rename keys to kes

minio · Dec 13, 2019 · 2272ebf · 2272ebf
1 parent 45ec6d8
commit 2272ebf
Show file tree

Hide file tree

Showing 28 changed files with 108 additions and 108 deletions.
diff --git a/README.md b/README.md
@@ -7,4 +7,4 @@ Almost every large-scale system deals with sensitive information that must be pr
 
 ### Getting Started
 
-For your first steps checkout our [Getting Started](https://github.com/minio/keys/wiki/Getting-Started) guide.
+For your first steps checkout our [Getting Started](https://github.com/minio/kes/wiki/Getting-Started) guide.
diff --git a/client.go b/client.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by the AGPL
 // license that can be found in the LICENSE file.
 
-package key
+package kes
 
 import (
 	"bytes"

diff --git a/cmd/key/config.go → cmd/kes/config.go b/cmd/key/config.go → cmd/kes/config.go
@@ -10,14 +10,14 @@ import (
 	"strings"
 	"time"
 
-	key "github.com/minio/keys"
+	"github.com/minio/kes"
 	"github.com/pelletier/go-toml"
 	"gopkg.in/yaml.v2"
 )
 
 type serverConfig struct {
 	Addr string       `toml:"address" yaml:"address"`
-	Root key.Identity `toml:"root" yaml:"root"`
+	Root kes.Identity `toml:"root" yaml:"root"`
 
 	TLS struct {
 		KeyPath  string `toml:"key" yaml:"key"`
@@ -26,7 +26,7 @@ type serverConfig struct {
 
 	Policies map[string]struct {
 		Paths      []string       `toml:"paths" yaml:"paths"`
-		Identities []key.Identity `toml:"identities" yaml:"identities"`
+		Identities []kes.Identity `toml:"identities" yaml:"identities"`
 	} `toml:"policy" yaml:"policy"`
 
 	Cache struct {

diff --git a/cmd/key/create.go → cmd/kes/create.go b/cmd/key/create.go → cmd/kes/create.go
@@ -11,7 +11,7 @@ import (
 	"fmt"
 	"os"
 
-	key "github.com/minio/keys"
+	"github.com/minio/kes"
 )
 
 const createCmdUsage = `usage: %s name [key]
@@ -48,7 +48,7 @@ func createKey(args []string) {
 		bytes = b
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})

diff --git a/cmd/key/decrypt.go → cmd/kes/decrypt.go b/cmd/key/decrypt.go → cmd/kes/decrypt.go
@@ -11,7 +11,7 @@ import (
 	"fmt"
 	"os"
 
-	key "github.com/minio/keys"
+	"github.com/minio/kes"
 )
 
 const decryptCmdUsage = `usage: %s <name> <ciphertext> [<context>]
@@ -53,7 +53,7 @@ func decryptKey(args []string) {
 		}
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})

diff --git a/cmd/key/delete.go → cmd/kes/delete.go b/cmd/key/delete.go → cmd/kes/delete.go
@@ -10,7 +10,7 @@ import (
 	"fmt"
 	"os"
 
-	key "github.com/minio/keys"
+	"github.com/minio/kes"
 )
 
 const deleteCmdUsage = `usage: %s name
@@ -36,7 +36,7 @@ func deleteKey(args []string) {
 	}
 
 	name := args[0]
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})

diff --git a/cmd/key/generate.go → cmd/kes/generate.go b/cmd/key/generate.go → cmd/kes/generate.go
@@ -11,7 +11,7 @@ import (
 	"fmt"
 	"os"
 
-	key "github.com/minio/keys"
+	"github.com/minio/kes"
 )
 
 const generateCmdUsage = `usage: %s name [context]
@@ -48,7 +48,7 @@ func generateKey(args []string) {
 		context = b
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})

diff --git a/cmd/key/identity.go → cmd/kes/identity.go b/cmd/key/identity.go → cmd/kes/identity.go
@@ -11,7 +11,7 @@ import (
 	"os"
 	"sort"
 
-	key "github.com/minio/keys"
+	"github.com/minio/kes"
 )
 
 const identityCmdUsage = `usage: %s <command>
@@ -71,11 +71,11 @@ func assignIdentity(args []string) {
 		os.Exit(2)
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})
-	if err := client.AssignIdentity(args[1], key.Identity(args[0])); err != nil {
+	if err := client.AssignIdentity(args[1], kes.Identity(args[0])); err != nil {
 		failf(cli.Output(), "Failed to assign policy '%s' to '%s': %v", args[1], args[0], err)
 	}
 }
@@ -106,7 +106,7 @@ func listIdentity(args []string) {
 		pattern = args[0]
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})
@@ -123,16 +123,16 @@ func listIdentity(args []string) {
 	if isTerm(os.Stdout) {
 		fmt.Println("{")
 		for _, id := range identities {
-			fmt.Printf("  %s => %s\n", id, identityRoles[key.Identity(id)])
+			fmt.Printf("  %s => %s\n", id, identityRoles[kes.Identity(id)])
 		}
 		fmt.Println("}")
 	} else {
 		fmt.Print("{")
 		for i, id := range identities {
 			if i < len(identities)-1 {
-				fmt.Printf(`"%s":"%s",`, id, identityRoles[key.Identity(id)])
+				fmt.Printf(`"%s":"%s",`, id, identityRoles[kes.Identity(id)])
 			} else {
-				fmt.Printf(`"%s":"%s"`, id, identityRoles[key.Identity(id)])
+				fmt.Printf(`"%s":"%s"`, id, identityRoles[kes.Identity(id)])
 			}
 		}
 		fmt.Print("}")
@@ -161,11 +161,11 @@ func forgetIdentity(args []string) {
 		os.Exit(2)
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})
-	if err := client.ForgetIdentity(key.Identity(args[0])); err != nil {
+	if err := client.ForgetIdentity(kes.Identity(args[0])); err != nil {
 		failf(cli.Output(), "Cannot forget '%s': %v", args[0], err)
 	}
 }
diff --git a/cmd/key/main.go → cmd/kes/main.go b/cmd/key/main.go → cmd/kes/main.go
diff --git a/cmd/key/mlock_linux.go → cmd/kes/mlock_linux.go b/cmd/key/mlock_linux.go → cmd/kes/mlock_linux.go
diff --git a/cmd/key/mlock_ref.go → cmd/kes/mlock_ref.go b/cmd/key/mlock_ref.go → cmd/kes/mlock_ref.go
diff --git a/cmd/key/policy.go → cmd/kes/policy.go b/cmd/key/policy.go → cmd/kes/policy.go
@@ -13,7 +13,7 @@ import (
 	"os"
 	"sort"
 
-	key "github.com/minio/keys"
+	"github.com/minio/kes"
 )
 
 const policyCmdUsage = `Manage named key policies.
@@ -82,7 +82,7 @@ func addPolicy(args []string) {
 		os.Exit(2)
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})
@@ -91,7 +91,7 @@ func addPolicy(args []string) {
 	if err != nil {
 		failf(cli.Output(), "Cannot read policy file '%s': %v", args[1], err)
 	}
-	var policy key.Policy
+	var policy kes.Policy
 	if err = policy.UnmarshalTOML(data); err != nil {
 		if err = policy.UnmarshalJSON(data); err != nil {
 			failf(cli.Output(), "Policy file contains neither valid TOML nor valid JSON")
@@ -144,7 +144,7 @@ func showPolicy(args []string) {
 		}
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})
@@ -199,7 +199,7 @@ func listPolicies(args []string) {
 		policy = args[0]
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})
@@ -244,7 +244,7 @@ func deletePolicy(args []string) {
 		os.Exit(2)
 	}
 
-	client := key.NewClient(serverAddr(), &tls.Config{
+	client := kes.NewClient(serverAddr(), &tls.Config{
 		InsecureSkipVerify: insecureSkipVerify,
 		Certificates:       loadClientCertificates(),
 	})

diff --git a/cmd/key/release.sh → cmd/kes/release.sh b/cmd/key/release.sh → cmd/kes/release.sh
diff --git a/cmd/key/server.go → cmd/kes/server.go b/cmd/key/server.go → cmd/kes/server.go
@@ -16,10 +16,10 @@ import (
 	"syscall"
 	"time"
 
-	key "github.com/minio/keys"
-	"github.com/minio/keys/fs"
-	"github.com/minio/keys/mem"
-	"github.com/minio/keys/vault"
+	"github.com/minio/kes"
+	"github.com/minio/kes/fs"
+	"github.com/minio/kes/mem"
+	"github.com/minio/kes/vault"
 )
 
 const serverCmdUsage = `usage: %s [options]
@@ -116,7 +116,7 @@ func server(args []string) {
 		}
 	}
 
-	var store key.Store
+	var store kes.Store
 	switch {
 	case config.Fs.Dir != "":
 		f, err := os.Stat(config.Fs.Dir)
@@ -160,11 +160,11 @@ func server(args []string) {
 		}
 	}
 
-	roles := &key.Roles{
-		Root: key.Identity(rootIdentity),
+	roles := &kes.Roles{
+		Root: kes.Identity(rootIdentity),
 	}
 	for name, policy := range config.Policies {
-		roles.Set(name, key.NewPolicy(policy.Paths...))
+		roles.Set(name, kes.NewPolicy(policy.Paths...))
 		for _, identity := range policy.Identities {
 			if roles.IsAssigned(identity) {
 				failf(cli.Output(), "Cannot assign policy '%s' to identity '%s': this identity already has a policy", name, identity)
@@ -175,19 +175,19 @@ func server(args []string) {
 
 	const maxBody = 1 << 20
 	mux := http.NewServeMux()
-	mux.Handle("/v1/key/create/", key.RequireMethod(http.MethodPost, key.LimitRequestBody(maxBody, key.EnforcePolicies(roles, key.HandleCreateKey(store)))))
-	mux.Handle("/v1/key/delete/", key.RequireMethod(http.MethodDelete, key.LimitRequestBody(0, key.EnforcePolicies(roles, key.HandleDeleteKey(store)))))
-	mux.Handle("/v1/key/generate/", key.RequireMethod(http.MethodPost, key.LimitRequestBody(maxBody, key.EnforcePolicies(roles, key.HandleGenerateKey(store)))))
-	mux.Handle("/v1/key/decrypt/", key.RequireMethod(http.MethodPost, key.LimitRequestBody(maxBody, key.EnforcePolicies(roles, key.HandleDecryptKey(store)))))
-
-	mux.Handle("/v1/policy/write/", key.RequireMethod(http.MethodPost, key.LimitRequestBody(maxBody, key.EnforcePolicies(roles, key.HandleWritePolicy(roles)))))
-	mux.Handle("/v1/policy/read/", key.RequireMethod(http.MethodGet, key.LimitRequestBody(0, key.EnforcePolicies(roles, key.HandleReadPolicy(roles)))))
-	mux.Handle("/v1/policy/list/", key.RequireMethod(http.MethodGet, key.LimitRequestBody(0, key.EnforcePolicies(roles, key.HandleListPolicies(roles)))))
-	mux.Handle("/v1/policy/delete/", key.RequireMethod(http.MethodDelete, key.LimitRequestBody(0, key.EnforcePolicies(roles, key.HandleDeletePolicy(roles)))))
-
-	mux.Handle("/v1/identity/assign/", key.RequireMethod(http.MethodPost, key.LimitRequestBody(maxBody, key.EnforcePolicies(roles, key.HandleAssignIdentity(roles)))))
-	mux.Handle("/v1/identity/list/", key.RequireMethod(http.MethodGet, key.LimitRequestBody(0, key.EnforcePolicies(roles, key.HandleListIdentities(roles)))))
-	mux.Handle("/v1/identity/forget/", key.RequireMethod(http.MethodDelete, key.LimitRequestBody(0, key.EnforcePolicies(roles, key.HandleForgetIdentity(roles)))))
+	mux.Handle("/v1/key/create/", kes.RequireMethod(http.MethodPost, kes.LimitRequestBody(maxBody, kes.EnforcePolicies(roles, kes.HandleCreateKey(store)))))
+	mux.Handle("/v1/key/delete/", kes.RequireMethod(http.MethodDelete, kes.LimitRequestBody(0, kes.EnforcePolicies(roles, kes.HandleDeleteKey(store)))))
+	mux.Handle("/v1/key/generate/", kes.RequireMethod(http.MethodPost, kes.LimitRequestBody(maxBody, kes.EnforcePolicies(roles, kes.HandleGenerateKey(store)))))
+	mux.Handle("/v1/key/decrypt/", kes.RequireMethod(http.MethodPost, kes.LimitRequestBody(maxBody, kes.EnforcePolicies(roles, kes.HandleDecryptKey(store)))))
+
+	mux.Handle("/v1/policy/write/", kes.RequireMethod(http.MethodPost, kes.LimitRequestBody(maxBody, kes.EnforcePolicies(roles, kes.HandleWritePolicy(roles)))))
+	mux.Handle("/v1/policy/read/", kes.RequireMethod(http.MethodGet, kes.LimitRequestBody(0, kes.EnforcePolicies(roles, kes.HandleReadPolicy(roles)))))
+	mux.Handle("/v1/policy/list/", kes.RequireMethod(http.MethodGet, kes.LimitRequestBody(0, kes.EnforcePolicies(roles, kes.HandleListPolicies(roles)))))
+	mux.Handle("/v1/policy/delete/", kes.RequireMethod(http.MethodDelete, kes.LimitRequestBody(0, kes.EnforcePolicies(roles, kes.HandleDeletePolicy(roles)))))
+
+	mux.Handle("/v1/identity/assign/", kes.RequireMethod(http.MethodPost, kes.LimitRequestBody(maxBody, kes.EnforcePolicies(roles, kes.HandleAssignIdentity(roles)))))
+	mux.Handle("/v1/identity/list/", kes.RequireMethod(http.MethodGet, kes.LimitRequestBody(0, kes.EnforcePolicies(roles, kes.HandleListIdentities(roles)))))
+	mux.Handle("/v1/identity/forget/", kes.RequireMethod(http.MethodDelete, kes.LimitRequestBody(0, kes.EnforcePolicies(roles, kes.HandleForgetIdentity(roles)))))
 
 	server := http.Server{
 		Addr:    addr,

diff --git a/cmd/key/tool-identity.go → cmd/kes/tool-identity.go b/cmd/key/tool-identity.go → cmd/kes/tool-identity.go
diff --git a/cmd/key/tool.go → cmd/kes/tool.go b/cmd/key/tool.go → cmd/kes/tool.go
diff --git a/error.go b/error.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by the AGPL
 // license that can be found in the LICENSE file.
 
-package key
+package kes
 
 // NewError returns an error that formats as the given text.
 //

diff --git a/fs/fs.go b/fs/fs.go
@@ -18,8 +18,8 @@ import (
 	"sync/atomic"
 	"time"
 
-	key "github.com/minio/keys"
-	"github.com/minio/keys/internal/cache"
+	"github.com/minio/kes"
+	"github.com/minio/kes/internal/cache"
 )
 
 // KeyStore is a file system secret key store
@@ -48,20 +48,20 @@ type KeyStore struct {
 
 // Create adds the given secret key to the store if and only
 // if no entry for name exists. If an entry already exists
-// it returns key.ErrKeyExists.
+// it returns kes.ErrKeyExists.
 //
 // In particular, Create creates a new file in KeyStore.Dir
 // and writes the secret key to it.
-func (store *KeyStore) Create(name string, secret key.Secret) error {
+func (store *KeyStore) Create(name string, secret kes.Secret) error {
 	store.initialize()
 	if _, ok := store.cache.Get(name); ok {
-		return key.ErrKeyExists
+		return kes.ErrKeyExists
 	}
 
 	path := filepath.Join(store.Dir, name)
 	file, err := os.OpenFile(path, os.O_CREATE|os.O_EXCL|os.O_WRONLY, 0600)
 	if err != nil && os.IsExist(err) {
-		return key.ErrKeyExists
+		return kes.ErrKeyExists
 	}
 	if err != nil {
 		return err
@@ -84,11 +84,11 @@ func (store *KeyStore) Create(name string, secret key.Secret) error {
 }
 
 // Get returns the secret key associated with the given name.
-// If no entry for name exists, Get returns key.ErrKeyNotFound.
+// If no entry for name exists, Get returns kes.ErrKeyNotFound.
 //
 // In particular, Get reads the secret key from the associated
 // file in KeyStore.Dir.
-func (store *KeyStore) Get(name string) (key.Secret, error) {
+func (store *KeyStore) Get(name string) (kes.Secret, error) {
 	store.initialize()
 	if secret, ok := store.cache.Get(name); ok {
 		return secret, nil
@@ -98,10 +98,10 @@ func (store *KeyStore) Get(name string) (key.Secret, error) {
 	// we reach out to the disk to fetch it from there.
 	file, err := os.Open(filepath.Join(store.Dir, name))
 	if err != nil && os.IsNotExist(err) {
-		return key.Secret{}, key.ErrKeyNotFound
+		return kes.Secret{}, kes.ErrKeyNotFound
 	}
 	if err != nil {
-		return key.Secret{}, err
+		return kes.Secret{}, err
 	}
 	defer file.Close()
 
@@ -110,13 +110,13 @@ func (store *KeyStore) Get(name string) (key.Secret, error) {
 		Secret []byte `json:"secret"`
 	}
 	if err = json.NewDecoder(file).Decode(&content); err != nil {
-		return key.Secret{}, err
+		return kes.Secret{}, err
 	}
 	if len(content.Secret) != 256/8 {
-		return key.Secret{}, errors.New("fs: malformed secret key")
+		return kes.Secret{}, errors.New("fs: malformed secret key")
 	}
 
-	var secret key.Secret
+	var secret kes.Secret
 	copy(secret[:], content.Secret)
 	secret, _ = store.cache.Add(name, secret)
 	return secret, nil

diff --git a/go.mod b/go.mod
@@ -1,4 +1,4 @@
-module github.com/minio/keys
+module github.com/minio/kes
 
 go 1.13
Original file line number	Diff line number	Diff line change
Expand Up		@@ -7,4 +7,4 @@ Almost every large-scale system deals with sensitive information that must be pr

		### Getting Started

		For your first steps checkout our [Getting Started](https://github.com/minio/keys/wiki/Getting-Started) guide.
		For your first steps checkout our [Getting Started](https://github.com/minio/kes/wiki/Getting-Started) guide.