Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type RequestObject ¶
type RequestObject struct {
// Nonce is the unique nonce used for key derivation
Nonce []byte
// Name is the encrypted filename, represented as AWS-key-safe version of base64
// (no padding =, / replaced with . and + replaced with -)
// see Characters That Might Require Special Handling
// https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
Name string
// Key is the unique derived key
Key *memguard.LockedBuffer
}
RequestObject is an ogive-friendly representation of object metadata needed to prepare a PUT request
func Prepare ¶
func Prepare(master *memguard.LockedBuffer, fname string) (o RequestObject, err error)
Prepare is the inverse of Parse. It generates a unique nonce and encrypts the filename.
type ResponseObject ¶
type ResponseObject struct {
// Restore indicates object restore status
Restore string
// Size is the objects size as indicated by Content-Length
Size int
// LastModified is the file creation date as indicated by Last-Modified
LastModified time.Time
// Nonce is the unique nonce used for key derivation
Nonce []byte
// Name is the original unencrypted filename
Name string
// Key is the unique derived key
Key *memguard.LockedBuffer
}
ResponseObject is an ogive-friendly representation of a HEAD result on a stored file
func Parse ¶
func Parse(res *s3.HeadObjectOutput, key *string, gcm cipher.AEAD, master *memguard.LockedBuffer) (o ResponseObject, err error)
Parse translates the output of an s3 HeadObject command into a robust ogive archive file representation retrieving information such as original filename, unique file nonce, or the derived key (if possible).
The reason this function requires an existing instance of cipher.AEAD is that it can be reused between multiple object instances (in case of list command), which is more efficient than creating it every time.
Source Files