sig3

package
v4.4.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 9, 2019 License: BSD-3-Clause, BSD-3-Clause Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ChainTypeUserPrivateHidden = keybase1.SeqType_USER_PRIVATE_HIDDEN
	ChainTypeTeamPrivateHidden = keybase1.SeqType_TEAM_PRIVATE_HIDDEN
)

The values are picked so they don't conflict with Sigchain V1 and V2 SeqType's

Variables

This section is empty.

Functions

func CheckLinkSequence

func CheckLinkSequence(v []Generic) error

func ExportToPrevLinkTriple

func ExportToPrevLinkTriple(g Generic) keybase1.LinkTriple

func IsStubbed

func IsStubbed(g Generic) bool

Types

type AppkeyDerivationVersion

type AppkeyDerivationVersion int
const (
	AppkeyDerivationXOR AppkeyDerivationVersion = 1
)

type Base

type Base struct {
	// contains filtered or unexported fields
}

Base struct for sig3 links that contains much of the raw material pulled down or off local storage. Most implementations of sig3 links should include this base class.

func (*Base) Inner

func (b *Base) Inner() *InnerLink

Inner returns a pointer to the InnerLink in this base class.

func (*Base) Outer

func (b *Base) Outer() OuterLink

Outer returns a copy of the OuterLink in this base class

func (*Base) Prev

func (b *Base) Prev() *LinkID

Prev returns the LinkID of the previous link, or nil if none was provided.

func (*Base) Seqno

func (b *Base) Seqno() Seqno

Seqno returns the seqno of this link, as reported in the outer link itself.

func (*Base) Signer

func (b *Base) Signer() *Signer

Signer returns the (uid, eldest, KID) of the signer of this link if a sig was provided, and it was successfully verified (as reported by the link itself). If not, then this will return a nil.

type ChainLocation

type ChainLocation struct {
	TeamID    TeamID    `codec:"i"`
	Seqno     Seqno     `codec:"s"`
	ChainType ChainType `codec:"t"`
}

type ChainType

type ChainType = keybase1.SeqType

type ClientInfo

type ClientInfo struct {
	Desc    string `codec:"d"`
	Version string `codec:"v"`
}

type EncryptionParameters

type EncryptionParameters struct {
	KID     KID    `codec:"k"`
	Nonce   []byte `codec:"n"`
	Version int    `codec:"v"`
}

If the inner link is encrypted, we specify the encryption parameters with this offloaded structure. So far, we don't know of any such encrypted payloads, but we'll allow it.

type Entropy

type Entropy []byte

type ExportJSON

type ExportJSON struct {
	Inner string `json:"i,omitempty"`
	Outer string `json:"o,omitempty"`
	Sig   string `json:"s,omitempty"`
}

Sig3ExportJSON is for communicating with the API server.

func (ExportJSON) Import

func (s ExportJSON) Import() (Generic, error)

Import from ExportJSON format (as sucked down from the server) into a Generic link type, that can be casted into the supported link types (like RotateKey). Returns an error if we failed to parse the input data, or if signature validation failed.

type Generic

type Generic interface {
	Signer() *Signer
	Prev() *LinkID
	Seqno() Seqno
	Outer() OuterLink
	Inner() *InnerLink
	// contains filtered or unexported methods
}

Generic sig3 wrapper class, should implement the following interface.

type IgnoreIfUnsupported

type IgnoreIfUnsupported bool
type InnerLink struct {
	Body        interface{} `codec:"b"`           // The actual body, which varies based on the type in the outer link
	Ctime       TimeSec     `codec:"c"`           // Seconds since 1970 UTC.
	Entropy     Entropy     `codec:"e"`           // entropy for hiding the value of the inner link
	ClientInfo  *ClientInfo `codec:"i,omitempty"` // Optional client type making sig
	MerkleRoot  MerkleRoot  `codec:"m"`           // Optional snapshot of merkle root at time of sig
	ParentChain Tail        `codec:"p"`           // grab of the most-recent chain tail of the corresponding parent chain
	Signer      Signer      `codec:"s"`           // Info on the signer, including UID, KID and eldest
	Team        *Team       `codec:"t"`           // for teams, and null otherwise
}

type KID

type KID = keybase1.BinaryKID

func ImportKID

func ImportKID(k keybase1.KID) (ret KID)

type KeyPair

type KeyPair struct {
	// contains filtered or unexported fields
}

func NewKeyPair

func NewKeyPair(priv kbcrypto.NaclSigningKeyPrivate, pub KID) *KeyPair

type LinkFromFuture

type LinkFromFuture struct {
	Base
}

LinkFromFuture is a sig3 link type that we don't know how to decode, but it's ok to ignore.

type LinkID

type LinkID [32]byte

func Hash

func Hash(g Generic) (LinkID, error)

func ImportLinkID

func ImportLinkID(l keybase1.LinkID) (*LinkID, error)

func (*LinkID) Export

func (l *LinkID) Export() keybase1.LinkID

func (LinkID) String

func (l LinkID) String() string

type LinkType

type LinkType int
const (
	LinkTypeNone      LinkType = 0
	LinkTypeUserPeg   LinkType = 65
	LinkTypeRotateKey LinkType = 81
)

These values are picked so they don't conflict with Sigchain V1 and V2 link types

type MerkleRoot

type MerkleRoot struct {
	Ctime TimeSec `codec:"c"`
	Hash  []byte  `codec:"h"` // HashMeta of the MerkleRoot
	Seqno Seqno   `codec:"s"`
}

func (MerkleRoot) Export

func (m MerkleRoot) Export() keybase1.MerkleRootV2
type OuterLink struct {
	Version             SigVersion          `codec:"version"` // should be 3
	Seqno               Seqno               `codec:"seqno"`
	Prev                *LinkID             `codec:"prev"`
	InnerLinkID         LinkID              `codec:"curr"` // hash of the msgpack of the InnerLink
	LinkType            LinkType            `codec:"type"` // hash of the msgpack of the previous OuterLink
	ChainType           ChainType           `codec:"chaintype"`
	IgnoreIfUnsupported IgnoreIfUnsupported `codec:"ignore_if_unsupported"`
	// New field for V3; if this link is encrypted, specify the format, nonce and PUK
	EncryptionParameters *EncryptionParameters `codec:"encryption_parameters"`
	// contains filtered or unexported fields
}

OuterLink V3 is the third version of Keybase sigchain signatures, it roughly approximates the outer link v2s that we have previously used.

func (OuterLink) Hash

func (o OuterLink) Hash() (LinkID, error)

type PTKType

type PTKType = keybase1.PTKType

type ParseError

type ParseError struct {
	// contains filtered or unexported fields
}

func (ParseError) Error

func (e ParseError) Error() string

type PerTeamKey

type PerTeamKey struct {
	AppkeyDerivationVersion AppkeyDerivationVersion            `codec:"a"`
	SeedCheck               keybase1.PerTeamSeedCheckPostImage `codec:"c"` // SHA256(f(i)); see teams.avdl for f(i) definition
	EncryptionKID           KID                                `codec:"e"`
	Generation              PerTeamKeyGeneration               `codec:"g"`
	ReverseSig              *Sig                               `codec:"r"` // Can be null if we are checking sigs
	SigningKID              KID                                `codec:"s"`
	PTKType                 PTKType                            `codec:"t"`
}

func (PerTeamKey) Export

type PerTeamKeyGeneration

type PerTeamKeyGeneration = keybase1.PerTeamKeyGeneration

type RotateKey

type RotateKey struct {
	Base
}

RotateKey is a sig3 link type for a PTK rotation. Handles multiple PTK types being rotated in one link.

func NewRotateKey

func NewRotateKey(o OuterLink, i InnerLink, b RotateKeyBody) *RotateKey

NewRotateKey makes a new rotate key given sig3 skeletons (Outer and Inner) and also the PTKs that are going to be advertised in the sig3 link.

func (RotateKey) Export

func (r RotateKey) Export() (ret *keybase1.HiddenTeamChainLink, err error)

func (*RotateKey) PTKs

func (r *RotateKey) PTKs() []PerTeamKey

func (*RotateKey) ReaderKey

func (r *RotateKey) ReaderKey() *PerTeamKey

func (RotateKey) Sign

func (r RotateKey) Sign(outer KeyPair, inners []KeyPair) (ret *Sig3Bundle, err error)

Sign the RotateKey structure, with the given user's keypair (outer), and with the new PTKs (inner). Return a Sig3Bundle, which was the exportable information, that you can export either to local storage or up to the server.

type RotateKeyBody

type RotateKeyBody struct {
	PTKs []PerTeamKey `codec:"k"`
}

type Seqno

type Seqno = keybase1.Seqno

type SequenceError

type SequenceError struct {
	// contains filtered or unexported fields
}

func (SequenceError) Error

func (e SequenceError) Error() string

type Sig

type Sig [64]byte

type Sig3Bundle

type Sig3Bundle struct {
	Inner *InnerLink `json:"i,omitempty"`
	Outer OuterLink  `json:"o"`
	Sig   *Sig       `json:"s,omitempty"`
}

Sig3Bundle is for storing sig3 links locally

func (Sig3Bundle) Export

func (s Sig3Bundle) Export() (ret ExportJSON, err error)

Export a sig3 up to the server in base64'ed JSON format, as in a POST request.

type Sig3Error

type Sig3Error struct {
	// contains filtered or unexported fields
}

func (Sig3Error) Error

func (e Sig3Error) Error() string

type SigVersion

type SigVersion int
const (
	SigVersion3 SigVersion = 3
)

type Signer

type Signer struct {
	EldestSeqno keybase1.Seqno `codec:"e"`
	KID         KID            `codec:"k"`
	UID         UID            `codec:"u"`
}

func (Signer) Export

func (s Signer) Export() keybase1.Signer

type Tail

type Tail struct {
	Hash      LinkID    `codec:"h"` // hash of the outer link
	Seqno     Seqno     `codec:"s"`
	ChainType ChainType `codec:"t"`
}

func ImportTail

func ImportTail(l keybase1.LinkTriple) (*Tail, error)

func (Tail) Export

func (t Tail) Export() keybase1.LinkTriple

type Team

type Team struct {
	Admin      *ChainLocation `codec:"a,omitempty"` // If working as an implicit admin, where that permission comes from
	TeamID     TeamID         `codec:"i"`
	IsImplicit bool           `codec:"m"`
	IsPublic   bool           `codec:"p"`
}

type TeamID

type TeamID [16]byte

func ImportTeamID

func ImportTeamID(t keybase1.TeamID) (*TeamID, error)

type Time

type Time = keybase1.Time

type TimeSec

type TimeSec int64

type UID

type UID [16]byte

func ImportUID

func ImportUID(u keybase1.UID) (ret UID)

func (UID) Export

func (u UID) Export() keybase1.UID

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL