keystore

package
v0.0.0-...-ef7a112 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 23, 2024 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ServiceKeyEncryptionKey  = "onchain-access-control-key-encryption-key"
	ServiceDataEncryptionKey = "onchain-access-control-data-key"
)

Variables

This section is empty.

Functions

func GenerateServiceKey 

func GenerateServiceKey() (key string, err error)

GenerateServiceKey creates a random key that's 32 bytes encoded using base58.

func NewServiceEncryption 

func NewServiceEncryption(db storage.ServiceStorage, cfg encryption.ExternalEncryptionConfig, key string) (encryption.Encrypter, encryption.Decrypter, error)

NewServiceEncryption creates a pair of Encrypter and Decrypter with the given configuration.

Types

type GetKeyDetailsRequest 

type GetKeyDetailsRequest struct {
	ID string
}

type GetKeyDetailsResponse 

type GetKeyDetailsResponse struct {
	ID           string
	Type         crypto.KeyType
	Controller   string
	CreatedAt    string
	Revoked      bool
	RevokedAt    string
	PublicKeyJWK jwx.PublicKeyJWK
}

type GetKeyRequest 

type GetKeyRequest struct {
	ID string
}

type GetKeyResponse 

type GetKeyResponse struct {
	ID         string
	Type       crypto.KeyType
	Controller string
	CreatedAt  string
	Revoked    bool
	RevokedAt  string
	Key        gocrypto.PrivateKey
}

type KeyDetails 

type KeyDetails struct {
	ID           string           `json:"id"`
	Controller   string           `json:"controller"`
	KeyType      crypto.KeyType   `json:"keyType"`
	Revoked      bool             `json:"revoked"`
	RevokedAt    string           `json:"revokedAt"`
	CreatedAt    string           `json:"createdAt"`
	PublicKeyJWK jwx.PublicKeyJWK `json:"publicKeyJwk"`
}

KeyDetails represents a common data model to get information about a key, without revealing the key itself

type RevokeKeyRequest 

type RevokeKeyRequest struct {
	ID string
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func NewKeyStoreService 

func NewKeyStoreService(config config.KeyStoreServiceConfig, s storage.ServiceStorage) (*Service, error)

func (Service) Config 

func (s Service) Config() config.KeyStoreServiceConfig

func (Service) GetKey 

func (s Service) GetKey(ctx context.Context, request GetKeyRequest) (*GetKeyResponse, error)

func (Service) GetKeyDetails 

func (s Service) GetKeyDetails(ctx context.Context, request GetKeyDetailsRequest) (*GetKeyDetailsResponse, error)

func (Service) RevokeKey 

func (s Service) RevokeKey(ctx context.Context, request RevokeKeyRequest) error

func (Service) Sign 

func (s Service) Sign(ctx context.Context, keyID string, data any) (*keyaccess.JWT, error)

Sign fetches the key in the store, and uses it to sign data. Data should be json or json-serializable.

func (Service) Status 

func (s Service) Status() framework.Status

func (Service) StoreKey 

func (s Service) StoreKey(ctx context.Context, request StoreKeyRequest) error

func (Service) Type 

func (s Service) Type() framework.Type

type ServiceFactory 

type ServiceFactory func(storage.Tx) (*Service, error)

func NewKeyStoreServiceFactory 

func NewKeyStoreServiceFactory(config config.KeyStoreServiceConfig, s storage.ServiceStorage, encrypter encryption.Encrypter, decrypter encryption.Decrypter) ServiceFactory

type ServiceKey 

type ServiceKey struct {
	Base58Key  string
	Base58Salt string
}

type Storage 

type Storage struct {
	Clock clock.Clock
	// contains filtered or unexported fields
}

func NewKeyStoreStorage 

func NewKeyStoreStorage(db storage.ServiceStorage, e encryption.Encrypter, d encryption.Decrypter, writer storage.Tx) (*Storage, error)

func (*Storage) GetKey 

func (kss *Storage) GetKey(ctx context.Context, id string) (*StoredKey, error)

func (*Storage) GetKeyDetails 

func (kss *Storage) GetKeyDetails(ctx context.Context, id string) (*KeyDetails, error)

func (*Storage) RevokeKey 

func (kss *Storage) RevokeKey(ctx context.Context, id string) error

RevokeKey revokes a key by setting the revoked flag to true.

func (*Storage) StoreKey 

func (kss *Storage) StoreKey(ctx context.Context, key StoredKey) error

type StoreKeyRequest 

type StoreKeyRequest struct {
	ID               string
	Type             crypto.KeyType
	Controller       string
	PrivateKeyBase58 string
}

type StoredKey 

type StoredKey struct {
	ID         string         `json:"id"`
	Controller string         `json:"controller"`
	KeyType    crypto.KeyType `json:"keyType"`
	Base58Key  string         `json:"key"`
	Revoked    bool           `json:"revoked"`
	RevokedAt  string         `json:"revokedAt"`
	CreatedAt  string         `json:"createdAt"`
}

StoredKey represents a common data model to store data on all key types

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.