secret

package

v0.0.0-...-4b8acdf Latest Latest Go to latest Published: Feb 14, 2024 License: GPL-3.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/diamondburned/chatkit

Links

Open Source Insights

Documentation ¶

Overview ¶

Package secret provides abstractions for storing data securely when possible. It typically abstracts the system keyring API with a fallback on files if available.

Index ¶

Variables
func IsEncrypted(ctx context.Context) bool
func WithEncryptedFilePath(ctx context.Context, path string) context.Context
type Driver
type EncryptedFile
- func EncryptedFileDriver(ctx context.Context, passphrase string) *EncryptedFile
- func SaltedFileDriver(ctx context.Context) *EncryptedFile
type Keyring
- func KeyringDriver(ctx context.Context) *Keyring
type Service
- func New(drivers ...Driver) Service
- func (s Service) Get(k string) ([]byte, error)
- func (s Service) Set(k string, v []byte) error

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrIncorrectPassword = errors.New("incorrect password")

ErrIncorrectPassword is returned if the provided user password does not match what is on disk.

View Source

var ErrNotFound = errors.New("key not found")

ErrNotFound is returned for unknown keys.

View Source

var ErrUnsupportedPlatform = keyring.ErrUnsupportedPlatform

Functions ¶

func IsEncrypted ¶

func IsEncrypted(ctx context.Context) bool

IsEncrypted returns true if the given context contains an existing encryption file. It is the caller's responsibility to use SaltedFileDriver or EncryptedFileDriver on the same path.

In some cases, false will be returned if the status of encryption cannot be determined. In this case, when EncryptedFileDriver is used, storing will be errored out.

func WithEncryptedFilePath ¶

func WithEncryptedFilePath(ctx context.Context, path string) context.Context

WithEncryptedFilePath sets the path to be used for the encrypted file. This overrides the app's config path.

Types ¶

type Driver ¶

type Driver interface {
	Get(string) ([]byte, error)
	Set(string, []byte) error
}

Driver is a basic getter-setter interface that describes a secret driver.

type EncryptedFile ¶

type EncryptedFile struct {
	// contains filtered or unexported fields
}

EncryptedFile is an implementation of a secret driver that encrypts the value stored using a generated salt. When created, EncryptedFileDriver should be used over SaltedFileDriver.

func EncryptedFileDriver ¶

func EncryptedFileDriver(ctx context.Context, passphrase string) *EncryptedFile

EncryptedFileDriver creates a new encrypted file driver with the given passphrase. The passphrase is hashed and compared with an existing one, or it will be used if there is none.

func SaltedFileDriver ¶

func SaltedFileDriver(ctx context.Context) *EncryptedFile

SaltedFileDriver creates a new encrypted file driver with a generated passphrase. The .salt file is solely used as the hashing input, so the algorithm will trip without it. One way to completely lock out accounts encrypted with it is to move the file somewhere else.

func (*EncryptedFile) Get ¶

func (s *EncryptedFile) Get(key string) ([]byte, error)

func (*EncryptedFile) Initialize ¶

func (s *EncryptedFile) Initialize() error

Initialize initializes the encryption. Once it returns a nil error, all future calls on that instance will always do nothing and return nil.

func (*EncryptedFile) IsAvailable ¶

func (s *EncryptedFile) IsAvailable() bool

IsAvailable returns true if the encryption can initialize itself.

func (*EncryptedFile) Set ¶

func (s *EncryptedFile) Set(key string, value []byte) error

type Keyring ¶

type Keyring struct {
	// contains filtered or unexported fields
}

Keyring is an implementation of a secret driver using the system's keyring driver.

func KeyringDriver ¶

func KeyringDriver(ctx context.Context) *Keyring

KeyringDriver creates a new keyring driver.

func (*Keyring) Get ¶

func (k *Keyring) Get(key string) ([]byte, error)

Get gets the key.

func (*Keyring) IsAvailable ¶

func (k *Keyring) IsAvailable() bool

IsAvailable returns true if the keyring API is available.

func (*Keyring) Set ¶

func (k *Keyring) Set(key string, value []byte) error

Set sets the key.

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service wraps multiple drivers to provide fallbacks.

func New ¶

func New(drivers ...Driver) Service

New creates a new service.

func (Service) Get ¶

func (s Service) Get(k string) ([]byte, error)

Get gets the given key from the internal list of drivers. The first error is returned.

func (Service) Set ¶

func (s Service) Set(k string, v []byte) error

Set sets the given key and value into the internal list of drivers. The first successful driver is used, and only the first error is returned.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL