I've created a draft of how we can abstract CryptoConfig assembly into KeyBundles. These are abstracted structures which are returned by calling constructors for each key type. These are part of the encryption library (which will be part of OCI). The public interfaces which the code base will interact with is as follows:

Sample patch (EDIT: SupportedProtocols doesn't seem to be very helpful, so we can just return the config.CryptoConfig directly, instead of dcparameters, we would just use the DecryptConfig object): lumjjb@960d75e

Together with the patch that will ask users to specify which key type they are using should make this clearer, and can be processed by a case statement calling the key bundle creation.

// NewPkcs7KeyBundle returns a KeyBundle that contains the required configuration for using
// the pkcs7 keyunwrap interface
func NewPkcs7KeyBundle(x509 *[]byte, privKey *[]byte, privKeyPassword *string) config.KeyBundle

// NewJweKeyBundle returns a KeyBundle that contains the required configuration for using
// the jwe keyunwrap interface
func NewJweKeyBundle(pubKey *[]byte, privKey *[]byte, privKeyPassword *string) config.KeyBundle

// CombineKeyBundles takes a KeyBundle list and creates a single KeyBundle
// containing the crypto configuration of all the key bundles
func CombineKeyBundles(kbs []KeyBundle) KeyBundle

// KeyBundle represents a set of keys to perform encryption/decryption
type KeyBundle struct {
	// CryptoConfig needed to perform encryption/decryption
	CryptoConfig CryptoConfig

	// SupportedProtocols is the list of supported protocol names
	SupportedProtocols []string
}

Make encryption type explicit in ctr #3443

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions