transit

package

v0.0.0-...-a17cf7f Latest Latest Go to latest Published: Apr 16, 2024 License: Apache-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/libopenstorage/secrets

Links

Open Source Insights

Documentation ¶

Index ¶

type SecretKey
type VaultLogical
type VaultTransit
- func New(client VaultLogical) (*VaultTransit, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type SecretKey ¶

type SecretKey struct {
	// Name is a secret name, used to build a url (example, /transit/keys/:name).
	Name string
	// Namespace is a vault namespace, optional.
	Namespace string
}

SecretKey contains parameters used to identify the vault secret.

type VaultLogical ¶

type VaultLogical interface {
	Read(path string) (*api.Secret, error)
	Write(path string, data map[string]interface{}) (*api.Secret, error)
	Delete(path string) (*api.Secret, error)
}

VaultLogical represents methods from the vault.Logical client used by VaultTransit.

type VaultTransit ¶

type VaultTransit struct {
	// contains filtered or unexported fields
}

VaultTransit partially implements vault transit API.

func New ¶

func New(client VaultLogical) (*VaultTransit, error)

New returns a new instance of the VaultTransit.

func (VaultTransit) Create ¶

func (v VaultTransit) Create(key SecretKey, keyType string) (*api.Secret, error)

Create creates a new named encryption key of the specified type. https://www.vaultproject.io/api/secret/transit#create-key

func (VaultTransit) Decrypt ¶

func (v VaultTransit) Decrypt(key SecretKey, ciphertext string) (string, error)

Decrypt decrypts the provided cipher text using the named key. The output is a base64-encoded plain text. https://www.vaultproject.io/api/secret/transit#decrypt-data

func (VaultTransit) Delete ¶

func (v VaultTransit) Delete(key SecretKey) error

Delete deletes a named encryption key. https://www.vaultproject.io/api/secret/transit#delete-key

func (VaultTransit) Encrypt ¶

func (v VaultTransit) Encrypt(key SecretKey, plaintext string) (string, error)

Encrypt encrypts the provided plain text using the named key. All plaintext data must be base64-encoded. It supports the create (create an encryption key if it's not exist) and update policy capabilities. https://www.vaultproject.io/api/secret/transit#encrypt-data

func (VaultTransit) GenerateDataKey ¶

func (v VaultTransit) GenerateDataKey(key SecretKey) (string, error)

GenerateDataKey generates a new high-entropy key and the value encrypted with the named key. Returns a cipher text. It create an encryption key if it's not exist. https://www.vaultproject.io/api/secret/transit#generate-data-key

func (VaultTransit) Read ¶

func (v VaultTransit) Read(key SecretKey) (*api.Secret, error)

Read returns information about a named encryption key. https://www.vaultproject.io/api/secret/transit#read-key

Source Files ¶

View all Source files

transit.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL