Versions in this module Expand all Collapse all v0 v0.4.0 Jun 7, 2023 v0.3.0 Sep 5, 2022 v0.2.3 Jan 19, 2022 v0.2.2 Nov 12, 2021 Changes in this version + const RootNamespaceID + var ErrNoNamespace error = errors.New("no namespace") + var RootNamespace *Namespace = &Namespace + func Canonicalize(nsPath string) string + func ContextWithNamespace(ctx context.Context, ns *Namespace) context.Context + func RootContext(ctx context.Context) context.Context + func SplitIDFromString(input string) (string, string) + type Namespace struct + ID string + Path string + func FromContext(ctx context.Context) (*Namespace, error) + func (n *Namespace) HasParent(possibleParent *Namespace) bool + func (n *Namespace) TrimmedPath(path string) string v0.2.1 Nov 10, 2021 Changes in this version type LockManager + func (lm *LockManager) InitCache(cacheSize int) error v0.2.0 Nov 10, 2021 v0.1.0 Mar 29, 2021 Changes in this version + const Kdf_hkdf_sha256 + const Kdf_hmac_sha256_counter + const KeyType_ECDSA_SM2 + const KeyType_SM4_GCM96 + var ErrInvalidKeyName = errors.New("key names cannot be paths") + func Backend(ctx context.Context, conf *logical.BackendConfig) (*backend, error) + func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error) + func GetCacheSizeFromStorage(ctx context.Context, s logical.Storage) (int, error) + type BatchRequestItem struct + Ciphertext string + Context string + DecodedContext []byte + DecodedNonce []byte + KeyVersion int + Nonce string + Plaintext string + type DecryptBatchResponseItem struct + Error string + Plaintext string + type EncryptBatchResponseItem struct + Ciphertext string + Error string + KeyVersion int + type KeyData struct + ArchivedKeys *archivedKeys + Policy *Policy + type KeyType int + func (kt KeyType) DecryptionSupported() bool + func (kt KeyType) DerivationSupported() bool + func (kt KeyType) EncryptionSupported() bool + func (kt KeyType) HashSignatureInput() bool + func (kt KeyType) SigningSupported() bool + func (kt KeyType) String() string + type LockManager struct + func NewLockManager(useCache bool, cacheSize int) (*LockManager, error) + func (lm *LockManager) BackupPolicy(ctx context.Context, storage logical.Storage, name string) (string, error) + func (lm *LockManager) DeletePolicy(ctx context.Context, storage logical.Storage, name string) error + func (lm *LockManager) GetCacheSize() int + func (lm *LockManager) GetPolicy(ctx context.Context, req PolicyRequest, rand io.Reader) (retP *Policy, retUpserted bool, retErr error) + func (lm *LockManager) GetUseCache() bool + func (lm *LockManager) InvalidatePolicy(name string) + func (lm *LockManager) RestorePolicy(ctx context.Context, storage logical.Storage, name, backup string, force bool) error + type Policy struct + AllowPlaintextBackup bool + ArchiveMinVersion int + ArchiveVersion int + BackupInfo *keysutil.BackupInfo + ConvergentEncryption bool + ConvergentVersion int + DeletionAllowed bool + Derived bool + Exportable bool + KDF int + Key []byte + Keys keyEntryMap + LatestVersion int + MinAvailableVersion int + MinDecryptionVersion int + MinEncryptionVersion int + Name string + RestoreInfo *keysutil.RestoreInfo + StoragePrefix string + Type KeyType + VersionTemplate string + func LoadPolicy(ctx context.Context, s logical.Storage, path string) (*Policy, error) + func NewPolicy(config PolicyConfig) *Policy + func (p *Policy) Backup(ctx context.Context, storage logical.Storage) (out string, retErr error) + func (p *Policy) Decrypt(context, nonce []byte, value string) (string, error) + func (p *Policy) DeriveKey(context, salt []byte, ver int, numBytes int) ([]byte, error) + func (p *Policy) Encrypt(ver int, context, nonce []byte, value string) (string, error) + func (p *Policy) GetKey(context []byte, ver, numBytes int) ([]byte, error) + func (p *Policy) HMACKey(version int) ([]byte, error) + func (p *Policy) LoadArchive(ctx context.Context, storage logical.Storage) (*archivedKeys, error) + func (p *Policy) Lock(exclusive bool) + func (p *Policy) MigrateKeyToKeysMap() + func (p *Policy) NeedsUpgrade() bool + func (p *Policy) Persist(ctx context.Context, storage logical.Storage) (retErr error) + func (p *Policy) Rotate(ctx context.Context, storage logical.Storage, randReader io.Reader) (retErr error) + func (p *Policy) RotateInMemory(randReader io.Reader) (retErr error) + func (p *Policy) Serialize() ([]byte, error) + func (p *Policy) Sign(ver int, input []byte, marshaling keysutil.MarshalingType) (*keysutil.SigningResult, error) + func (p *Policy) SymmetricDecryptRaw(encKey, ciphertext []byte, opts SymmetricOpts) ([]byte, error) + func (p *Policy) SymmetricEncryptRaw(ver int, encKey, plaintext []byte, opts SymmetricOpts) ([]byte, error) + func (p *Policy) Unlock() + func (p *Policy) Upgrade(ctx context.Context, storage logical.Storage, randReader io.Reader) (retErr error) + func (p *Policy) VerifySignature(input []byte, marshaling keysutil.MarshalingType, sig string) (bool, error) + type PolicyConfig struct + AllowPlaintextBackup bool + ConvergentEncryption bool + DeletionAllowed bool + Derived bool + Exportable bool + KDF int + Name string + StoragePrefix string + Type KeyType + VersionTemplate string + type PolicyRequest struct + AllowPlaintextBackup bool + Convergent bool + Derived bool + Exportable bool + KeyType KeyType + Name string + Storage logical.Storage + Upsert bool + type SymmetricOpts struct + AdditionalData []byte + Convergent bool + ConvergentVersion int + HMACKey []byte + Nonce []byte