crypto

package
v0.0.0-...-afa1830 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 13, 2021 License: AGPL-3.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrNoRootKey = errors.New("no root key")
)

Functions

func CreateActions 

func CreateActions(
	ctx context.Context, exec boil.ContextExecutor,
	actions []Action,
) error

CreateActions inserts the cryptoaction in DB. if the cryptoaction has not ID it will create one

func CreateProvisions 

func CreateProvisions(ctx context.Context, exec boil.ContextExecutor, provisions ProvisionCreationMap, orgID string) error

func CreateRootKeyShare 

func CreateRootKeyShare(ctx context.Context, redConn *redis.Client, rootKeyShare RootKeyShare, expirationTime time.Duration) error

func CreateSecretStorageAsymKey 

func CreateSecretStorageAsymKey(ctx context.Context, exec boil.ContextExecutor, accountID string, asymKey SecretStorageAsymKey) (*sqlboiler.SecretStorageAsymKey, error)

func CreateSecretStorageBoxKeyShare 

func CreateSecretStorageBoxKeyShare(ctx context.Context, tr *sql.Tx, accountID string, share SecretStorageBoxKeyShare) (*sqlboiler.SecretStorageBoxKeyShare, error)

func DeleteAction 

func DeleteAction(
	ctx context.Context, exec boil.ContextExecutor,
	actionID, accountID string,
) error

DeleteAction ...

func DeleteAsymKeys 

func DeleteAsymKeys(ctx context.Context, tr *sql.Tx, accountID string, pubkeys []string) error

func DeleteBackupArchive 

func DeleteBackupArchive(
	ctx context.Context, exec boil.ContextExecutor,
	archiveID, reason string,
) error

DeleteBackupArchive ...

func DeleteBoxKeyShares 

func DeleteBoxKeyShares(ctx context.Context, tr *sql.Tx, accountID string, boxIDs []string) error

func GetCurrentAccountRootKey 

func GetCurrentAccountRootKey(ctx context.Context, exec boil.ContextExecutor, accountID string) (*sqlboiler.SecretStorageAccountRootKey, error)

func GetOrgSecrets 

func GetOrgSecrets(ctx context.Context, exec boil.ContextExecutor, accountID string) (interface{}, error)

func GetVaultKeyByRootKeyHash 

func GetVaultKeyByRootKeyHash(ctx context.Context, exec boil.ContextExecutor, rootKeyHash string) (*sqlboiler.SecretStorageVaultKey, error)

func ResetAccountSecretStorage 

func ResetAccountSecretStorage(ctx context.Context, exec boil.ContextExecutor, accountID string, data *SecretStorageSetupData) error

ResetAccountSecretStorage creates a brand new secret storage for the given account. Use it for account creation, password reset and migration from the old "secret backup" system to the secret storage system

func SetupOrgSecretStorage 

func SetupOrgSecretStorage(ctx context.Context, exec boil.ContextExecutor, accountID string, data *OrgSecretStorageSetupData) error

func UpdateRootKey 

func UpdateRootKey(ctx context.Context, exec boil.ContextExecutor, accountID string, encryptedKey string) error

Types

type AccountRootKey 

type AccountRootKey struct {
	KeyHash      string `json:"key_hash"`
	EncryptedKey string `json:"encrypted_key"`
}

func (*AccountRootKey) Validate 

func (k *AccountRootKey) Validate() error

type Action 

type Action struct {
	ID                  string      `json:"id"`
	IdentityID          string      `json:"-"`
	SenderIdentityID    null.String `json:"-"`
	Type                string      `json:"type"`
	BoxID               null.String `json:"box_id"`
	EncryptionPublicKey string      `json:"encryption_public_key"`
	Encrypted           string      `json:"encrypted"`
	CreatedAt           time.Time   `json:"created_at"`
}

Action models and helpers

func GetAction 

func GetAction(
	ctx context.Context, exec boil.ContextExecutor,
	actionID, accountID string,
) (Action, error)

GetAction ...

func ListActions 

func ListActions(ctx context.Context, exec boil.ContextExecutor, accountID string) ([]Action, error)

ListActions ...

type BackupArchive 

type BackupArchive struct {
	ID          string      `json:"id"`
	AccountID   string      `json:"account_id"`
	Data        null.String `json:"-"`
	CreatedAt   time.Time   `json:"created_at"`
	RecoveredAt null.Time   `json:"recovered_at"`
	DeletedAt   null.Time   `json:"deleted_at"`
}

BackupArchive ...

func GetBackupArchive 

func GetBackupArchive(ctx context.Context, exec boil.ContextExecutor, archiveID string) (BackupArchive, error)

GetBackupArchive ...

func GetBackupArchiveMetadata 

func GetBackupArchiveMetadata(ctx context.Context, exec boil.ContextExecutor, archiveID string) (BackupArchive, error)

GetBackupArchiveMetadata ...

func ListBackupArchives 

func ListBackupArchives(ctx context.Context, exec boil.ContextExecutor, accountID string) ([]BackupArchive, error)

ListBackupArchives ...

type IntraprocessHelper 

type IntraprocessHelper struct {
	// contains filtered or unexported fields
}

IntraprocessHelper ...

func NewIntraprocessHelper 

func NewIntraprocessHelper(sqlDB *sql.DB, redConn *redis.Client) *IntraprocessHelper

NewIntraprocessHelper ...

func (IntraprocessHelper) CreateActions 

func (ih IntraprocessHelper) CreateActions(ctx context.Context, actions []Action) error

CreateActions ...

func (IntraprocessHelper) ListProvisionsForIdentityAndOrg 

func (ih IntraprocessHelper) ListProvisionsForIdentityAndOrg(ctx context.Context, identityID string, orgID string) ([]*Provision, error)

type OrgSecretStorageSetupData 

type OrgSecretStorageSetupData struct {
	AccountRootKeyHash mcrypto.Hash                    `json:"account_root_key_hash"`
	AsymKeys           map[string]SecretStorageAsymKey `json:"asym_keys"`
}

The data an org must provide to setup its secret storage (only contains a subset of the user secret storage setup data)

func (*OrgSecretStorageSetupData) Validate 

func (data *OrgSecretStorageSetupData) Validate() error

type Provision 

type Provision struct {
	ID               string            `json:"id"`
	OrganizationID   string            `json:"organization_id"`
	IdentityID       string            `json:"identity_id"`
	PublicKey        mcrypto.PublicKey `json:"public_key"`
	MisakeyKeyShare  mcrypto.KeyShare  `json:"misakey_key_share"`
	UserKeyShareHash mcrypto.Hash      `json:"user_key_share_hash"`
	CreatedAt        time.Time         `json:"created_at"`
	UpdatedAt        time.Time         `json:"updated_at"`
}

func GetProvisionByUserKeyShareHash 

func GetProvisionByUserKeyShareHash(
	ctx context.Context, exec boil.ContextExecutor,
	identityID string, userKeyShareHash mcrypto.Hash,
) (*Provision, error)

func ListProvisionsForIdentityAndOrg 

func ListProvisionsForIdentityAndOrg(
	ctx context.Context, exec boil.ContextExecutor,
	identityID string, orgID string,
) ([]*Provision, error)

ListProvisionsForIdentityAndOrg returns all crypto provisions for the given identity-org couple sorted by creation date (most recent first)

func (*Provision) PublicView 

func (p *Provision) PublicView() interface{}

PublicView returns the public view of this provision

type ProvisionCreationMap 

type ProvisionCreationMap map[string]struct {
	PublicKey        mcrypto.PublicKey `json:"public_key"`
	MisakeyKeyShare  mcrypto.KeyShare  `json:"misakey_key_share"`
	UserKeyShareHash mcrypto.Hash      `json:"user_key_share_hash"`
}

func (*ProvisionCreationMap) Validate 

func (m *ProvisionCreationMap) Validate() error

type RootKeyShare 

type RootKeyShare struct {
	AccountID          string `json:"account_id"`
	Share              string `json:"share"`
	UserLocalShareHash string `json:"user_local_share_hash"`
}

func GetRootKeyShare 

func GetRootKeyShare(ctx context.Context, redConn *redis.Client, userLocalShareHash string) (*RootKeyShare, error)

type SecretStorageAsymKey 

type SecretStorageAsymKey struct {
	PublicKey          string `json:"public_key,omitempty"`
	EncryptedSecretKey string `json:"encrypted_secret_key"`
	AccountRootKeyHash string `json:"account_root_key_hash,omitempty"`
}

func (*SecretStorageAsymKey) BindAndValidate 

func (asymKey *SecretStorageAsymKey) BindAndValidate(eCtx echo.Context) error

BindAndValidate implements request.Request.BindAndValidate

type SecretStorageBoxKeyShare 

type SecretStorageBoxKeyShare struct {
	ID                       string    `json:"id"`
	InvitationShareHash      string    `json:"invitation_share_hash,omitempty"`
	EncryptedInvitationShare string    `json:"encrypted_invitation_share"`
	AccountRootKeyHash       string    `json:"account_root_key_hash,omitempty"`
	BoxID                    string    `json:"box_id,omitempty"`
	CreatedAt                time.Time `json:"created_at"`
	UpdatedAt                time.Time `json:"updated_at"`
}

func (*SecretStorageBoxKeyShare) BindAndValidate 

func (share *SecretStorageBoxKeyShare) BindAndValidate(eCtx echo.Context) error

BindAndValidate implements request.Request.BindAndValidate

func (*SecretStorageBoxKeyShare) Validate 

func (share *SecretStorageBoxKeyShare) Validate() error

type SecretStorageSetupData 

type SecretStorageSetupData struct {
	AccountRootKey AccountRootKey                      `json:"account_root_key"`
	VaultKey       VaultKey                            `json:"vault_key"`
	AsymKeys       map[string]SecretStorageAsymKey     `json:"asym_keys"`
	BoxKeyShares   map[string]SecretStorageBoxKeyShare `json:"box_key_shares"`
	identity.IdentityPublicKeys
}

SecretStorageSetupData ... XXX identity public keys are somehow linked to the secret storage (corresponding secret keys are stored in it) but they are not really part of it. TODO group all "actual" secret storage values in a separate struct?

func (*SecretStorageSetupData) BindAndValidate 

func (query *SecretStorageSetupData) BindAndValidate(eCtx echo.Context) error

BindAndValidate implements request.Request.BindAndValidate

func (*SecretStorageSetupData) Validate 

func (query *SecretStorageSetupData) Validate() error

type Secrets 

type Secrets struct {
	AccountRootKey AccountRootKey                      `json:"account_root_key"`
	VaultKey       VaultKey                            `json:"vault_key"`
	AsymKeys       map[string]SecretStorageAsymKey     `json:"asym_keys"`
	BoxKeyShares   map[string]SecretStorageBoxKeyShare `json:"box_key_shares"`
}

func GetAccountSecrets 

func GetAccountSecrets(ctx context.Context, exec boil.ContextExecutor, accountID string) (Secrets, error)

type VaultKey 

type VaultKey struct {
	KeyHash      string `json:"key_hash"`
	EncryptedKey string `json:"encrypted_key"`
}

func (*VaultKey) Validate 

func (k *VaultKey) Validate() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.