open-vault/vault/seal/seal.go

41 lines
961 B
Go
Raw Normal View History

2018-09-18 03:03:00 +00:00
package seal
import (
"context"
"github.com/hashicorp/vault/sdk/physical"
)
2018-09-18 03:03:00 +00:00
const (
Shamir = "shamir"
PKCS11 = "pkcs11"
AliCloudKMS = "alicloudkms"
2018-09-18 03:03:00 +00:00
AWSKMS = "awskms"
GCPCKMS = "gcpckms"
AzureKeyVault = "azurekeyvault"
2019-09-04 19:40:54 +00:00
OCIKMS = "ocikms"
Transit = "transit"
2018-09-18 03:03:00 +00:00
Test = "test-auto"
// HSMAutoDeprecated is a deprecated seal type prior to 0.9.0.
// It is still referenced in certain code paths for upgrade purporses
HSMAutoDeprecated = "hsm-auto"
2018-09-18 03:03:00 +00:00
)
type Encryptor interface {
Encrypt(context.Context, []byte) (*physical.EncryptedBlobInfo, error)
Decrypt(context.Context, *physical.EncryptedBlobInfo) ([]byte, error)
}
// Access is the embedded implementation of autoSeal that contains logic
// specific to encrypting and decrypting data, or in this case keys.
type Access interface {
SealType() string
KeyID() string
Init(context.Context) error
Finalize(context.Context) error
Encryptor
}