Documentation
¶
Index ¶
- type EncryptedFormatter
- type MACCrypto
- type MACDigester
- type Option
- type RESTProvider
- func (r *RESTProvider) Close() error
- func (r *RESTProvider) GetOpenStores() []newstorage.Store
- func (r *RESTProvider) GetStoreConfig(name string) (newstorage.StoreConfiguration, error)
- func (r *RESTProvider) OpenStore(name string) (newstorage.Store, error)
- func (r *RESTProvider) SetStoreConfig(name string, config newstorage.StoreConfiguration) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EncryptedFormatter ¶
type EncryptedFormatter struct {
// contains filtered or unexported fields
}
EncryptedFormatter formats data for use with an Encrypted Data Vault.
func NewEncryptedFormatter ¶
func NewEncryptedFormatter(jweEncrypter jose.Encrypter, jweDecrypter jose.Decrypter, macCrypto *MACCrypto) *EncryptedFormatter
NewEncryptedFormatter returns a new instance of an EncryptedFormatter.
func (*EncryptedFormatter) Deformat ¶
func (e *EncryptedFormatter) Deformat(_ string, formattedValue []byte, _ ...newstorage.Tag) (string, []byte, []newstorage.Tag, error)
Deformat takes formattedValue (which is expected to be a marshalled encrypted document produced by the Format function above, and returns the unformatted key, value and tags which are all contained in formattedValue. The formatted key and formatted tags must come from the encrypted document (formattedValue) since they are hashed values, and therefore not reversible.
func (*EncryptedFormatter) Format ¶
func (e *EncryptedFormatter) Format(key string, value []byte, tags ...newstorage.Tag) (string, []byte, []newstorage.Tag, error)
Format turns key into an EDV-compatible document ID, turns tag names and values into the format needed for EDV encrypted indexes, and turns key + value + tags into an encrypted document, which is then returned as the formatted value from this function.
type MACCrypto ¶
type MACCrypto struct {
// contains filtered or unexported fields
}
MACCrypto is used for computing MACs.
func NewMACCrypto ¶
func NewMACCrypto(kh interface{}, macDigester MACDigester) *MACCrypto
NewMACCrypto returns a new instance of a MACCrypto.
type MACDigester ¶
MACDigester represents a type that can compute MACs.
type Option ¶
type Option func(opts *RESTProvider)
Option allows for configuration of a RESTProvider.
func WithBatchEndpointExtension ¶
func WithBatchEndpointExtension() Option
WithBatchEndpointExtension option is a performance optimization that allows for restStore.Batch to only require one REST call. The EDV server that this RESTProvider connects to must support the TrustBloc EDV server extension as defined here: https://github.com/trustbloc/edv/blob/main/docs/extensions.md#batch-endpoint.
func WithFullDocumentsReturnedFromQueries ¶
func WithFullDocumentsReturnedFromQueries() Option
WithFullDocumentsReturnedFromQueries option is a performance optimization that speeds up queries by getting full documents from the EDV server instead of only document locations - each of which would require a separate REST call to retrieve. The EDV server that this RESTProvider connects to must support the TrustBloc EDV server extension as defined here: https://github.com/trustbloc/edv/blob/main/docs/extensions.md#return-full-documents-on-query.
func WithHeaders ¶
func WithHeaders(addHeadersFunc addHeaders) Option
WithHeaders option is for setting additional http request headers (since it's a function, it can call a remote authorization server to fetch the necessary info needed in these headers).
func WithTLSConfig ¶
WithTLSConfig is an option that allows for the definition of a secured HTTP transport using a tls.Config instance.
type RESTProvider ¶
type RESTProvider struct {
// contains filtered or unexported fields
}
RESTProvider is a newstorage.Provider that can be used to store data in a server supporting the data vault HTTP API as defined in https://identity.foundation/confidential-storage/#http-api.
func NewRESTProvider ¶
func NewRESTProvider(edvServerURL, vaultID string, formatter *EncryptedFormatter, options ...Option) *RESTProvider
NewRESTProvider returns a new RESTProvider. edvServerURL is the base URL for the EDV server. vaultID is the ID of the vault where this provider will store data. The vault must be created in advance, and since the EDV REST API does not provide a method to check if a vault with a given ID exists, any errors due to a non-existent vault will be deferred until calls are actually made to it in the store.
func (*RESTProvider) Close ¶
func (r *RESTProvider) Close() error
Close always returns a nil error since there's nothing to close for a RESTProvider.
func (*RESTProvider) GetOpenStores ¶
func (r *RESTProvider) GetOpenStores() []newstorage.Store
GetOpenStores returns all currently open stores.
func (*RESTProvider) GetStoreConfig ¶
func (r *RESTProvider) GetStoreConfig(name string) (newstorage.StoreConfiguration, error)
GetStoreConfig returns the store configuration currently stored in memory.
func (*RESTProvider) OpenStore ¶
func (r *RESTProvider) OpenStore(name string) (newstorage.Store, error)
OpenStore opens a new RESTStore, using name as the namespace.
func (*RESTProvider) SetStoreConfig ¶
func (r *RESTProvider) SetStoreConfig(name string, config newstorage.StoreConfiguration) error
SetStoreConfig isn't needed for EDV storage, since indexes are managed by the server automatically based on the tags used in values. This method simply stores the configuration in memory so that it can be retrieved later via the GetStoreConfig method, which allows it to be more consistent with how other store implementations work. TODO (#2492) Store store config in persistent EDV storage for true consistency with other store implementations.
Source Files