2018-10-19 21:43:57 +00:00
|
|
|
package seal
|
|
|
|
|
|
|
|
import (
|
2020-01-11 01:39:52 +00:00
|
|
|
"sync"
|
2018-10-19 21:43:57 +00:00
|
|
|
"time"
|
|
|
|
|
|
|
|
metrics "github.com/armon/go-metrics"
|
2020-01-11 01:39:52 +00:00
|
|
|
wrapping "github.com/hashicorp/go-kms-wrapping"
|
2018-10-19 21:43:57 +00:00
|
|
|
)
|
|
|
|
|
2020-01-11 01:39:52 +00:00
|
|
|
type Envelope struct {
|
|
|
|
envelope *wrapping.Envelope
|
|
|
|
once sync.Once
|
2018-10-19 21:43:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func NewEnvelope() *Envelope {
|
|
|
|
return &Envelope{}
|
|
|
|
}
|
|
|
|
|
2020-01-11 01:39:52 +00:00
|
|
|
func (e *Envelope) init() {
|
|
|
|
e.envelope = new(wrapping.Envelope)
|
2018-10-19 21:43:57 +00:00
|
|
|
}
|
|
|
|
|
2020-01-11 01:39:52 +00:00
|
|
|
func (e *Envelope) Encrypt(plaintext, aad []byte) (*wrapping.EnvelopeInfo, error) {
|
|
|
|
defer metrics.MeasureSince([]string{"seal", "envelope", "encrypt"}, time.Now())
|
|
|
|
e.once.Do(e.init)
|
2018-10-19 21:43:57 +00:00
|
|
|
|
2020-01-11 01:39:52 +00:00
|
|
|
return e.envelope.Encrypt(plaintext, aad)
|
2018-10-19 21:43:57 +00:00
|
|
|
}
|
|
|
|
|
2020-01-11 01:39:52 +00:00
|
|
|
func (e *Envelope) Decrypt(data *wrapping.EnvelopeInfo, aad []byte) ([]byte, error) {
|
|
|
|
defer metrics.MeasureSince([]string{"seal", "envelope", "decrypt"}, time.Now())
|
|
|
|
e.once.Do(e.init)
|
2018-10-19 21:43:57 +00:00
|
|
|
|
2020-01-11 01:39:52 +00:00
|
|
|
return e.envelope.Decrypt(data, aad)
|
2018-10-19 21:43:57 +00:00
|
|
|
}
|