Documentation ¶
Index ¶
- Constants
- func CheckLinkSequence(v []Generic) error
- func ExportToPrevLinkTriple(g Generic) keybase1.LinkTriple
- func IsStubbed(g Generic) bool
- type AppkeyDerivationVersion
- type Base
- type ChainLocation
- type ChainType
- type ClientInfo
- type EncryptionParameters
- type Entropy
- type ExportJSON
- type Generic
- type IgnoreIfUnsupported
- type InnerLink
- type KID
- type KeyPair
- type LinkFromFuture
- type LinkID
- type LinkType
- type MerkleRoot
- type OuterLink
- type PTKType
- type ParseError
- type PerTeamKey
- type PerTeamKeyGeneration
- type RotateKey
- type RotateKeyBody
- type Seqno
- type SequenceError
- type Sig
- type Sig3Bundle
- type Sig3Error
- type SigVersion
- type Signer
- type Tail
- type Team
- type TeamID
- type Time
- type TimeSec
- type UID
Constants ¶
const ( ChainTypeUserPrivateHidden = keybase1.SeqType_USER_PRIVATE_HIDDEN ChainTypeTeamPrivateHidden = keybase1.SeqType_TEAM_PRIVATE_HIDDEN )
The values are picked so they don't conflict with Sigchain V1 and V2 SeqType's
Variables ¶
This section is empty.
Functions ¶
func CheckLinkSequence ¶
func ExportToPrevLinkTriple ¶
func ExportToPrevLinkTriple(g Generic) keybase1.LinkTriple
Types ¶
type AppkeyDerivationVersion ¶
type AppkeyDerivationVersion int
const (
AppkeyDerivationXOR AppkeyDerivationVersion = 1
)
type Base ¶
type Base struct {
// contains filtered or unexported fields
}
Base struct for sig3 links that contains much of the raw material pulled down or off local storage. Most implementations of sig3 links should include this base class.
type ChainLocation ¶
type ClientInfo ¶
type EncryptionParameters ¶
type EncryptionParameters struct { KID KID `codec:"k"` Nonce []byte `codec:"n"` Version int `codec:"v"` }
If the inner link is encrypted, we specify the encryption parameters with this offloaded structure. So far, we don't know of any such encrypted payloads, but we'll allow it.
type ExportJSON ¶
type ExportJSON struct { Inner string `json:"i,omitempty"` Outer string `json:"o,omitempty"` Sig string `json:"s,omitempty"` }
Sig3ExportJSON is for communicating with the API server.
func (ExportJSON) Import ¶
func (s ExportJSON) Import() (Generic, error)
Import from ExportJSON format (as sucked down from the server) into a Generic link type, that can be casted into the supported link types (like RotateKey). Returns an error if we failed to parse the input data, or if signature validation failed.
type Generic ¶
type Generic interface { Signer() *Signer Prev() *LinkID Seqno() Seqno Outer() OuterLink Inner() *InnerLink // contains filtered or unexported methods }
Generic sig3 wrapper class, should implement the following interface.
type IgnoreIfUnsupported ¶
type IgnoreIfUnsupported bool
type InnerLink ¶
type InnerLink struct { Body interface{} `codec:"b"` // The actual body, which varies based on the type in the outer link Ctime TimeSec `codec:"c"` // Seconds since 1970 UTC. Entropy Entropy `codec:"e"` // entropy for hiding the value of the inner link ClientInfo *ClientInfo `codec:"i,omitempty"` // Optional client type making sig MerkleRoot MerkleRoot `codec:"m"` // Optional snapshot of merkle root at time of sig ParentChain Tail `codec:"p"` // grab of the most-recent chain tail of the corresponding parent chain Signer Signer `codec:"s"` // Info on the signer, including UID, KID and eldest Team *Team `codec:"t"` // for teams, and null otherwise }
type KeyPair ¶
type KeyPair struct {
// contains filtered or unexported fields
}
func NewKeyPair ¶
func NewKeyPair(priv kbcrypto.NaclSigningKeyPrivate, pub KID) *KeyPair
type LinkFromFuture ¶
type LinkFromFuture struct {
Base
}
LinkFromFuture is a sig3 link type that we don't know how to decode, but it's ok to ignore.
type MerkleRoot ¶
type MerkleRoot struct { Ctime TimeSec `codec:"c"` Hash []byte `codec:"h"` // HashMeta of the MerkleRoot Seqno Seqno `codec:"s"` }
func (MerkleRoot) Export ¶
func (m MerkleRoot) Export() keybase1.MerkleRootV2
type OuterLink ¶
type OuterLink struct { Version SigVersion `codec:"version"` // should be 3 Seqno Seqno `codec:"seqno"` Prev *LinkID `codec:"prev"` InnerLinkID LinkID `codec:"curr"` // hash of the msgpack of the InnerLink LinkType LinkType `codec:"type"` // hash of the msgpack of the previous OuterLink ChainType ChainType `codec:"chaintype"` IgnoreIfUnsupported IgnoreIfUnsupported `codec:"ignore_if_unsupported"` // New field for V3; if this link is encrypted, specify the format, nonce and PUK EncryptionParameters *EncryptionParameters `codec:"encryption_parameters"` // contains filtered or unexported fields }
OuterLink V3 is the third version of Keybase sigchain signatures, it roughly approximates the outer link v2s that we have previously used.
type ParseError ¶
type ParseError struct {
// contains filtered or unexported fields
}
func (ParseError) Error ¶
func (e ParseError) Error() string
type PerTeamKey ¶
type PerTeamKey struct { AppkeyDerivationVersion AppkeyDerivationVersion `codec:"a"` SeedCheck keybase1.PerTeamSeedCheckPostImage `codec:"c"` // SHA256(f(i)); see teams.avdl for f(i) definition EncryptionKID KID `codec:"e"` Generation PerTeamKeyGeneration `codec:"g"` ReverseSig *Sig `codec:"r"` // Can be null if we are checking sigs SigningKID KID `codec:"s"` PTKType PTKType `codec:"t"` }
func (PerTeamKey) Export ¶
func (p PerTeamKey) Export(q keybase1.Seqno) keybase1.PerTeamKeyAndCheck
type PerTeamKeyGeneration ¶
type PerTeamKeyGeneration = keybase1.PerTeamKeyGeneration
type RotateKey ¶
type RotateKey struct {
Base
}
RotateKey is a sig3 link type for a PTK rotation. Handles multiple PTK types being rotated in one link.
func NewRotateKey ¶
func NewRotateKey(o OuterLink, i InnerLink, b RotateKeyBody) *RotateKey
NewRotateKey makes a new rotate key given sig3 skeletons (Outer and Inner) and also the PTKs that are going to be advertised in the sig3 link.
func (RotateKey) Export ¶
func (r RotateKey) Export() (ret *keybase1.HiddenTeamChainLink, err error)
func (*RotateKey) PTKs ¶
func (r *RotateKey) PTKs() []PerTeamKey
func (*RotateKey) ReaderKey ¶
func (r *RotateKey) ReaderKey() *PerTeamKey
func (RotateKey) Sign ¶
func (r RotateKey) Sign(outer KeyPair, inners []KeyPair) (ret *Sig3Bundle, err error)
Sign the RotateKey structure, with the given user's keypair (outer), and with the new PTKs (inner). Return a Sig3Bundle, which was the exportable information, that you can export either to local storage or up to the server.
type RotateKeyBody ¶
type RotateKeyBody struct {
PTKs []PerTeamKey `codec:"k"`
}
type SequenceError ¶
type SequenceError struct {
// contains filtered or unexported fields
}
func (SequenceError) Error ¶
func (e SequenceError) Error() string
type Sig3Bundle ¶
type Sig3Bundle struct { Inner *InnerLink `json:"i,omitempty"` Outer OuterLink `json:"o"` Sig *Sig `json:"s,omitempty"` }
Sig3Bundle is for storing sig3 links locally
func (Sig3Bundle) Export ¶
func (s Sig3Bundle) Export() (ret ExportJSON, err error)
Export a sig3 up to the server in base64'ed JSON format, as in a POST request.
type Signer ¶
type Tail ¶
type Tail struct { Hash LinkID `codec:"h"` // hash of the outer link Seqno Seqno `codec:"s"` ChainType ChainType `codec:"t"` }
func ImportTail ¶
func ImportTail(l keybase1.LinkTriple) (*Tail, error)
func (Tail) Export ¶
func (t Tail) Export() keybase1.LinkTriple
type Team ¶
type Team struct { Admin *ChainLocation `codec:"a,omitempty"` // If working as an implicit admin, where that permission comes from TeamID TeamID `codec:"i"` IsImplicit bool `codec:"m"` IsPublic bool `codec:"p"` }