keyservice

package
v0.0.0-...-14a22d7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 12, 2019 License: MPL-2.0 Imports: 12 Imported by: 1

Documentation

Overview

Package keyservice implements a gRPC API that can be used by SOPS to encrypt and decrypt the data key using remote master keys.

Package keyservice is a generated protocol buffer package.

It is generated from these files: 

keyservice/keyservice.proto

It has these top-level messages: 

Key
PgpKey
KmsKey
GcpKmsKey
AzureKeyVaultKey
EncryptRequest
EncryptResponse
DecryptRequest
DecryptResponse

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RegisterKeyServiceServer 

func RegisterKeyServiceServer(s *grpc.Server, srv KeyServiceServer)

Types

type AzureKeyVaultKey 

type AzureKeyVaultKey struct {
	VaultUrl string `protobuf:"bytes,1,opt,name=vault_url,json=vaultUrl" json:"vault_url,omitempty"`
	Name     string `protobuf:"bytes,2,opt,name=name" json:"name,omitempty"`
	Version  string `protobuf:"bytes,3,opt,name=version" json:"version,omitempty"`
}

func (*AzureKeyVaultKey) Descriptor 

func (*AzureKeyVaultKey) Descriptor() ([]byte, []int)

func (*AzureKeyVaultKey) GetName 

func (m *AzureKeyVaultKey) GetName() string

func (*AzureKeyVaultKey) GetVaultUrl 

func (m *AzureKeyVaultKey) GetVaultUrl() string

func (*AzureKeyVaultKey) GetVersion 

func (m *AzureKeyVaultKey) GetVersion() string

func (*AzureKeyVaultKey) ProtoMessage 

func (*AzureKeyVaultKey) ProtoMessage()

func (*AzureKeyVaultKey) Reset 

func (m *AzureKeyVaultKey) Reset()

func (*AzureKeyVaultKey) String 

func (m *AzureKeyVaultKey) String() string

type DecryptRequest 

type DecryptRequest struct {
	Key        *Key   `protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
	Ciphertext []byte `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
}

func (*DecryptRequest) Descriptor 

func (*DecryptRequest) Descriptor() ([]byte, []int)

func (*DecryptRequest) GetCiphertext 

func (m *DecryptRequest) GetCiphertext() []byte

func (*DecryptRequest) GetKey 

func (m *DecryptRequest) GetKey() *Key

func (*DecryptRequest) ProtoMessage 

func (*DecryptRequest) ProtoMessage()

func (*DecryptRequest) Reset 

func (m *DecryptRequest) Reset()

func (*DecryptRequest) String 

func (m *DecryptRequest) String() string

type DecryptResponse 

type DecryptResponse struct {
	Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`
}

func (*DecryptResponse) Descriptor 

func (*DecryptResponse) Descriptor() ([]byte, []int)

func (*DecryptResponse) GetPlaintext 

func (m *DecryptResponse) GetPlaintext() []byte

func (*DecryptResponse) ProtoMessage 

func (*DecryptResponse) ProtoMessage()

func (*DecryptResponse) Reset 

func (m *DecryptResponse) Reset()

func (*DecryptResponse) String 

func (m *DecryptResponse) String() string

type EncryptRequest 

type EncryptRequest struct {
	Key       *Key   `protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
	Plaintext []byte `protobuf:"bytes,2,opt,name=plaintext,proto3" json:"plaintext,omitempty"`
}

func (*EncryptRequest) Descriptor 

func (*EncryptRequest) Descriptor() ([]byte, []int)

func (*EncryptRequest) GetKey 

func (m *EncryptRequest) GetKey() *Key

func (*EncryptRequest) GetPlaintext 

func (m *EncryptRequest) GetPlaintext() []byte

func (*EncryptRequest) ProtoMessage 

func (*EncryptRequest) ProtoMessage()

func (*EncryptRequest) Reset 

func (m *EncryptRequest) Reset()

func (*EncryptRequest) String 

func (m *EncryptRequest) String() string

type EncryptResponse 

type EncryptResponse struct {
	Ciphertext []byte `protobuf:"bytes,1,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
}

func (*EncryptResponse) Descriptor 

func (*EncryptResponse) Descriptor() ([]byte, []int)

func (*EncryptResponse) GetCiphertext 

func (m *EncryptResponse) GetCiphertext() []byte

func (*EncryptResponse) ProtoMessage 

func (*EncryptResponse) ProtoMessage()

func (*EncryptResponse) Reset 

func (m *EncryptResponse) Reset()

func (*EncryptResponse) String 

func (m *EncryptResponse) String() string

type GcpKmsKey 

type GcpKmsKey struct {
	ResourceId string `protobuf:"bytes,1,opt,name=resource_id,json=resourceId" json:"resource_id,omitempty"`
}

func (*GcpKmsKey) Descriptor 

func (*GcpKmsKey) Descriptor() ([]byte, []int)

func (*GcpKmsKey) GetResourceId 

func (m *GcpKmsKey) GetResourceId() string

func (*GcpKmsKey) ProtoMessage 

func (*GcpKmsKey) ProtoMessage()

func (*GcpKmsKey) Reset 

func (m *GcpKmsKey) Reset()

func (*GcpKmsKey) String 

func (m *GcpKmsKey) String() string

type Key 

type Key struct {
	// Types that are valid to be assigned to KeyType:
	//	*Key_KmsKey
	//	*Key_PgpKey
	//	*Key_GcpKmsKey
	//	*Key_AzureKeyvaultKey
	KeyType isKey_KeyType `protobuf_oneof:"key_type"`
}

func KeyFromMasterKey 

func KeyFromMasterKey(mk keys.MasterKey) Key

KeyFromMasterKey converts a SOPS internal MasterKey to an RPC Key that can be serialized with Protocol Buffers

func (*Key) Descriptor 

func (*Key) Descriptor() ([]byte, []int)

func (*Key) GetAzureKeyvaultKey 

func (m *Key) GetAzureKeyvaultKey() *AzureKeyVaultKey

func (*Key) GetGcpKmsKey 

func (m *Key) GetGcpKmsKey() *GcpKmsKey

func (*Key) GetKeyType 

func (m *Key) GetKeyType() isKey_KeyType

func (*Key) GetKmsKey 

func (m *Key) GetKmsKey() *KmsKey

func (*Key) GetPgpKey 

func (m *Key) GetPgpKey() *PgpKey

func (*Key) ProtoMessage 

func (*Key) ProtoMessage()

func (*Key) Reset 

func (m *Key) Reset()

func (*Key) String 

func (m *Key) String() string

func (*Key) XXX_OneofFuncs 

func (*Key) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

type KeyServiceClient 

type KeyServiceClient interface {
	Encrypt(ctx context.Context, in *EncryptRequest, opts ...grpc.CallOption) (*EncryptResponse, error)
	Decrypt(ctx context.Context, in *DecryptRequest, opts ...grpc.CallOption) (*DecryptResponse, error)
}

func NewKeyServiceClient 

func NewKeyServiceClient(cc *grpc.ClientConn) KeyServiceClient

type KeyServiceServer 

type KeyServiceServer interface {
	Encrypt(context.Context, *EncryptRequest) (*EncryptResponse, error)
	Decrypt(context.Context, *DecryptRequest) (*DecryptResponse, error)
}

type Key_AzureKeyvaultKey 

type Key_AzureKeyvaultKey struct {
	AzureKeyvaultKey *AzureKeyVaultKey `protobuf:"bytes,4,opt,name=azure_keyvault_key,json=azureKeyvaultKey,oneof"`
}

type Key_GcpKmsKey 

type Key_GcpKmsKey struct {
	GcpKmsKey *GcpKmsKey `protobuf:"bytes,3,opt,name=gcp_kms_key,json=gcpKmsKey,oneof"`
}

type Key_KmsKey 

type Key_KmsKey struct {
	KmsKey *KmsKey `protobuf:"bytes,1,opt,name=kms_key,json=kmsKey,oneof"`
}

type Key_PgpKey 

type Key_PgpKey struct {
	PgpKey *PgpKey `protobuf:"bytes,2,opt,name=pgp_key,json=pgpKey,oneof"`
}

type KmsKey 

type KmsKey struct {
	Arn        string            `protobuf:"bytes,1,opt,name=arn" json:"arn,omitempty"`
	Role       string            `protobuf:"bytes,2,opt,name=role" json:"role,omitempty"`
	Context    map[string]string `` /* 134-byte string literal not displayed */
	AwsProfile string            `protobuf:"bytes,4,opt,name=aws_profile" json:"aws_profile,omitempty"`
}

func (*KmsKey) Descriptor 

func (*KmsKey) Descriptor() ([]byte, []int)

func (*KmsKey) GetArn 

func (m *KmsKey) GetArn() string

func (*KmsKey) GetContext 

func (m *KmsKey) GetContext() map[string]string

func (*KmsKey) GetRole 

func (m *KmsKey) GetRole() string

func (*KmsKey) ProtoMessage 

func (*KmsKey) ProtoMessage()

func (*KmsKey) Reset 

func (m *KmsKey) Reset()

func (*KmsKey) String 

func (m *KmsKey) String() string

type LocalClient 

type LocalClient struct {
	Server Server
}

LocalClient is a key service client that performs all operations locally

func NewLocalClient 

func NewLocalClient() LocalClient

NewLocalClient creates a new local client

func (LocalClient) Decrypt 

func (c LocalClient) Decrypt(ctx context.Context,
	req *DecryptRequest, opts ...grpc.CallOption) (*DecryptResponse, error)

Decrypt processes a decrypt request locally See keyservice/server.go for more details

func (LocalClient) Encrypt 

func (c LocalClient) Encrypt(ctx context.Context,
	req *EncryptRequest, opts ...grpc.CallOption) (*EncryptResponse, error)

Encrypt processes an encrypt request locally See keyservice/server.go for more details

type PgpKey 

type PgpKey struct {
	Fingerprint string `protobuf:"bytes,1,opt,name=fingerprint" json:"fingerprint,omitempty"`
}

func (*PgpKey) Descriptor 

func (*PgpKey) Descriptor() ([]byte, []int)

func (*PgpKey) GetFingerprint 

func (m *PgpKey) GetFingerprint() string

func (*PgpKey) ProtoMessage 

func (*PgpKey) ProtoMessage()

func (*PgpKey) Reset 

func (m *PgpKey) Reset()

func (*PgpKey) String 

func (m *PgpKey) String() string

type Server 

type Server struct {
	// Prompt indicates whether the server should prompt before decrypting or encrypting data
	Prompt bool
}

Server is a key service server that uses SOPS MasterKeys to fulfill requests

func (Server) Decrypt 

func (ks Server) Decrypt(ctx context.Context,
	req *DecryptRequest) (*DecryptResponse, error)

Decrypt takes a decrypt request and decrypts the provided ciphertext with the provided key, returning the decrypted result

func (Server) Encrypt 

func (ks Server) Encrypt(ctx context.Context,
	req *EncryptRequest) (*EncryptResponse, error)

Encrypt takes an encrypt request and encrypts the provided plaintext with the provided key, returning the encrypted result

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.