forked from hashicorp/vault
/
seal.go
35 lines (28 loc) · 888 Bytes
/
seal.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
package seal
import (
"context"
"github.com/hashicorp/vault/physical"
)
const (
Shamir = "shamir"
PKCS11 = "pkcs11"
AliCloudKMS = "alicloudkms"
AWSKMS = "awskms"
GCPCKMS = "gcpckms"
AzureKeyVault = "azurekeyvault"
Transit = "transit"
Test = "test-auto"
// HSMAutoDeprecated is a deprecated seal type prior to 0.9.0.
// It is still referenced in certain code paths for upgrade purporses
HSMAutoDeprecated = "hsm-auto"
)
// Access is the embedded implemention of autoSeal that contains logic
// specific to encrypting and decrypting data, or in this case keys.
type Access interface {
SealType() string
KeyID() string
Init(context.Context) error
Finalize(context.Context) error
Encrypt(context.Context, []byte) (*physical.EncryptedBlobInfo, error)
Decrypt(context.Context, *physical.EncryptedBlobInfo) ([]byte, error)
}