github.com/trustbloc/kms-go@v1.1.2/secretlock/noop/noop_secret_lock.go (about) 1 /* 2 Copyright SecureKey Technologies Inc. All Rights Reserved. 3 SPDX-License-Identifier: Apache-2.0 4 */ 5 6 package noop 7 8 import ( 9 "github.com/trustbloc/kms-go/spi/secretlock" 10 ) 11 12 // package noop provides a noop secret lock service. This allows for quick testing of key storage using the KMS. Keys 13 // stored with noop are unprotected. Therefore, this implementation is be used for testing purposes only. 14 // Production code must always use pkg/secretlock/local implementation. In order to minimize the impact on existing 15 // clients, noop is the default implementation in the framework. Therefore, the use of a context.WithSecretLock() option 16 // with a secretlock/local implementation is highly recommended to secure key storage in the KMS. 17 18 // NoLock is a secret lock service that does no key wrapping (keys are not encrypted). 19 type NoLock struct{} 20 21 // Encrypt a key in req using master key in the local secret lock service 22 // Noop implementation returns the key as is with no encryption 23 // (keyURI is used for remote locks, it is ignored by this implementation). 24 func (s *NoLock) Encrypt(keyURI string, req *secretlock.EncryptRequest) (*secretlock.EncryptResponse, error) { 25 return &secretlock.EncryptResponse{ 26 Ciphertext: req.Plaintext, 27 }, nil 28 } 29 30 // Decrypt a key in req using master key in the local secret lock service 31 // Noop implementation returns the key as is with no decryption 32 // (keyURI is used for remote locks, it is ignored by this implementation). 33 func (s *NoLock) Decrypt(keyURI string, req *secretlock.DecryptRequest) (*secretlock.DecryptResponse, error) { 34 return &secretlock.DecryptResponse{Plaintext: req.Ciphertext}, nil 35 }