forked from hashicorp/go-kms-wrapping
-
Notifications
You must be signed in to change notification settings - Fork 2
/
root_key.go
56 lines (48 loc) · 1.54 KB
/
root_key.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package kms
import (
"fmt"
"time"
)
// rootKey represents the KEKs (keys to encrypt keys) of the system.
type rootKey struct {
// PrivateId is used to access the root key
PrivateId string `json:"private_id,omitempty" gorm:"primary_key"`
// ScopeId for the root key
ScopeId string `json:"scope_id,omitempty" gorm:"default:null"`
// CreateTime from the db
CreateTime time.Time `json:"create_time,omitempty" gorm:"default:current_timestamp"`
// tableNamePrefix defines the prefix to use before the table name and
// allows us to support custom prefixes as well as multi KMSs within a
// single schema.
tableNamePrefix string `gorm:"-"`
}
// newRootKey creates a new in memory root key. No optionsare currently
// supported.
func newRootKey(scopeId string, _ ...Option) (*rootKey, error) {
const op = "kms.NewRootKey"
if scopeId == "" {
return nil, fmt.Errorf("%s: missing scope id: %w", op, ErrInvalidParameter)
}
c := &rootKey{
ScopeId: scopeId,
}
return c, nil
}
// TableName returns the table name
func (k *rootKey) TableName() string {
const tableName = "root_key"
return fmt.Sprintf("%s_%s", k.tableNamePrefix, tableName)
}
// Clone creates a clone of the RootKeyVersion
func (k *rootKey) Clone() *rootKey {
return &rootKey{
PrivateId: k.PrivateId,
ScopeId: k.ScopeId,
CreateTime: k.CreateTime,
tableNamePrefix: k.tableNamePrefix,
}
}
// GetPrivateId returns the key's private id
func (k *rootKey) GetPrivateId() string { return k.PrivateId }