ephemeral

package
v2.1.2-DESKTOP+incompa... Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 25, 2018 License: BSD-3-Clause, BSD-3-Clause Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const KeyGenLifetimeSecs = 60 * 60 * 24 // one day

Everyday we want to generate a new key if possible

View Source
const KeyLifetimeSecs = 60 * 60 * 24 * 7 // one week

NOTE: If you change this value you should change it in web/ephemeral.iced and go/ekreaperd/reaper.go as well. Keys last at most one week

View Source
const MemCacheLRUSize = 200
View Source
const SkipKeygenNilMerkleRoot = "Skipping key generation, unable to fetch merkle root"

Variables

This section is empty.

Functions

func ForcePublishNewTeamEKForTesting

func ForcePublishNewTeamEKForTesting(ctx context.Context, g *libkb.GlobalContext, teamID keybase1.TeamID, merkleRoot libkb.MerkleRoot) (metadata keybase1.TeamEkMetadata, err error)

func ForcePublishNewUserEKForTesting

func ForcePublishNewUserEKForTesting(ctx context.Context, g *libkb.GlobalContext, merkleRoot libkb.MerkleRoot) (metadata keybase1.UserEkMetadata, err error)

func HandleNewTeamEK

func HandleNewTeamEK(ctx context.Context, g *libkb.GlobalContext, teamID keybase1.TeamID, generation keybase1.EkGeneration) (err error)

func NewEphemeralStorageAndInstall

func NewEphemeralStorageAndInstall(g *libkb.GlobalContext)

Creates a ephemeral key storage and installs it into G.

func ServiceInit

func ServiceInit(g *libkb.GlobalContext)

Types

type DeviceEKMap

type DeviceEKMap map[keybase1.EkGeneration]keybase1.DeviceEk

type DeviceEKSeed

type DeviceEKSeed keybase1.Bytes32

func (*DeviceEKSeed) DeriveDHKey

func (s *DeviceEKSeed) DeriveDHKey() *libkb.NaclDHKeyPair

type DeviceEKStorage

type DeviceEKStorage struct {
	libkb.Contextified
	sync.Mutex
	// contains filtered or unexported fields
}

func NewDeviceEKStorage

func NewDeviceEKStorage(g *libkb.GlobalContext) *DeviceEKStorage

func (*DeviceEKStorage) ClearCache

func (s *DeviceEKStorage) ClearCache()

func (*DeviceEKStorage) Delete

func (s *DeviceEKStorage) Delete(ctx context.Context, generation keybase1.EkGeneration) (err error)

func (*DeviceEKStorage) DeleteExpired

func (s *DeviceEKStorage) DeleteExpired(ctx context.Context, merkleRoot libkb.MerkleRoot) (expired []keybase1.EkGeneration, err error)

func (*DeviceEKStorage) ForceDeleteAll

func (s *DeviceEKStorage) ForceDeleteAll(ctx context.Context, username libkb.NormalizedUsername) (err error)

func (*DeviceEKStorage) Get

func (s *DeviceEKStorage) Get(ctx context.Context, generation keybase1.EkGeneration) (deviceEK keybase1.DeviceEk, err error)

func (*DeviceEKStorage) GetAll

func (s *DeviceEKStorage) GetAll(ctx context.Context) (deviceEKs DeviceEKMap, err error)

func (*DeviceEKStorage) GetAllActive

func (s *DeviceEKStorage) GetAllActive(ctx context.Context, merkleRoot libkb.MerkleRoot) (metadatas []keybase1.DeviceEkMetadata, err error)

func (*DeviceEKStorage) ListAllForUser

func (s *DeviceEKStorage) ListAllForUser(ctx context.Context) (all []string, err error)

ListAllForUser lists the internal storage name of deviceEKs of the logged in user. This is used for logsend purposes to debug ek state.

func (*DeviceEKStorage) MaxGeneration

func (s *DeviceEKStorage) MaxGeneration(ctx context.Context) (maxGeneration keybase1.EkGeneration, err error)

func (*DeviceEKStorage) Put

func (s *DeviceEKStorage) Put(ctx context.Context, generation keybase1.EkGeneration, deviceEK keybase1.DeviceEk) (err error)

type EKLib

type EKLib struct {
	libkb.Contextified

	sync.Mutex
	// contains filtered or unexported fields
}

func NewEKLib

func NewEKLib(g *libkb.GlobalContext) *EKLib

func (*EKLib) BoxLatestTeamEK added in v1.0.48

func (e *EKLib) BoxLatestTeamEK(ctx context.Context, teamID keybase1.TeamID, recipients []keybase1.UID) (teamEKBoxes *[]keybase1.TeamEkBoxMetadata, err error)

func (*EKLib) BoxLatestUserEK added in v1.0.47

func (e *EKLib) BoxLatestUserEK(ctx context.Context, receiverKey libkb.NaclDHKeyPair, deviceEKGeneration keybase1.EkGeneration) (userEKBox *keybase1.UserEkBoxed, err error)

For device provisioning

func (*EKLib) CleanupStaleUserAndDeviceEKs

func (e *EKLib) CleanupStaleUserAndDeviceEKs(ctx context.Context) (err error)

func (*EKLib) DeriveDeviceDHKey added in v1.0.47

func (e *EKLib) DeriveDeviceDHKey(seed keybase1.Bytes32) *libkb.NaclDHKeyPair

func (*EKLib) GetOrCreateLatestTeamEK

func (e *EKLib) GetOrCreateLatestTeamEK(ctx context.Context, teamID keybase1.TeamID) (teamEK keybase1.TeamEk, err error)

func (*EKLib) GetTeamEK

func (e *EKLib) GetTeamEK(ctx context.Context, teamID keybase1.TeamID, generation keybase1.EkGeneration) (teamEK keybase1.TeamEk, err error)

Try to get the TeamEK for the given `generation`. If this fails and the `generation` is also the current maxGeneration, create a new teamEK.

func (*EKLib) KeygenIfNeeded

func (e *EKLib) KeygenIfNeeded(ctx context.Context) (err error)

func (*EKLib) NewDeviceEKNeeded

func (e *EKLib) NewDeviceEKNeeded(ctx context.Context) (needed bool, err error)

func (*EKLib) NewEphemeralSeed added in v1.0.47

func (e *EKLib) NewEphemeralSeed() (seed keybase1.Bytes32, err error)

func (*EKLib) NewMetaContext

func (e *EKLib) NewMetaContext(ctx context.Context) libkb.MetaContext

func (*EKLib) NewTeamEKNeeded

func (e *EKLib) NewTeamEKNeeded(ctx context.Context, teamID keybase1.TeamID) (needed bool, err error)

func (*EKLib) NewUserEKNeeded

func (e *EKLib) NewUserEKNeeded(ctx context.Context) (needed bool, err error)

func (*EKLib) OnLogin

func (e *EKLib) OnLogin() error

func (*EKLib) OnLogout

func (e *EKLib) OnLogout() error

func (*EKLib) PrepareNewTeamEK added in v1.0.48

func (e *EKLib) PrepareNewTeamEK(ctx context.Context, teamID keybase1.TeamID, signingKey libkb.NaclSigningKeyPair, recipients []keybase1.UID) (sig string, boxes *[]keybase1.TeamEkBoxMetadata, newMetadata keybase1.TeamEkMetadata, myBox *keybase1.TeamEkBoxed, err error)

func (*EKLib) PrepareNewUserEK added in v1.0.48

func (e *EKLib) PrepareNewUserEK(ctx context.Context, merkleRoot libkb.MerkleRoot, pukSeed libkb.PerUserKeySeed) (sig string, boxes []keybase1.UserEkBoxMetadata, newMetadata keybase1.UserEkMetadata, myBox *keybase1.UserEkBoxed, err error)

func (*EKLib) PurgeTeamEKGenCache

func (e *EKLib) PurgeTeamEKGenCache(teamID keybase1.TeamID, generation keybase1.EkGeneration)

func (*EKLib) SignedDeviceEKStatementFromSeed added in v1.0.47

func (e *EKLib) SignedDeviceEKStatementFromSeed(ctx context.Context, generation keybase1.EkGeneration, seed keybase1.Bytes32, signingKey libkb.GenericKey, existingMetadata []keybase1.DeviceEkMetadata) (statement keybase1.DeviceEkStatement, signedStatement string, err error)

type EKMissingBoxErr added in v1.0.48

type EKMissingBoxErr struct {
	// contains filtered or unexported fields
}

func (EKMissingBoxErr) Error added in v1.0.48

func (e EKMissingBoxErr) Error() string

type EKType

type EKType string
const (
	DeviceEKStr EKType = "deviceEK"
	UserEKStr   EKType = "userEK"
	TeamEKStr   EKType = "teamEK"
)

type EKUnboxErr

type EKUnboxErr struct {
	// contains filtered or unexported fields
}

func (EKUnboxErr) Error

func (e EKUnboxErr) Error() string

type MemoryStorage

type MemoryStorage struct {
	libkb.Contextified

	sync.Mutex
	// contains filtered or unexported fields
}

Store some TeamEKBoxes's in memory. Threadsafe.

func NewMemoryStorage

func NewMemoryStorage(g *libkb.GlobalContext) *MemoryStorage

func (*MemoryStorage) Clear

func (s *MemoryStorage) Clear()

func (*MemoryStorage) GetMap

func (s *MemoryStorage) GetMap(teamID keybase1.TeamID) (teamEKBoxes TeamEKBoxMap, found bool)

func (*MemoryStorage) PutMap

func (s *MemoryStorage) PutMap(teamID keybase1.TeamID, teamEKBoxes TeamEKBoxMap)

type TeamEKBoxStorage

type TeamEKBoxStorage struct {
	libkb.Contextified
	sync.Mutex
	// contains filtered or unexported fields
}

We cache TeamEKBoxes from the server in a LRU and a persist to a local KVStore.

func NewTeamEKBoxStorage

func NewTeamEKBoxStorage(g *libkb.GlobalContext) *TeamEKBoxStorage

func (*TeamEKBoxStorage) ClearCache

func (s *TeamEKBoxStorage) ClearCache()

func (*TeamEKBoxStorage) Delete

func (s *TeamEKBoxStorage) Delete(ctx context.Context, teamID keybase1.TeamID, generation keybase1.EkGeneration) (err error)

func (*TeamEKBoxStorage) DeleteExpired

func (s *TeamEKBoxStorage) DeleteExpired(ctx context.Context, teamID keybase1.TeamID, merkleRoot libkb.MerkleRoot) (expired []keybase1.EkGeneration, err error)

func (*TeamEKBoxStorage) Get

func (s *TeamEKBoxStorage) Get(ctx context.Context, teamID keybase1.TeamID, generation keybase1.EkGeneration) (teamEK keybase1.TeamEk, err error)

func (*TeamEKBoxStorage) GetAll

func (s *TeamEKBoxStorage) GetAll(ctx context.Context, teamID keybase1.TeamID) (teamEKs TeamEKMap, err error)

func (*TeamEKBoxStorage) MaxGeneration

func (s *TeamEKBoxStorage) MaxGeneration(ctx context.Context, teamID keybase1.TeamID) (maxGeneration keybase1.EkGeneration, err error)

func (*TeamEKBoxStorage) Put

func (s *TeamEKBoxStorage) Put(ctx context.Context, teamID keybase1.TeamID, generation keybase1.EkGeneration, teamEKBoxed keybase1.TeamEkBoxed) (err error)

type TeamEKBoxedResponse

type TeamEKBoxedResponse struct {
	Result *struct {
		Box              string                `json:"box"`
		UserEKGeneration keybase1.EkGeneration `json:"user_ek_generation"`
		Sig              string                `json:"sig"`
	} `json:"result"`
}

type TeamEKMap

type TeamEKMap map[keybase1.EkGeneration]keybase1.TeamEk

type TeamEKSeed

type TeamEKSeed keybase1.Bytes32

func (*TeamEKSeed) DeriveDHKey

func (s *TeamEKSeed) DeriveDHKey() *libkb.NaclDHKeyPair

type UserEKBoxStorage

type UserEKBoxStorage struct {
	libkb.Contextified
	sync.Mutex
	// contains filtered or unexported fields
}

We cache UserEKBoxes from the server in memory and a persist to a local KVStore.

func NewUserEKBoxStorage

func NewUserEKBoxStorage(g *libkb.GlobalContext) *UserEKBoxStorage

func (*UserEKBoxStorage) ClearCache

func (s *UserEKBoxStorage) ClearCache()

func (*UserEKBoxStorage) Delete

func (s *UserEKBoxStorage) Delete(ctx context.Context, generation keybase1.EkGeneration) (err error)

func (*UserEKBoxStorage) DeleteExpired

func (s *UserEKBoxStorage) DeleteExpired(ctx context.Context, merkleRoot libkb.MerkleRoot) (expired []keybase1.EkGeneration, err error)

func (*UserEKBoxStorage) Get

func (s *UserEKBoxStorage) Get(ctx context.Context, generation keybase1.EkGeneration) (userEK keybase1.UserEk, err error)

func (*UserEKBoxStorage) GetAll

func (s *UserEKBoxStorage) GetAll(ctx context.Context) (userEKs UserEKUnboxedMap, err error)

func (*UserEKBoxStorage) MaxGeneration

func (s *UserEKBoxStorage) MaxGeneration(ctx context.Context) (maxGeneration keybase1.EkGeneration, err error)

func (*UserEKBoxStorage) Put

func (s *UserEKBoxStorage) Put(ctx context.Context, generation keybase1.EkGeneration, userEKBoxed keybase1.UserEkBoxed) (err error)

type UserEKBoxedResponse

type UserEKBoxedResponse struct {
	Result *struct {
		Box                string                `json:"box"`
		DeviceEKGeneration keybase1.EkGeneration `json:"device_ek_generation"`
		Sig                string                `json:"sig"`
	} `json:"result"`
}

type UserEKSeed

type UserEKSeed keybase1.Bytes32

func (*UserEKSeed) DeriveDHKey

func (s *UserEKSeed) DeriveDHKey() *libkb.NaclDHKeyPair

type UserEKUnboxedMap

type UserEKUnboxedMap map[keybase1.EkGeneration]keybase1.UserEk

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL