Documentation
¶
Index ¶
- Constants
- Variables
- type Database
- func (db *Database) DeleteUnused(ctx context.Context, asOfSystemInterval time.Duration, ...) (count, rounds int64, deletesPerHead map[string]int64, err error)
- func (db *Database) Get(ctx context.Context, accessKeyID EncryptionKey) (accessGrant string, public bool, secretKey SecretKey, err error)
- func (db *Database) PingDB(ctx context.Context) (err error)
- func (db *Database) Put(ctx context.Context, key EncryptionKey, accessGrant string, public bool) (secretKey SecretKey, err error)
- func (db *Database) SetAllowedSatellites(allowedSatelliteURLs map[storj.NodeURL]struct{})
- type EncryptionKey
- type KV
- type KeyHash
- type Record
- type SecretKey
Constants ¶
const EncKeySizeEncoded = 28
EncKeySizeEncoded is size in base32 bytes + magic byte.
const KeyHashSizeEncoded = 64
KeyHashSizeEncoded is the length of a hex encoded KeyHash.
Variables ¶
var Invalid = errs.Class("invalid")
Invalid is the class of error that is returned for invalid records.
var KeyHashError = errs.Class("key hash")
KeyHashError is a class of key hash errors.
var NotFound = errs.Class("not found")
NotFound is returned when a record is not found.
Functions ¶
This section is empty.
Types ¶
type Database ¶
type Database struct {
// contains filtered or unexported fields
}
Database wraps a key/value store and uses it to store encrypted accesses and secrets.
func NewDatabase ¶
NewDatabase constructs a Database. allowedSatelliteAddresses should contain the full URL (with a node ID), including port, for each satellite we allow for incoming access grants.
func (*Database) DeleteUnused ¶
func (db *Database) DeleteUnused(ctx context.Context, asOfSystemInterval time.Duration, selectSize, deleteSize int) (count, rounds int64, deletesPerHead map[string]int64, err error)
DeleteUnused deletes expired and invalid records from the key/value store and returns any error encountered.
func (*Database) Get ¶
func (db *Database) Get(ctx context.Context, accessKeyID EncryptionKey) (accessGrant string, public bool, secretKey SecretKey, err error)
Get retrieves an access grant and secret key from the key/value store, looked up by the hash of the access key and then decrypted.
func (*Database) PingDB ¶ added in v1.37.1
PingDB attempts to do a DB roundtrip. If it can't it will return an error.
func (*Database) Put ¶
func (db *Database) Put(ctx context.Context, key EncryptionKey, accessGrant string, public bool) (secretKey SecretKey, err error)
Put encrypts the access grant with the key and stores it in a key/value store under the hash of the encryption key.
func (*Database) SetAllowedSatellites ¶
SetAllowedSatellites updates the allowed satellites list from configuration values.
type EncryptionKey ¶
type EncryptionKey [16]byte
EncryptionKey is an encryption key that an access/secret are encrypted with.
func NewEncryptionKey ¶
func NewEncryptionKey() (EncryptionKey, error)
NewEncryptionKey returns a new random EncryptionKey with initial version byte.
func (*EncryptionKey) FromBase32 ¶
func (k *EncryptionKey) FromBase32(encoded string) error
FromBase32 loads the EncryptionKey from a lowercase RFC 4648 base32 string.
func (*EncryptionKey) FromBinary ¶
func (k *EncryptionKey) FromBinary(data []byte) error
FromBinary reads the key from binary which must include the version byte.
func (EncryptionKey) Hash ¶
func (k EncryptionKey) Hash() KeyHash
Hash returns the KeyHash for the EncryptionKey.
func (EncryptionKey) ToBase32 ¶
func (k EncryptionKey) ToBase32() string
ToBase32 returns the EncryptionKey as a lowercase RFC 4648 base32 string.
func (EncryptionKey) ToBinary ¶
func (k EncryptionKey) ToBinary() []byte
ToBinary returns the EncryptionKey including the version byte.
func (EncryptionKey) ToStorjKey ¶
func (k EncryptionKey) ToStorjKey() storj.Key
ToStorjKey returns the storj.Key equivalent for the EncryptionKey.
type KV ¶
type KV interface {
// Put stores the record in the key/value store.
// It is an error if the key already exists.
Put(ctx context.Context, keyHash KeyHash, record *Record) (err error)
// Get retrieves the record from the key/value store.
// It returns nil if the key does not exist.
// If the record is invalid, the error contains why.
Get(ctx context.Context, keyHash KeyHash) (record *Record, err error)
// DeleteUnused deletes expired and invalid records from the key/value store
// and returns any error encountered.
//
// Batch deletion and usage of asOfSystemInterval, selectSize and deleteSize
// parameters depends on the implementation.
DeleteUnused(ctx context.Context, asOfSystemInterval time.Duration, selectSize, deleteSize int) (count, rounds int64, deletesPerHead map[string]int64, err error)
// PingDB attempts to do a DB roundtrip. If it can't it will return an
// error.
PingDB(ctx context.Context) error
// Run runs the server and the associated servers
Run(ctx context.Context) error
// Close closes the database.
Close() error
}
KV is an abstract key/value store of KeyHash to Records.
type KeyHash ¶
type KeyHash [32]byte
KeyHash is the key portion of the key/value store.
type Record ¶
type Record struct {
SatelliteAddress string
MacaroonHead []byte // 32 bytes probably
EncryptedSecretKey []byte
EncryptedAccessGrant []byte
ExpiresAt *time.Time
Public bool // if true, knowledge of secret key is not required
}
Record is a key/value store record.
Source Files