Documentation ¶
Index ¶
- Constants
- Variables
- func AsNaCLKey(data []byte) (*[32]byte, error)
- func DecryptEnvelopes(input string, strategy Decryptor) (output string, err error)
- func ExtractEncryptionType(input string) string
- func UnwrapEncoding(input string) ([]byte, error)
- func WrapEncoding(key string, message []byte) string
- type Decryptor
- type Encryptor
- type KmsCryptoStrategy
- type SecretsManagerCryptoStrategy
- type StrategyBuilder
- type WildcardDecryptionStrategy
Constants ¶
View Source
const ( KMS_DATA_KEY_LENGTH int32 = 32 CRYPTO_KEY_KMS string = "KMS" )
View Source
const (
CRYPTO_KEY_SM string = "SECMAN"
)
Variables ¶
View Source
var (
EnvelopeRegex = regexp.MustCompile(regexstr)
)
Functions ¶
func DecryptEnvelopes ¶ added in v1.2.0
func ExtractEncryptionType ¶
func UnwrapEncoding ¶
func WrapEncoding ¶
Types ¶
type KmsCryptoStrategy ¶
type KmsCryptoStrategy struct {
// contains filtered or unexported fields
}
KmsCryptoStrategy handles AWS KMS based encryption and decryption
func NewKmsCryptoStrategy ¶
func NewKmsCryptoStrategy(region string) (*KmsCryptoStrategy, error)
func (KmsCryptoStrategy) Decrypt ¶
func (cs KmsCryptoStrategy) Decrypt(input string) ([]byte, error)
func (KmsCryptoStrategy) Encrypt ¶
func (cs KmsCryptoStrategy) Encrypt(payload []byte, key string) (string, error)
func (*KmsCryptoStrategy) GenerateDataKey ¶
func (cs *KmsCryptoStrategy) GenerateDataKey(keyId string) (*[32]byte, []byte, error)
func (KmsCryptoStrategy) Key ¶ added in v1.2.0
func (cs KmsCryptoStrategy) Key() string
type SecretsManagerCryptoStrategy ¶ added in v1.1.0
type SecretsManagerCryptoStrategy struct {
// contains filtered or unexported fields
}
func NewSecretsManagerCryptoStrategy ¶ added in v1.1.0
func NewSecretsManagerCryptoStrategy(region string) (*SecretsManagerCryptoStrategy, error)
func (SecretsManagerCryptoStrategy) Decrypt ¶ added in v1.1.0
func (cs SecretsManagerCryptoStrategy) Decrypt(input string) ([]byte, error)
Decrypt will pull the secret from Secrets Manager
func (SecretsManagerCryptoStrategy) Encrypt ¶ added in v1.1.0
func (cs SecretsManagerCryptoStrategy) Encrypt(payload []byte, key string) (string, error)
Encrypt will generate the wrapped encoded string
@param: payload is expected to be the key of the secret that will be used for decryption @param: key is used for key/value pair keys @returns: The base64 encoded arn with the encryption strategy key
func (SecretsManagerCryptoStrategy) Key ¶ added in v1.2.0
func (cs SecretsManagerCryptoStrategy) Key() string
type StrategyBuilder ¶ added in v1.2.0
type WildcardDecryptionStrategy ¶
func NewWildcardDecryptionStrategy ¶
func NewWildcardDecryptionStrategy(builders []StrategyBuilder) (*WildcardDecryptionStrategy, error)
NewWildcardDecryptionStrategy is the initializer function for WildcardDecryptionStrategy
func (*WildcardDecryptionStrategy) Add ¶
func (wds *WildcardDecryptionStrategy) Add(key string, strategy Decryptor) *WildcardDecryptionStrategy
Add is a builder function to build up any applicable decryption strategies
func (WildcardDecryptionStrategy) Decrypt ¶
func (wds WildcardDecryptionStrategy) Decrypt(input string) ([]byte, error)
Decrypt will process the input string for the correct strategy and run decrypt on that strategy
func (WildcardDecryptionStrategy) Key ¶ added in v1.2.0
func (wds WildcardDecryptionStrategy) Key() string
Click to show internal directories.
Click to hide internal directories.