func init() { … }
const KMSAPIVersionv2 …
const KMSAPIVersionv2beta1 …
const annotationsMaxSize …
const KeyIDMaxSize …
const encryptedDEKSourceMaxSize …
const cacheTTL …
const errKeyIDOKCode …
const errKeyIDEmptyCode …
const errKeyIDTooLongCode …
var NowFunc …
type StateFunc …
type ErrCodeKeyID …
type State …
func (s *State) ValidateEncryptCapability() error { … }
type envelopeTransformer …
func NewEnvelopeTransformer(envelopeService kmsservice.Service, providerName string, stateFunc StateFunc, apiServerID string) value.Transformer { … }
func newEnvelopeTransformerWithClock(envelopeService kmsservice.Service, providerName string, stateFunc StateFunc, apiServerID string, cacheTTL time.Duration, clock clock.Clock) value.Transformer { … }
func (t *envelopeTransformer) TransformFromStorage(ctx context.Context, data []byte, dataCtx value.Context) ([]byte, bool, error) { … }
func (t *envelopeTransformer) TransformToStorage(ctx context.Context, data []byte, dataCtx value.Context) ([]byte, error) { … }
func (t *envelopeTransformer) addTransformerForDecryption(cacheKey []byte, key []byte, useSeed bool) (value.Read, error) { … }
func (t *envelopeTransformer) doEncode(request *kmstypes.EncryptedObject) ([]byte, error) { … }
func (t *envelopeTransformer) doDecode(originalData []byte) (*kmstypes.EncryptedObject, error) { … }
func GenerateTransformer(ctx context.Context, uid string, envelopeService kmsservice.Service, useSeed bool) (value.Transformer, *kmstypes.EncryptedObject, []byte, error) { … }
func ValidateEncryptedObject(o *kmstypes.EncryptedObject) error { … }
func validateEncryptedDEKSource(encryptedDEKSource []byte) error { … }
func validateAnnotations(annotations map[string][]byte) error { … }
func ValidateKeyID(keyID string) (ErrCodeKeyID, error) { … }
func getRequestInfoFromContext(ctx context.Context) *genericapirequest.RequestInfo { … }
func generateCacheKey(encryptedDEKSourceType kmstypes.EncryptedDEKSourceType, encryptedDEKSource []byte, keyID string, annotations map[string][]byte) ([]byte, error) { … }
func toBytes(s string) []byte { … }
func GetHashIfNotEmpty(data string) string { … }