The highest tagged major version is v2.

secretstore

package

v1.10.1 Latest Latest Go to latest Published: Jun 20, 2023 License: Apache-2.0, MIT Imports: 31 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/berty/weshnet

Links

Open Source Insights

Documentation ¶

Overview ¶

Package secretstore contains function related to device, groups and messages keys.

Index ¶

Constants
type MemberDevice
- func NewMemberDevice(member, device crypto.PubKey) MemberDevice
type NewSecretStoreOptions
type OwnMemberDevice
type SecretStore
- func NewInMemSecretStore(opts *NewSecretStoreOptions) (SecretStore, error)
- func NewSecretStore(rootDatastore datastore.Datastore, opts *NewSecretStoreOptions) (SecretStore, error)

Constants ¶

View Source

const (
	PrecomputeOutOfStoreGroupRefsCount = 100
	PrecomputeMessageKeyCount          = 100
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type MemberDevice ¶

type MemberDevice interface {
	// Member returns the member public key
	Member() crypto.PubKey

	// Device returns the device public key
	Device() crypto.PubKey
}

MemberDevice is the public keys of a device and its member

func NewMemberDevice ¶

func NewMemberDevice(member, device crypto.PubKey) MemberDevice

type NewSecretStoreOptions ¶

type NewSecretStoreOptions struct {
	// PreComputedKeysCount specifies the number of keys to precompute,
	// defaults to PrecomputeMessageKeyCount
	PreComputedKeysCount int

	// PreComputedKeysCount specifies the number of out of store references
	// to precompute, defaults to PrecomputeOutOfStoreGroupRefsCount
	PrecomputeOutOfStoreGroupRefsCount int

	// Keystore specifies an implementation of a keystore to be used, can be
	// helpful if you want to rely on a hardware based keystore instead of a
	// software one
	Keystore keystore.Keystore

	// Logger specifies which logger to use, logging is disabled by default
	Logger *zap.Logger

	// DisableOutOfStoreSupport explicitly disables support of out-of-store
	// payloads
	DisableOutOfStoreSupport bool

	// OutOfStorePrivateKey sets the out-of-store key to decrypt payloads
	// received via a server, alternatively you can use
	// SecretStore.SetOutOfStoreDevicePrivateKey to set it
	OutOfStorePrivateKey *[cryptoutil.KeySize]byte
}

NewSecretStoreOptions contains the options that can be passed to NewSecretStore

type OwnMemberDevice ¶

type OwnMemberDevice interface {
	MemberDevice

	// MemberSign signs the given data as a member of a group
	MemberSign(data []byte) ([]byte, error)

	// DeviceSign signs the given data as a device of a group
	DeviceSign(data []byte) ([]byte, error)
}

OwnMemberDevice is a MemberDevice for the current device, able to sign data

type SecretStore ¶

type SecretStore interface {

	// GetAccountProofPublicKey returns the user's account proof public key
	GetAccountProofPublicKey() (accountProofPublicKey crypto.PubKey, err error)

	// ImportAccountKeys restores backup of account keys into the SecretStore, it should fail if the store is already used by an account
	ImportAccountKeys(accountPrivateKey []byte, accountProofPrivateKey []byte) error

	// ExportAccountKeysForBackup returns the account's private key and proof private key of the user for a backup
	ExportAccountKeysForBackup() (accountPrivateKey []byte, accountProofPrivateKey []byte, err error)

	// GetAccountPrivateKey returns the account's private key, avoid using it, use GetGroupForAccount to get the account public key or sign data instead
	GetAccountPrivateKey() (accountPrivateKey crypto.PrivKey, err error)

	// GetGroupForAccount returns the Account's Group of the user
	GetGroupForAccount() (group *protocoltypes.Group, ownMemberDevice OwnMemberDevice, err error)

	// GetGroupForContact returns a contact group for communicating with the provided account
	GetGroupForContact(contactPublicKey crypto.PubKey) (group *protocoltypes.Group, err error)

	// PutGroup stores a group into the store
	PutGroup(ctx context.Context, group *protocoltypes.Group) error

	// FetchGroupByPublicKey gets an account from the store using the provided public key
	FetchGroupByPublicKey(ctx context.Context, publicKey crypto.PubKey) (group *protocoltypes.Group, err error)

	// OpenEnvelopeHeaders opens a message headers for a given group
	OpenEnvelopeHeaders(data []byte, group *protocoltypes.Group) (*protocoltypes.MessageEnvelope, *protocoltypes.MessageHeaders, error)

	// OpenEnvelopePayload opens a message payload with the given group headers
	OpenEnvelopePayload(ctx context.Context, msgEnvelope *protocoltypes.MessageEnvelope, msgHeaders *protocoltypes.MessageHeaders, groupPublicKey crypto.PubKey, ownPublicKey crypto.PubKey, msgCID cid.Cid) (*protocoltypes.EncryptedMessage, error)

	// SealEnvelope creates an encrypted payload to be sent to a group
	SealEnvelope(ctx context.Context, group *protocoltypes.Group, messagePayload []byte) (sealedEnvelope []byte, err error)

	// GetOwnMemberDeviceForGroup gets a member and device key-pairs representing the current device in a given group
	GetOwnMemberDeviceForGroup(group *protocoltypes.Group) (OwnMemberDevice, error)

	// RegisterChainKey records another device chain-key
	RegisterChainKey(ctx context.Context, group *protocoltypes.Group, senderDevicePublicKey crypto.PubKey, encryptedDeviceChainKey []byte) error

	// GetShareableChainKey returns a chain-key that can be decrypted by the provided member of a group
	GetShareableChainKey(ctx context.Context, group *protocoltypes.Group, targetMemberPublicKey crypto.PubKey) (encryptedDeviceChainKey []byte, err error)

	// IsChainKeyKnownForDevice checks whether a chain key of a device is already known
	IsChainKeyKnownForDevice(ctx context.Context, groupPublicKey crypto.PubKey, devicePublicKey crypto.PubKey) (isKnown bool)

	// SealOutOfStoreMessageEnvelope encrypts a message to be sent outside a synchronized store
	SealOutOfStoreMessageEnvelope(id cid.Cid, env *protocoltypes.MessageEnvelope, headers *protocoltypes.MessageHeaders, group *protocoltypes.Group) (*pushtypes.OutOfStoreMessageEnvelope, error)

	// OpenOutOfStoreMessage opens a message received outside a synchronized store
	OpenOutOfStoreMessage(ctx context.Context, payload []byte) (outOfStoreMessage *protocoltypes.OutOfStoreMessage, group *protocoltypes.Group, clearPayload []byte, alreadyDecrypted bool, err error)

	// UpdateOutOfStoreGroupReferences computes references of messages which might be received outside a synchronized store
	UpdateOutOfStoreGroupReferences(ctx context.Context, devicePublicKeyBytes []byte, first uint64, group *protocoltypes.Group) error

	// Close frees resources created by the secret store
	Close() error
}

func NewInMemSecretStore ¶

func NewInMemSecretStore(opts *NewSecretStoreOptions) (SecretStore, error)

NewInMemSecretStore instantiates a SecretStore using a volatile backend.

func NewSecretStore ¶

func NewSecretStore(rootDatastore datastore.Datastore, opts *NewSecretStoreOptions) (SecretStore, error)

NewSecretStore instantiates a new SecretStore

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL