Documentation
¶
Index ¶
- type EncryptedFormatter
- type MACCrypto
- type MACDigester
- type Option
- type RESTProvider
- type RESTStore
- func (r *RESTStore) AddEncryptedIndexTagForStoreName(encryptedDocumentBytes []byte) (*models.EncryptedDocument, error)
- func (r *RESTStore) Delete(k string) error
- func (r *RESTStore) Get(k string) ([]byte, error)
- func (r *RESTStore) Iterator(_, _ string) storage.StoreIterator
- func (r *RESTStore) Put(k string, v []byte) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EncryptedFormatter ¶
type EncryptedFormatter struct {
// contains filtered or unexported fields
}
EncryptedFormatter uses Aries crypto to encrypt and decrypt between Structured Documents and Encrypted Documents.
func NewEncryptedFormatter ¶
func NewEncryptedFormatter(jweEncrypter jose.Encrypter, jweDecrypter jose.Decrypter, macCrypto *MACCrypto) *EncryptedFormatter
NewEncryptedFormatter returns a new instance of an EncryptedFormatter.
func (*EncryptedFormatter) FormatPair ¶
func (f *EncryptedFormatter) FormatPair(k string, v []byte) ([]byte, error)
FormatPair encrypts k and v into encrypted document format.
func (*EncryptedFormatter) GenerateEDVDocumentID ¶
func (f *EncryptedFormatter) GenerateEDVDocumentID(k string) (string, error)
GenerateEDVDocumentID generates the EDV document ID based on k and the MAC crypto key. TODO (#2376) Revisit how we're generating EDV document IDs, since it's technically not 100% in line with the spec.
(Spec requires randomly generated IDs)
type MACCrypto ¶
type MACCrypto struct {
// contains filtered or unexported fields
}
MACCrypto is used for computing MACs.
func NewMACCrypto ¶
func NewMACCrypto(kh interface{}, macDigester MACDigester) *MACCrypto
NewMACCrypto returns a new instance of a MACCrypto.
type MACDigester ¶
MACDigester represents a type that can compute MACs.
type Option ¶
type Option func(opts *RESTProvider)
Option configures the EDV REST provider.
func WithFullDocumentsReturnedFromQueries ¶
func WithFullDocumentsReturnedFromQueries() Option
WithFullDocumentsReturnedFromQueries option is a performance optimization that can be used only if the EDV server that this RESTProvider connects to supports returning full documents in query results instead of only the document locations.
func WithHeaders ¶
func WithHeaders(addHeadersFunc addHeaders) Option
WithHeaders option is for setting additional http request headers (since it's a function, it can call a remote authorization server to fetch the necessary info needed in these headers).
func WithTLSConfig ¶
WithTLSConfig option is for definition of secured HTTP transport using a tls.Config instance.
type RESTProvider ¶
type RESTProvider struct {
// contains filtered or unexported fields
}
RESTProvider is a store provider that can be used to store data in a server supporting the data vault HTTPS API as defined in https://identity.foundation/secure-data-store/#data-vault-https-api.
func NewRESTProvider ¶
func NewRESTProvider(edvServerURL, vaultID string, macCrypto *MACCrypto, options ...Option) (*RESTProvider, error)
NewRESTProvider returns a new RESTProvider. edvServerURL is the base URL for the data vault HTTPS API. vaultID is the ID of the vault where this provider will store data. The vault must be created in advance, and since the EDV REST API does not provide a method to check if a vault with a given ID exists, any errors due to a non-existent vault will be deferred until calls are actually made to it in the RESTStore. macCrypto is used to create an encrypted indices, which allow for documents to be queries based on a key without leaking that key to the EDV server.
func (*RESTProvider) Batch ¶
func (r *RESTProvider) Batch(batch *models.Batch) error
Batch performs a batch of operations within the RESTProvider. The EDV server must support the "Batch" extension. TODO (#2315) Refactor storage interface to properly accommodate this method
(For FormatProvider to use this, it must do a cast)
func (*RESTProvider) Close ¶
func (r *RESTProvider) Close() error
Close always returns success, since EDV REST stores have no concept of "closing".
func (*RESTProvider) CloseStore ¶
func (r *RESTProvider) CloseStore(string) error
CloseStore always returns success, since EDV REST stores have no concept of "closing".
type RESTStore ¶
type RESTStore struct {
// contains filtered or unexported fields
}
RESTStore is a store for storing EDV documents via the REST API. TODO (#2315) RESTStore shouldn't be exported - it was exported to allow for batch operations. When refactoring the storage interface, fix this.
func (*RESTStore) AddEncryptedIndexTagForStoreName ¶
func (r *RESTStore) AddEncryptedIndexTagForStoreName(encryptedDocumentBytes []byte) (*models.EncryptedDocument, error)
AddEncryptedIndexTagForStoreName takes encryptedDocumentBytes and adds an encrypted index tag so that we can later identify the document as belonging to the store r.name. TODO (#2315) AddEncryptedIndices shouldn't be exported - it was exported to allow for batch operations. When refactoring the storage interface, fix this.
func (*RESTStore) Delete ¶
Delete deletes the encrypted document in the EDV server that is tagged with the key k.
Source Files
Directories