Updated tests to work in more CICD envs
All checks were successful
test / test-default (push) Successful in 59s
All checks were successful
test / test-default (push) Successful in 59s
This commit is contained in:
24
provider.go
24
provider.go
@@ -1,6 +1,7 @@
|
||||
package secret
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
@@ -14,6 +15,29 @@ type Provider interface {
|
||||
GetSecret(key string) (value []byte, err error)
|
||||
}
|
||||
|
||||
// Crypter for in-transit encrypted secrets.
|
||||
type Crypter interface {
|
||||
// Encrypt a plaintext using the key specified in keyID.
|
||||
Encrypt(ctx context.Context, keyID string, plaintext []byte) (ciphertext []byte, err error)
|
||||
|
||||
// Decrypt a ciphertext using the key specified in keyID.
|
||||
Decrypt(ctx context.Context, keyID string, ciphertext []byte) (plaintext []byte, err error)
|
||||
}
|
||||
|
||||
func Encrypt(ctx context.Context, p Provider, keyID string, plaintext []byte) (ciphertext []byte, err error) {
|
||||
if c, ok := p.(Crypter); ok {
|
||||
return c.Encrypt(ctx, keyID, plaintext)
|
||||
}
|
||||
return nil, fmt.Errorf("secret: %T doesn't implement Crypter", p)
|
||||
}
|
||||
|
||||
func Decrypt(ctx context.Context, p Provider, keyID string, ciphertext []byte) (plaintext []byte, err error) {
|
||||
if c, ok := p.(Crypter); ok {
|
||||
return c.Decrypt(ctx, keyID, ciphertext)
|
||||
}
|
||||
return nil, fmt.Errorf("secret: %T doesn't implement Crypter", p)
|
||||
}
|
||||
|
||||
// AmbiguousKey is an error incdicating that the secret doesn't resolve to exactly one item.
|
||||
type AmbiguousKey struct {
|
||||
Key string
|
||||
|
||||
Reference in New Issue
Block a user