempty"`
	Mtid            string    `json:"mtid,omitempty"`
	PlaintextValue  string    `json:"plaintextValue,omitempty"`
	Retention       Retention `json:"retention,omitempty"`
	Segment         string    `json:"segment,omitempty"`
	UtcTimestamp    string    `json:"utcTimestamp,omitempty"`
	Token           string    `json:"token,omitempty"`
}

type Response ¶

type Response struct {
	ID     int    `json:"id,omitempty"`
	Result Result `json:"result,omitempty"`
	Error  string `json:"error,omitempty"`
}

type Result ¶

type Result struct {
	Version             string `json:"version,omitempty"`
	LastActionSucceeded int    `json:"lastActionSucceeded,omitempty"`
	Token               string `json:"token,omitempty"`
	PlaintextValue      string `json:"plaintextValue,omitempty"`
	ElapsedTime         string `json:"elapsedTime,omitempty"`
	TokenExists         string `json:"tokenExists,omitempty"`
	TokenCreatedDate    string `json:"tokenCreatedDate,omitempty"`
	LastAccessedDate    string `json:"lastAccessedDate,omitempty"`
	Segment             string `json:"segment,omitempty"`
	Retention           string `json:"retention,omitempty"`
	IsVaultEncrypted    string `json:"isVaultEncrypted,omitempty"`
}

type Retention ¶

type Retention string

Retention enumerates the data retention options.

const (
	// BigYear data is kept approximately 14 months (14 * 31 days).
	BigYear Retention = "big-year"
	// Forever data is never deleted.
	Forever Retention = "forever"
)

type Vault ¶

type Vault struct {
	// contains filtered or unexported fields
}

func New ¶

func New(retention Retention) *Vault

func (*Vault) Decrypt ¶

func (v *Vault) Decrypt(token string) (data string, err error)

Decrypt given a token retrieves the decrypted plaintext.

func (*Vault) Delete ¶ added in v1.2.0

func (v *Vault) Delete(token string) error

Delete returns the same message for both a not-found token and a token that exists, but to which you do not have permission. This ensures the existence of the token does not leakto a third party that should not have access to the data.

func (*Vault) Encrypt ¶

func (v *Vault) Encrypt(data, token string) (string, error)

Encrypt a plaintext value and store it using the passed-in token identifier. This allows you to migrate tokens you already have to the AuricVault service and maintain the same token identifier in your databases.

If no token is specified, one will be auto-generated.

func (*Vault) Info ¶ added in v1.2.0

func (v *Vault) Info(token string) (*Result, error)

Info retrieves information about a token. Useful for finding out if a token exists in the system without needing to retrieve the actual data.

func (*Vault) ReEncrypt ¶

func (v *Vault) ReEncrypt(data, token string) (string, error)

ReEncrypt submit new plaintext data to be encrypted for an existing token.

func (*Vault) Touch ¶ added in v1.2.0

func (v *Vault) Touch(token string) (*Result, error)

Touch method is similar to the TokenInfo method except that it does update the token last accessed date time stamp. This method is used to reset the start of the retention period to the current date/time.

Touching a non-existing token results in an error message and lastActionSucceeded of 0.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL