add KMS support

Fixes #226
2025-12-07 14:50:55 +03:00 · 2020-11-30 21:46:34 +01:00
parent af0c9b76c4
commit 634b723b5d
46 changed files with 1582 additions and 536 deletions
--- a/kms/aws.go
+++ b/kms/aws.go
@@ -0,0 +1,42 @@
+package kms
+
+const (
+	awsProviderName = "AWS"
+)
+
+type awsSecret struct {
+	baseGCloudSecret
+}
+
+func newAWSSecret(base baseSecret, url, masterKey string) SecretProvider {
+	return &awsSecret{
+		baseGCloudSecret{
+			baseSecret: base,
+			url:        url,
+			masterKey:  masterKey,
+		},
+	}
+}
+
+func (s *awsSecret) Name() string {
+	return awsProviderName
+}
+
+func (s *awsSecret) IsEncrypted() bool {
+	return s.Status == SecretStatusAWS
+}
+
+func (s *awsSecret) Encrypt() error {
+	if err := s.baseGCloudSecret.Encrypt(); err != nil {
+		return err
+	}
+	s.Status = SecretStatusAWS
+	return nil
+}
+
+func (s *awsSecret) Decrypt() error {
+	if !s.IsEncrypted() {
+		return errWrongSecretStatus
+	}
+	return s.baseGCloudSecret.Decrypt()
+}