kbfsmd

package
v3.1.2+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 11, 2019 License: BSD-3-Clause, BSD-3-Clause, BSD-3-Clause Imports: 25 Imported by: 0

README

kbfsmd

Types and functions to work with KBFS blocks. The package is named kbfsmd rather than md to avoid clashes with existing variable names.

All errors returned by this package are wrapped with pkg/errors, and so need errors.Cause() to unwrap them.

Documentation

Index

Constants

View Source
const (
	// BranchIDByteLen is the number of bytes in a per-device per-TLF branch ID.
	BranchIDByteLen = 16
	// BranchIDStringLen is the number of characters in the string
	// representation of a per-device per-TLF branch ID.
	BranchIDStringLen = 2 * BranchIDByteLen
)
View Source
const (
	// RevisionUninitialized indicates that a top-level folder has
	// not yet been initialized.
	RevisionUninitialized = Revision(0)
	// RevisionInitial is always the first revision for an
	// initialized top-level folder.
	RevisionInitial = Revision(1)
)
View Source
const (
	// ServerTokenServer is the expected server type for mdserver authentication.
	ServerTokenServer = "kbfs_md"
	// ServerTokenExpireIn is the TTL to use when constructing an authentication token.
	ServerTokenExpireIn = 24 * 60 * 60 // 24 hours
)
View Source
const (
	// StatusCodeServerError is the error code for a generic server error.
	StatusCodeServerError = 2800
	// StatusCodeServerErrorBadRequest is the error code for a generic client error.
	StatusCodeServerErrorBadRequest = 2801
	// StatusCodeServerErrorConflictRevision is the error code for a revision conflict error.
	StatusCodeServerErrorConflictRevision = 2802
	// StatusCodeServerErrorConflictPrevRoot is the error code for a PrevRoot pointer conflict error.
	StatusCodeServerErrorConflictPrevRoot = 2803
	// StatusCodeServerErrorConflictDiskUsage is the error code for a disk usage conflict error.
	StatusCodeServerErrorConflictDiskUsage = 2804
	// StatusCodeServerErrorLocked is the error code to indicate the folder truncation lock is locked.
	StatusCodeServerErrorLocked = 2805
	// StatusCodeServerErrorUnauthorized is the error code to indicate the client is unauthorized to perform
	// a certain operation. This is also used to indicate an object isn't found.
	StatusCodeServerErrorUnauthorized = 2806
	// StatusCodeServerErrorThrottle is the error code to indicate the client should initiate backoff.
	StatusCodeServerErrorThrottle = 2807
	// StatusCodeServerErrorConditionFailed is the error code to indicate the write condition failed.
	StatusCodeServerErrorConditionFailed = 2808
	// StatusCodeServerErrorWriteAccess is the error code to indicate the client isn't authorized to
	// write to a TLF.
	StatusCodeServerErrorWriteAccess = 2809
	// StatusCodeServerErrorConflictFolderMapping is the error code for a folder handle to folder ID
	// mapping conflict error.
	StatusCodeServerErrorConflictFolderMapping = 2810
	// StatusCodeServerErrorTooManyFoldersCreated is the error code to
	// indicate that the user has created more folders than their limit.
	StatusCodeServerErrorTooManyFoldersCreated = 2811
	// StatusCodeServerErrorCannotReadFinalizedTLF is the error code
	// to indicate that a reader has requested to read a TLF ID that
	// has been finalized, which isn't allowed.
	StatusCodeServerErrorCannotReadFinalizedTLF = 2812
	// StatusCodeServerErrorLockConflict is the error code returned by
	// a MD write operation to indicate a lock conflict has happened and the MD
	// has not been written. The lock conflict could be due to:
	//   1) a lockID that client required the write to be contingent on is not
	//      held at the time server tries to commit the MD, or
	//   2) a implicit team migration lock is held on server, and the MD that
	//      the client tried to write was either a rekey MD update or a MDv2
	//      update, and was blocked by server.
	StatusCodeServerErrorLockConflict = 2813
	// StatusCodeServerErrorClassicTLFDoesNotExist is the error code returned by a
	// MD get operation to indicate that a classic TLF is not found, and client
	// has specified not to create one. Normally upon this error, KBFS client
	// should ask service to create an implicit team for the give handle, and
	// use the i-team backed TLF.
	StatusCodeServerErrorClassicTLFDoesNotExist = 2814
	// StatusCodeServerErrorMissingFolderHandle is the error code
	// returned by the MD GetFolderHandle operation to indicate that a
	// handle isn't found for a particular folder ID.  It's only
	// returned if implicit teams is enabled, and likely indicates
	// that the folder ID has been created by a client for an
	// implicit-team-backed TLF, but no MDs have yet been written to
	// the TLF.
	StatusCodeServerErrorMissingFolderHandle = 2815
)
View Source
const MerkleRootVersion = 1

MerkleRootVersion is the current Merkle root version.

Variables

View Source
var NullBranchID = BranchID{}

NullBranchID is an empty BranchID

View Source
var PendingLocalSquashBranchID = BranchID{
	[BranchIDByteLen]byte{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}}

PendingLocalSquashBranchID indicates a local branch that is not in known conflict with the master branch, but just needs to be squashed locally.

Functions

func CheckRKBID

func CheckRKBID(codec kbfscodec.Codec,
	rkbID TLFReaderKeyBundleID, rkb TLFReaderKeyBundleV3) error

CheckRKBID returns an error if the ID of the given reader key bundle doesn't match the given one.

func CheckWKBID

func CheckWKBID(codec kbfscodec.Codec,
	wkbID TLFWriterKeyBundleID, wkb TLFWriterKeyBundleV3) error

CheckWKBID returns an error if the ID of the given writer key bundle doesn't match the given one.

func DumpConfig

func DumpConfig() *spew.ConfigState

DumpConfig returns the *spew.ConfigState used by DumpRootMetadata and related functions.

func DumpExtraMetadata

func DumpExtraMetadata(
	codec kbfscodec.Codec, extra ExtraMetadata) (string, error)

DumpExtraMetadata returns a detailed dump of the given ExtraMetadata's contents.

func DumpRootMetadata

func DumpRootMetadata(
	codec kbfscodec.Codec, rmd RootMetadata) (string, error)

DumpRootMetadata returns a detailed dump of the given RootMetadata's contents.

func EncodeRootMetadataSigned

func EncodeRootMetadataSigned(
	codec kbfscodec.Codec, rmds *RootMetadataSigned) ([]byte, error)

EncodeRootMetadataSigned serializes a metadata block. This should be used instead of directly calling codec.Encode(), as it handles some version-specific quirks.

Types

type BranchID

type BranchID struct {
	// contains filtered or unexported fields
}

BranchID encapsulates a per-device per-TLF branch ID.

func FakeBranchID

func FakeBranchID(b byte) BranchID

FakeBranchID creates a fake branch ID from the given byte.

func MakeRandomBranchID

func MakeRandomBranchID() (BranchID, error)

MakeRandomBranchID generates a per-device branch ID using a CSPRNG. It will not return LocalSquashBranchID or NullBranchID.

func ParseBranchID

func ParseBranchID(s string) (BranchID, error)

ParseBranchID parses a hex encoded BranchID. Returns NullBranchID and an InvalidBranchID on falire.

func (BranchID) Bytes

func (id BranchID) Bytes() []byte

Bytes returns the bytes of the BranchID.

func (BranchID) MarshalBinary

func (id BranchID) MarshalBinary() (data []byte, err error)

MarshalBinary implements the encoding.BinaryMarshaler interface for BranchID.

func (BranchID) String

func (id BranchID) String() string

String implements the Stringer interface for BranchID.

func (*BranchID) UnmarshalBinary

func (id *BranchID) UnmarshalBinary(data []byte) error

UnmarshalBinary implements the encoding.BinaryUnmarshaler interface for BranchID.

type DeviceKeyInfoMapV2

type DeviceKeyInfoMapV2 map[keybase1.KID]TLFCryptKeyInfo

DeviceKeyInfoMapV2 is a map from a user devices (identified by the KID of the corresponding device CryptPublicKey) to the TLF's symmetric secret key information.

type DeviceKeyInfoMapV3

type DeviceKeyInfoMapV3 map[kbfscrypto.CryptPublicKey]TLFCryptKeyInfo

DeviceKeyInfoMapV3 is a map from a user devices (identified by the corresponding device CryptPublicKey) to the TLF's symmetric secret key information.

func (DeviceKeyInfoMapV3) Size

func (dkimV3 DeviceKeyInfoMapV3) Size() int

Size implements the cache.Measurable interface.

type DeviceKeyServerHalves

DeviceKeyServerHalves is a map from a user devices (identified by the corresponding device CryptPublicKey) to corresponding key server halves.

type DevicePublicKeys

type DevicePublicKeys map[kbfscrypto.CryptPublicKey]bool

DevicePublicKeys is a set of a user's devices (identified by the corresponding device CryptPublicKey).

func (DevicePublicKeys) Equals

func (dpk DevicePublicKeys) Equals(other DevicePublicKeys) bool

Equals returns whether both sets of keys are equal.

type DeviceServerHalfRemovalInfo

type DeviceServerHalfRemovalInfo map[kbfscrypto.CryptPublicKey][]kbfscrypto.TLFCryptKeyServerHalfID

DeviceServerHalfRemovalInfo is a map from a device's crypt public key to a list of server halves to remove.

type EPubKeyLocationV2

type EPubKeyLocationV2 int

EPubKeyLocationV2 represents the location of a user's ephemeral public key. Note that for V2, a reader ePubKey can be in either the writers array (if rekeyed normally) or the readers array (if rekeyed by a reader), but a writer ePubKey can be in either array also; if a reader whose ePubKey is in the readers array is promoted, then the reader becomes a writer whose ePubKey is still in the readers array.

const (
	// WriterEPubKeys means the ephemeral public key is in the
	// writers array.
	WriterEPubKeys EPubKeyLocationV2 = 1
	// ReaderEPubKeys means the ephemeral public key is in the
	// writers array.
	ReaderEPubKeys EPubKeyLocationV2 = 2
)

func GetEphemeralPublicKeyInfoV2

func GetEphemeralPublicKeyInfoV2(info TLFCryptKeyInfo,
	wkb TLFWriterKeyBundleV2, rkb TLFReaderKeyBundleV2) (
	keyLocation EPubKeyLocationV2, index int,
	ePubKey kbfscrypto.TLFEphemeralPublicKey, err error)

GetEphemeralPublicKeyInfoV2 encapsulates all the ugly logic needed to deal with the "negative hack" from RootMetadataV2.UpdateKeyGeneration.

func (EPubKeyLocationV2) String

func (t EPubKeyLocationV2) String() string

type EncryptedMerkleLeaf

type EncryptedMerkleLeaf struct {
	Version       kbfscrypto.EncryptionVer
	EncryptedData []byte
	// contains filtered or unexported fields
}

EncryptedMerkleLeaf is an encrypted Merkle leaf.

func (EncryptedMerkleLeaf) Construct

func (el EncryptedMerkleLeaf) Construct() interface{}

Construct implements the go-merkle-tree.ValueConstructor interface.

func (EncryptedMerkleLeaf) Decrypt

Decrypt decrypts a Merkle leaf node with the given key pair.

type ExtraMetadata

type ExtraMetadata interface {
	MetadataVersion() MetadataVer
	DeepCopy(kbfscodec.Codec) (ExtraMetadata, error)
	MakeSuccessorCopy(kbfscodec.Codec) (ExtraMetadata, error)
}

ExtraMetadata is a per-version blob of extra metadata which may exist outside of the given metadata block, e.g. key bundles for post-v2 metadata.

func FakeInitialRekey

func FakeInitialRekey(md MutableRootMetadata,
	h tlf.Handle, pubKey kbfscrypto.TLFPublicKey) ExtraMetadata

FakeInitialRekey fakes the initial rekey for the given RootMetadata. This is necessary since newly-created RootMetadata objects don't have enough data to build a TlfHandle from until the first rekey. pubKey is non-empty only for server-side tests.

type ExtraMetadataV3

type ExtraMetadataV3 struct {
	// contains filtered or unexported fields
}

ExtraMetadataV3 contains references to key bundles stored outside of metadata blocks. This only ever exists in memory and is never serialized itself.

func NewExtraMetadataV3

func NewExtraMetadataV3(
	wkb TLFWriterKeyBundleV3, rkb TLFReaderKeyBundleV3,
	wkbNew, rkbNew bool) *ExtraMetadataV3

NewExtraMetadataV3 creates a new ExtraMetadataV3 given a pair of key bundles

func (ExtraMetadataV3) DeepCopy

func (extra ExtraMetadataV3) DeepCopy(codec kbfscodec.Codec) (
	ExtraMetadata, error)

DeepCopy implements the ExtraMetadata interface for ExtraMetadataV3.

func (ExtraMetadataV3) GetReaderKeyBundle

func (extra ExtraMetadataV3) GetReaderKeyBundle() TLFReaderKeyBundleV3

GetReaderKeyBundle returns the contained reader key bundle.

func (ExtraMetadataV3) GetWriterKeyBundle

func (extra ExtraMetadataV3) GetWriterKeyBundle() TLFWriterKeyBundleV3

GetWriterKeyBundle returns the contained writer key bundle.

func (ExtraMetadataV3) IsReaderKeyBundleNew

func (extra ExtraMetadataV3) IsReaderKeyBundleNew() bool

IsReaderKeyBundleNew returns whether or not the reader key bundle is new and should be sent to the server on an MD put.

func (ExtraMetadataV3) IsWriterKeyBundleNew

func (extra ExtraMetadataV3) IsWriterKeyBundleNew() bool

IsWriterKeyBundleNew returns whether or not the writer key bundle is new and should be sent to the server on an MD put.

func (ExtraMetadataV3) MakeSuccessorCopy

func (extra ExtraMetadataV3) MakeSuccessorCopy(codec kbfscodec.Codec) (
	ExtraMetadata, error)

MakeSuccessorCopy implements the ExtraMetadata interface for ExtraMetadataV3.

func (ExtraMetadataV3) MetadataVersion

func (extra ExtraMetadataV3) MetadataVersion() MetadataVer

MetadataVersion implements the ExtraMetadata interface for ExtraMetadataV3.

type ID

type ID struct {
	// contains filtered or unexported fields
}

ID is the content-based ID for a metadata block.

func FakeID

func FakeID(b byte) ID

FakeID returns an ID derived from the given byte, suitable for testing.

func MakeID

func MakeID(codec kbfscodec.Codec, md RootMetadata) (ID, error)

MakeID creates a new ID from the given RootMetadata object.

func ParseID

func ParseID(s string) (ID, error)

ParseID parses a hex encoded ID. Returns ID{} and an InvalidIDError on failure.

func (ID) Bytes

func (id ID) Bytes() []byte

Bytes returns the bytes of the MDID.

func (ID) MarshalBinary

func (id ID) MarshalBinary() (data []byte, err error)

MarshalBinary implements the encoding.BinaryMarshaler interface for ID. Returns an error if the ID is invalid and not the zero ID.

func (ID) MarshalText

func (id ID) MarshalText() ([]byte, error)

MarshalText implements the encoding.TextMarshaler interface for ID.

func (ID) String

func (id ID) String() string

func (*ID) UnmarshalBinary

func (id *ID) UnmarshalBinary(data []byte) error

UnmarshalBinary implements the encoding.BinaryUnmarshaler interface for ID. Returns an error if the given byte array is non-empty and the ID is invalid.

func (*ID) UnmarshalText

func (id *ID) UnmarshalText(buf []byte) error

UnmarshalText implements the encoding.TextUnmarshaler interface for ID.

type InvalidBranchID

type InvalidBranchID struct {
	// contains filtered or unexported fields
}

InvalidBranchID indicates whether the branch ID string is not parseable or invalid.

func (InvalidBranchID) Error

func (e InvalidBranchID) Error() string

type InvalidIDError

type InvalidIDError struct {
	// contains filtered or unexported fields
}

InvalidIDError indicates that a metadata ID string is not parseable or invalid.

func (InvalidIDError) Error

func (e InvalidIDError) Error() string

type InvalidKeyGenerationError

type InvalidKeyGenerationError struct {
	TlfID  tlf.ID
	KeyGen KeyGen
}

InvalidKeyGenerationError indicates that an invalid key generation was used.

func (InvalidKeyGenerationError) Error

Error implements the error interface for InvalidKeyGenerationError.

type InvalidMetadataVersionError

type InvalidMetadataVersionError struct {
	TlfID       tlf.ID
	MetadataVer MetadataVer
}

InvalidMetadataVersionError indicates that an invalid metadata version was used.

func (InvalidMetadataVersionError) Error

Error implements the error interface for InvalidMetadataVersionError.

type InvalidNonPrivateTLFOperation

type InvalidNonPrivateTLFOperation struct {
	// contains filtered or unexported fields
}

InvalidNonPrivateTLFOperation indicates that an invalid operation was attempted on a public or team TLF.

func (InvalidNonPrivateTLFOperation) Error

Error implements the error interface for InvalidNonPrivateTLFOperation.

type KeyBundleCache

type KeyBundleCache interface {
	// GetTLFReaderKeyBundle returns the TLFReaderKeyBundleV3 for
	// the given TLFReaderKeyBundleID, or nil if there is none.
	GetTLFReaderKeyBundle(TLFReaderKeyBundleID) (*TLFReaderKeyBundleV3, error)
	// GetTLFWriterKeyBundle returns the TLFWriterKeyBundleV3 for
	// the given TLFWriterKeyBundleID, or nil if there is none.
	GetTLFWriterKeyBundle(TLFWriterKeyBundleID) (*TLFWriterKeyBundleV3, error)
	// PutTLFReaderKeyBundle stores the given TLFReaderKeyBundleV3.
	PutTLFReaderKeyBundle(TLFReaderKeyBundleID, TLFReaderKeyBundleV3)
	// PutTLFWriterKeyBundle stores the given TLFWriterKeyBundleV3.
	PutTLFWriterKeyBundle(TLFWriterKeyBundleID, TLFWriterKeyBundleV3)
}

KeyBundleCache is an interface to a key bundle cache for use with v3 metadata.

type KeyBundleCacheStandard

type KeyBundleCacheStandard struct {
	// contains filtered or unexported fields
}

KeyBundleCacheStandard is an LRU-based implementation of the KeyBundleCache interface.

func NewKeyBundleCacheLRU

func NewKeyBundleCacheLRU(capacityBytes int) *KeyBundleCacheStandard

NewKeyBundleCacheLRU constructs a new KeyBundleCacheStandard with LRU eviction strategy. The capacity of the cache is set to capacityBytes bytes.

func NewKeyBundleCacheRandom

func NewKeyBundleCacheRandom(capacityBytes int) *KeyBundleCacheStandard

NewKeyBundleCacheRandom constructs a new KeyBundleCacheStandard with random eviction strategy. The capacity of the cache is set to capacityBytes bytes.

func (*KeyBundleCacheStandard) GetTLFReaderKeyBundle

func (k *KeyBundleCacheStandard) GetTLFReaderKeyBundle(
	bundleID TLFReaderKeyBundleID) (*TLFReaderKeyBundleV3, error)

GetTLFReaderKeyBundle implements the KeyBundleCache interface for KeyBundleCacheStandard.

func (*KeyBundleCacheStandard) GetTLFWriterKeyBundle

func (k *KeyBundleCacheStandard) GetTLFWriterKeyBundle(
	bundleID TLFWriterKeyBundleID) (*TLFWriterKeyBundleV3, error)

GetTLFWriterKeyBundle implements the KeyBundleCache interface for KeyBundleCacheStandard.

func (*KeyBundleCacheStandard) PutTLFReaderKeyBundle

func (k *KeyBundleCacheStandard) PutTLFReaderKeyBundle(
	bundleID TLFReaderKeyBundleID, rkb TLFReaderKeyBundleV3)

PutTLFReaderKeyBundle implements the KeyBundleCache interface for KeyBundleCacheStandard.

func (*KeyBundleCacheStandard) PutTLFWriterKeyBundle

func (k *KeyBundleCacheStandard) PutTLFWriterKeyBundle(
	bundleID TLFWriterKeyBundleID, wkb TLFWriterKeyBundleV3)

PutTLFWriterKeyBundle implements the KeyBundleCache interface for KeyBundleCacheStandard.

type KeyGen

type KeyGen int

KeyGen is the type of a key generation for a top-level folder.

const (
	// PublicKeyGen is the value used for public TLFs. Note that
	// it is not considered a valid key generation.
	PublicKeyGen KeyGen = -1
	// UnspecifiedKeyGen indicates that the application doesn't have a
	// particular keygen in mind when requesting keys; any keygen will
	// do.
	UnspecifiedKeyGen KeyGen = 0
	// FirstValidKeyGen is the first value that is considered a
	// valid key generation. Note that the nil value is not
	// considered valid.
	FirstValidKeyGen KeyGen = 1
)

type MDDiskUsageMismatch

type MDDiskUsageMismatch struct {
	// contains filtered or unexported fields
}

MDDiskUsageMismatch indicates an inconsistency in the DiskUsage field of a RootMetadata object.

func (MDDiskUsageMismatch) Error

func (e MDDiskUsageMismatch) Error() string

type MDPrevRootMismatch

type MDPrevRootMismatch struct {
	// contains filtered or unexported fields
}

MDPrevRootMismatch indicates that the PrevRoot field of a successor MD doesn't match the metadata ID of its predecessor.

func (MDPrevRootMismatch) Error

func (e MDPrevRootMismatch) Error() string

type MDRevisionMismatch

type MDRevisionMismatch struct {
	Rev  Revision
	Curr Revision
}

MDRevisionMismatch indicates that we tried to apply a revision that was not the next in line.

func (MDRevisionMismatch) Error

func (e MDRevisionMismatch) Error() string

Error implements the error interface for MDRevisionMismatch.

type MDTlfIDMismatch

type MDTlfIDMismatch struct {
	CurrID tlf.ID
	NextID tlf.ID
}

MDTlfIDMismatch indicates that the ID field of a successor MD doesn't match the ID field of its predecessor.

func (MDTlfIDMismatch) Error

func (e MDTlfIDMismatch) Error() string

type MergeStatus

type MergeStatus int

MergeStatus represents the merge status of a TLF.

const (
	// Merged means that the TLF is merged and no conflict
	// resolution needs to be done.
	Merged MergeStatus = iota
	// Unmerged means that the TLF is unmerged and conflict
	// resolution needs to be done. Metadata blocks which
	// represent unmerged history should have a non-null
	// branch ID defined.
	Unmerged
)

func (MergeStatus) String

func (m MergeStatus) String() string

type MerkleHash

type MerkleHash struct {
	// contains filtered or unexported fields
}

MerkleHash is the hash of a RootMetadataSigned block.

func MakeMerkleHash

func MakeMerkleHash(codec kbfscodec.Codec, md *RootMetadataSigned) (MerkleHash, error)

MakeMerkleHash hashes the given signed RootMetadata object.

func (MerkleHash) Bytes

func (h MerkleHash) Bytes() []byte

Bytes returns the bytes of the MerkleHash.

func (MerkleHash) MarshalBinary

func (h MerkleHash) MarshalBinary() (data []byte, err error)

MarshalBinary implements the encoding.BinaryMarshaler interface for MerkleHash. Returns an error if the MerkleHash is invalid and not the zero MerkleHash.

func (MerkleHash) String

func (h MerkleHash) String() string

String returns the string form of the MerkleHash.

func (*MerkleHash) UnmarshalBinary

func (h *MerkleHash) UnmarshalBinary(data []byte) error

UnmarshalBinary implements the encoding.BinaryUnmarshaler interface for MerkleHash. Returns an error if the given byte array is non-empty and the MerkleHash is invalid.

type MerkleLeaf

type MerkleLeaf struct {
	Revision  Revision
	Hash      MerkleHash // hash of the signed metadata object
	Timestamp int64
	// contains filtered or unexported fields
}

MerkleLeaf is the value of a Merkle leaf node.

func (MerkleLeaf) Construct

func (l MerkleLeaf) Construct() interface{}

Construct implements the go-merkle-tree.ValueConstructor interface.

func (MerkleLeaf) Encrypt

Encrypt encrypts a Merkle leaf node with the given key pair.

type MerkleRoot

type MerkleRoot struct {
	Version   int                               `codec:"v"`
	TreeID    keybase1.MerkleTreeID             `codec:"t"`
	SeqNo     int64                             `codec:"sn"`
	Timestamp int64                             `codec:"ts"`
	Hash      merkle.Hash                       `codec:"h"`
	PrevRoot  merkle.Hash                       `codec:"pr"`
	EPubKey   *kbfscrypto.TLFEphemeralPublicKey `codec:"epk,omitempty"` // these two are only necessary with encrypted leaves.
	Nonce     *[24]byte                         `codec:"non,omitempty"` // the public tree leaves are in the clear.
}

MerkleRoot represents a signed Merkle tree root.

type MetadataFlags

type MetadataFlags byte

MetadataFlags bitfield.

const (
	MetadataFlagRekey MetadataFlags = 1 << iota
	MetadataFlagWriterMetadataCopied
	MetadataFlagFinal
)

Possible flags set in the MetadataFlags bitfield.

func (MetadataFlags) String

func (flags MetadataFlags) String() string

type MetadataIsFinalError

type MetadataIsFinalError struct {
}

MetadataIsFinalError indicates that we tried to make or set a successor to a finalized folder.

func (MetadataIsFinalError) Error

func (e MetadataIsFinalError) Error() string

Error implements the error interface for MetadataIsFinalError.

type MetadataVer

type MetadataVer int

MetadataVer is the type of a version for marshalled KBFS metadata structures.

const (
	// FirstValidMetadataVer is the first value that is considered a
	// valid data version. For historical reasons 0 is considered
	// valid.
	FirstValidMetadataVer MetadataVer = 0
	// PreExtraMetadataVer is the latest metadata version that did not include
	// support for extra MD fields.
	PreExtraMetadataVer MetadataVer = 1
	// InitialExtraMetadataVer is the first metadata version that did
	// include support for extra MD fields.
	InitialExtraMetadataVer MetadataVer = 2
	// SegregatedKeyBundlesVer is the first metadata version to allow separate
	// storage of key bundles.
	SegregatedKeyBundlesVer MetadataVer = 3
	// ImplicitTeamsVer is the first metadata version to allow private
	// and public TLFs to be backed by implicit teams (and thus use
	// service-provided encryption keys).  An MD of this version is
	// data-compatible with `SegregatedKeyBundlesVer`, it's just the
	// keys-getting process that's different.  This version bump is
	// more intended to provide older clients with a nice "you need to
	// upgrade" message, rather than to represent any underlying
	// incompatibility.
	ImplicitTeamsVer MetadataVer = 4
)

func (MetadataVer) String

func (v MetadataVer) String() string

type MissingDataError

type MissingDataError struct {
	// contains filtered or unexported fields
}

MissingDataError indicates that we are trying to take get the metadata ID of a MD object with no serialized data field.

func (MissingDataError) Error

func (e MissingDataError) Error() string

Error implements the error interface for MissingDataError

type MutableRootMetadata

type MutableRootMetadata interface {
	RootMetadata

	// SetRefBytes sets the number of newly referenced bytes of data blocks introduced by this revision of metadata.
	SetRefBytes(refBytes uint64)
	// SetUnrefBytes sets the number of newly unreferenced bytes introduced by this revision of metadata.
	SetUnrefBytes(unrefBytes uint64)
	// SetMDRefBytes sets the number of newly referenced bytes of MD blocks introduced by this revision of metadata.
	SetMDRefBytes(mdRefBytes uint64)
	// SetDiskUsage sets the estimated disk usage for the folder as of this revision of metadata.
	SetDiskUsage(diskUsage uint64)
	// SetMDDiskUsage sets the estimated MD disk usage for the folder as of this revision of metadata.
	SetMDDiskUsage(mdDiskUsage uint64)
	// AddRefBytes increments the number of newly referenced bytes of data blocks introduced by this revision of metadata.
	AddRefBytes(refBytes uint64)
	// AddUnrefBytes increments the number of newly unreferenced bytes introduced by this revision of metadata.
	AddUnrefBytes(unrefBytes uint64)
	// AddMDRefBytes increments the number of newly referenced bytes of MD blocks introduced by this revision of metadata.
	AddMDRefBytes(mdRefBytes uint64)
	// AddDiskUsage increments the estimated disk usage for the folder as of this revision of metadata.
	AddDiskUsage(diskUsage uint64)
	// AddMDDiskUsage increments the estimated MD disk usage for the folder as of this revision of metadata.
	AddMDDiskUsage(mdDiskUsage uint64)
	// ClearRekeyBit unsets any set rekey bit.
	ClearRekeyBit()
	// ClearWriterMetadataCopiedBit unsets any set writer metadata copied bit.
	ClearWriterMetadataCopiedBit()
	// ClearFinalBit unsets any final bit.
	ClearFinalBit()
	// SetUnmerged sets the unmerged bit.
	SetUnmerged()
	// SetBranchID sets the branch ID for this metadata revision.
	SetBranchID(bid BranchID)
	// SetPrevRoot sets the hash of the previous metadata revision.
	SetPrevRoot(mdID ID)
	// SetSerializedPrivateMetadata sets the serialized private metadata.
	SetSerializedPrivateMetadata(spmd []byte)
	// SignWriterMetadataInternally signs the writer metadata, for
	// versions that store this signature inside the metadata.
	SignWriterMetadataInternally(ctx context.Context,
		codec kbfscodec.Codec, signer kbfscrypto.Signer) error
	// SetLastModifyingWriter sets the UID of the last user to modify the writer metadata.
	SetLastModifyingWriter(user keybase1.UID)
	// SetLastModifyingUser sets the UID of the last user to modify any of the metadata.
	SetLastModifyingUser(user keybase1.UID)
	// SetRekeyBit sets the rekey bit.
	SetRekeyBit()
	// SetFinalBit sets the finalized bit.
	SetFinalBit()
	// SetWriterMetadataCopiedBit set the writer metadata copied bit.
	SetWriterMetadataCopiedBit()
	// SetRevision sets the revision number of the underlying metadata.
	SetRevision(revision Revision)
	// SetUnresolvedReaders sets the list of unresolved readers associated with this folder.
	SetUnresolvedReaders(readers []keybase1.SocialAssertion)
	// SetUnresolvedWriters sets the list of unresolved writers associated with this folder.
	SetUnresolvedWriters(writers []keybase1.SocialAssertion)
	// SetConflictInfo sets any conflict info associated with this metadata revision.
	SetConflictInfo(ci *tlf.HandleExtension)
	// SetFinalizedInfo sets any finalized info associated with this metadata revision.
	SetFinalizedInfo(fi *tlf.HandleExtension)
	// SetWriters sets the list of writers associated with this folder.
	SetWriters(writers []keybase1.UserOrTeamID)
	// ClearForV4Migration clears out data not needed for an upgrade
	// to an implicit-team-backed TLF.  Note that `SetWriters` should
	// also be called separately to set the new team ID as a writer.
	ClearForV4Migration()
	// SetTlfID sets the ID of the underlying folder in the metadata structure.
	SetTlfID(tlf tlf.ID)

	// AddKeyGeneration adds a new key generation to this revision
	// of metadata. If StoresHistoricTLFCryptKeys is false, then
	// currCryptKey must be zero. Otherwise, currCryptKey must be
	// zero if there are no existing key generations, and non-zero
	// for otherwise.
	//
	// AddKeyGeneration must only be called on metadata for
	// private TLFs.
	//
	// Note that the TLFPrivateKey corresponding to privKey must
	// also be stored in PrivateMetadata.
	AddKeyGeneration(codec kbfscodec.Codec, currExtra ExtraMetadata,
		updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
		ePubKey kbfscrypto.TLFEphemeralPublicKey,
		ePrivKey kbfscrypto.TLFEphemeralPrivateKey,
		pubKey kbfscrypto.TLFPublicKey,
		currCryptKey, nextCryptKey kbfscrypto.TLFCryptKey) (
		nextExtra ExtraMetadata,
		serverHalves UserDeviceKeyServerHalves, err error)

	// SetLatestKeyGenerationForTeamTLF sets the latest key generation
	// number of a team TLF.  It is not valid to call this for
	// anything but a team TLF.
	SetLatestKeyGenerationForTeamTLF(keyGen KeyGen)

	// UpdateKeyBundles ensures that every device for every writer
	// and reader in the provided lists has complete TLF crypt key
	// info, and uses the new ephemeral key pair to generate the
	// info if it doesn't yet exist. tlfCryptKeys must contain an
	// entry for each key generation in KeyGenerationsToUpdate(),
	// in ascending order.
	//
	// updatedWriterKeys and updatedReaderKeys usually contains
	// the full maps of writers to per-device crypt public keys,
	// but for reader rekey, updatedWriterKeys will be empty and
	// updatedReaderKeys will contain only a single entry.
	//
	// UpdateKeyBundles must only be called on metadata for
	// private TLFs.
	//
	// An array of server halves to push to the server are
	// returned, with each entry corresponding to each key
	// generation in KeyGenerationsToUpdate(), in ascending order.
	UpdateKeyBundles(codec kbfscodec.Codec, extra ExtraMetadata,
		updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
		ePubKey kbfscrypto.TLFEphemeralPublicKey,
		ePrivKey kbfscrypto.TLFEphemeralPrivateKey,
		tlfCryptKeys []kbfscrypto.TLFCryptKey) (
		[]UserDeviceKeyServerHalves, error)

	// PromoteReaders converts the given set of users (which may
	// be empty) from readers to writers.
	PromoteReaders(readersToPromote map[keybase1.UID]bool,
		extra ExtraMetadata) error

	// RevokeRemovedDevices removes key info for any device not in
	// the given maps, and returns a corresponding map of server
	// halves to delete from the server.
	//
	// Note: the returned server halves may not be for all key
	// generations, e.g. for MDv3 it's only for the latest key
	// generation.
	RevokeRemovedDevices(
		updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
		extra ExtraMetadata) (ServerHalfRemovalInfo, error)

	// FinalizeRekey must be called called after all rekeying work
	// has been performed on the underlying metadata.
	FinalizeRekey(codec kbfscodec.Codec, extra ExtraMetadata) error
}

MutableRootMetadata is a mutable interface to the bare serializeable MD that is signed by the reader or writer.

func DecodeRootMetadata

func DecodeRootMetadata(codec kbfscodec.Codec, tlfID tlf.ID,
	ver, max MetadataVer, buf []byte) (MutableRootMetadata, error)

DecodeRootMetadata deserializes a metadata block into the specified versioned structure.

func MakeInitialRootMetadata

func MakeInitialRootMetadata(
	ver MetadataVer, tlfID tlf.ID, h tlf.Handle) (
	MutableRootMetadata, error)

MakeInitialRootMetadata creates a new MutableRootMetadata instance of the given MetadataVer with revision RevisionInitial, and the given TLF ID and handle. Note that if the given ID/handle are private, rekeying must be done separately.

type MutableRootMetadataNoImplError

type MutableRootMetadataNoImplError struct {
}

MutableRootMetadataNoImplError is returned when an interface expected to implement MutableRootMetadata does not do so.

func (MutableRootMetadataNoImplError) Error

Error implements the error interface for MutableRootMetadataNoImplError

type NewKeyGenerationError

type NewKeyGenerationError struct {
	TlfID  tlf.ID
	KeyGen KeyGen
}

NewKeyGenerationError indicates that the data at the given path has been written using keys that our client doesn't have.

func (NewKeyGenerationError) Error

func (e NewKeyGenerationError) Error() string

Error implements the error interface for NewKeyGenerationError.

type NewMerkleVersionError

type NewMerkleVersionError struct {
	Version int
}

NewMerkleVersionError indicates that the merkle tree on the server is using a new metadata version that our client doesn't understand.

func (NewMerkleVersionError) Error

func (e NewMerkleVersionError) Error() string

Error implements the error interface for NewMerkleVersionError.

type NewMetadataVersionError

type NewMetadataVersionError struct {
	Tlf         tlf.ID
	MetadataVer MetadataVer
}

NewMetadataVersionError indicates that the metadata for the given folder has been written using a new metadata version that our client doesn't understand.

func (NewMetadataVersionError) Error

func (e NewMetadataVersionError) Error() string

Error implements the error interface for NewMetadataVersionError.

type Revision

type Revision int64

Revision is the type for the revision number. This is currently int64 since that's the type of Avro's long.

func (Revision) Number

func (mr Revision) Number() int64

Number casts a Revision to it's primitive type.

func (Revision) String

func (mr Revision) String() string

String converts a Revision to its string form.

type RootMetadata

type RootMetadata interface {
	// TlfID returns the ID of the TLF this RootMetadata is for.
	TlfID() tlf.ID
	// TypeForKeying returns the keying type for this RootMetadata.
	TypeForKeying() tlf.KeyingType
	// KeyGenerationsToUpdate returns a range that has to be
	// updated when rekeying. start is included, but end is not
	// included. This range can be empty (i.e., start >= end), in
	// which case there's nothing to update, i.e. the TLF is
	// public, or there aren't any existing key generations.
	KeyGenerationsToUpdate() (start KeyGen, end KeyGen)
	// LatestKeyGeneration returns the most recent key generation in this
	// RootMetadata, or PublicKeyGen if this TLF is public.
	LatestKeyGeneration() KeyGen
	// IsValidRekeyRequest returns true if the current block is a simple rekey wrt
	// the passed block.
	IsValidRekeyRequest(codec kbfscodec.Codec, prevMd RootMetadata,
		user keybase1.UID, prevExtra, extra ExtraMetadata) (bool, error)
	// MergedStatus returns the status of this update -- has it been
	// merged into the main folder or not?
	MergedStatus() MergeStatus
	// IsRekeySet returns true if the rekey bit is set.
	IsRekeySet() bool
	// IsWriterMetadataCopiedSet returns true if the bit is set indicating
	// the writer metadata was copied.
	IsWriterMetadataCopiedSet() bool
	// IsFinal returns true if this is the last metadata block for a given
	// folder.  This is only expected to be set for folder resets.
	IsFinal() bool
	// IsWriter returns whether or not the user+device is an authorized writer.
	IsWriter(ctx context.Context, user keybase1.UID,
		cryptKey kbfscrypto.CryptPublicKey,
		verifyingKey kbfscrypto.VerifyingKey,
		teamMemChecker TeamMembershipChecker, extra ExtraMetadata) (bool, error)
	// IsReader returns whether or not the user+device is an authorized reader.
	IsReader(ctx context.Context, user keybase1.UID,
		cryptKey kbfscrypto.CryptPublicKey,
		teamMemChecker TeamMembershipChecker, extra ExtraMetadata) (bool, error)
	// DeepCopy returns a deep copy of the underlying data structure.
	DeepCopy(codec kbfscodec.Codec) (MutableRootMetadata, error)
	// MakeSuccessorCopy returns a newly constructed successor
	// copy to this metadata revision.  It differs from DeepCopy
	// in that it can perform an up conversion to a new metadata
	// version. tlfCryptKeyGetter should be a function that
	// returns a list of TLFCryptKeys for all key generations in
	// ascending order.
	MakeSuccessorCopy(codec kbfscodec.Codec,
		extra ExtraMetadata, latestMDVer MetadataVer,
		tlfCryptKeyGetter func() ([]kbfscrypto.TLFCryptKey, error),
		isReadableAndWriter bool) (mdCopy MutableRootMetadata,
		extraCopy ExtraMetadata, err error)
	// CheckValidSuccessor makes sure the given RootMetadata is a valid
	// successor to the current one, and returns an error otherwise.
	CheckValidSuccessor(currID ID, nextMd RootMetadata) error
	// CheckValidSuccessorForServer is like CheckValidSuccessor but with
	// server-specific error messages.
	CheckValidSuccessorForServer(currID ID, nextMd RootMetadata) error
	// MakeBareTlfHandle makes a tlf.Handle for this
	// RootMetadata. Should be used only by servers and MDOps.
	MakeBareTlfHandle(extra ExtraMetadata) (tlf.Handle, error)
	// TlfHandleExtensions returns a list of handle extensions associated with the TLf.
	TlfHandleExtensions() (extensions []tlf.HandleExtension)
	// GetDevicePublicKeys returns the kbfscrypto.CryptPublicKeys
	// for all known users and devices. Returns an error if the
	// TLF is public.
	GetUserDevicePublicKeys(extra ExtraMetadata) (
		writers, readers UserDevicePublicKeys, err error)
	// GetTLFCryptKeyParams returns all the necessary info to construct
	// the TLF crypt key for the given key generation, user, and device
	// (identified by its crypt public key), or false if not found. This
	// returns an error if the TLF is public.
	GetTLFCryptKeyParams(keyGen KeyGen, user keybase1.UID,
		key kbfscrypto.CryptPublicKey, extra ExtraMetadata) (
		kbfscrypto.TLFEphemeralPublicKey,
		kbfscrypto.EncryptedTLFCryptKeyClientHalf,
		kbfscrypto.TLFCryptKeyServerHalfID, bool, error)
	// IsValidAndSigned verifies the RootMetadata, checks the
	// writer signature, and returns an error if a problem was
	// found. This should be the first thing checked on a BRMD
	// retrieved from an untrusted source, and then the signing
	// user and key should be validated, either by comparing to
	// the current device key (using IsLastModifiedBy), or by
	// checking with KBPKI.
	IsValidAndSigned(ctx context.Context, codec kbfscodec.Codec,
		teamMemChecker TeamMembershipChecker,
		extra ExtraMetadata, writerVerifyingKey kbfscrypto.VerifyingKey) error
	// IsLastModifiedBy verifies that the RootMetadata is
	// written by the given user and device (identified by the
	// device verifying key), and returns an error if not.
	IsLastModifiedBy(uid keybase1.UID, key kbfscrypto.VerifyingKey) error
	// LastModifyingWriter return the UID of the last user to modify the writer metadata.
	LastModifyingWriter() keybase1.UID
	// LastModifyingUser return the UID of the last user to modify the any of the metadata.
	GetLastModifyingUser() keybase1.UID
	// RefBytes returns the number of newly referenced bytes of data blocks introduced by this revision of metadata.
	RefBytes() uint64
	// UnrefBytes returns the number of newly unreferenced bytes introduced by this revision of metadata.
	UnrefBytes() uint64
	// MDRefBytes returns the number of newly referenced bytes of MD blocks introduced by this revision of metadata.
	MDRefBytes() uint64
	// DiskUsage returns the estimated disk usage for the folder as of this revision of metadata.
	DiskUsage() uint64
	// MDDiskUsage returns the estimated MD disk usage for the folder as of this revision of metadata.
	MDDiskUsage() uint64
	// RevisionNumber returns the revision number associated with this metadata structure.
	RevisionNumber() Revision
	// BID returns the per-device branch ID associated with this metadata revision.
	BID() BranchID
	// GetPrevRoot returns the hash of the previous metadata revision.
	GetPrevRoot() ID
	// IsUnmergedSet returns true if the unmerged bit is set.
	IsUnmergedSet() bool
	// GetSerializedPrivateMetadata returns the serialized private metadata as a byte slice.
	GetSerializedPrivateMetadata() []byte
	// GetSerializedWriterMetadata serializes the underlying writer metadata and returns the result.
	GetSerializedWriterMetadata(codec kbfscodec.Codec) ([]byte, error)
	// Version returns the metadata version.
	Version() MetadataVer
	// GetCurrentTLFPublicKey returns the TLF public key for the
	// current key generation.
	GetCurrentTLFPublicKey(ExtraMetadata) (kbfscrypto.TLFPublicKey, error)
	// GetUnresolvedParticipants returns any unresolved readers
	// and writers present in this revision of metadata. The
	// returned array should be safe to modify by the caller.
	GetUnresolvedParticipants() []keybase1.SocialAssertion
	// GetTLFWriterKeyBundleID returns the ID of the externally-stored writer key bundle, or the zero value if
	// this object stores it internally.
	GetTLFWriterKeyBundleID() TLFWriterKeyBundleID
	// GetTLFReaderKeyBundleID returns the ID of the externally-stored reader key bundle, or the zero value if
	// this object stores it internally.
	GetTLFReaderKeyBundleID() TLFReaderKeyBundleID
	// StoresHistoricTLFCryptKeys returns whether or not history keys are symmetrically encrypted; if not, they're
	// encrypted per-device.
	StoresHistoricTLFCryptKeys() bool
	// GetHistoricTLFCryptKey attempts to symmetrically decrypt the key at the given
	// generation using the current generation's TLFCryptKey.
	GetHistoricTLFCryptKey(codec kbfscodec.Codec, keyGen KeyGen,
		currentKey kbfscrypto.TLFCryptKey, extra ExtraMetadata) (
		kbfscrypto.TLFCryptKey, error)
}

RootMetadata is a read-only interface to the bare serializeable MD that is signed by the reader or writer.

type RootMetadataSigned

type RootMetadataSigned struct {
	// SigInfo is the signature over the root metadata by the
	// last modifying user's private signing key.
	SigInfo kbfscrypto.SignatureInfo
	// WriterSigInfo is the signature over the writer metadata by
	// the last modifying writer's private signing key.
	WriterSigInfo kbfscrypto.SignatureInfo
	// all the metadata
	MD RootMetadata
}

RootMetadataSigned is the top-level MD object stored in MD server

func DecodeRootMetadataSigned

func DecodeRootMetadataSigned(
	codec kbfscodec.Codec, tlf tlf.ID, ver, max MetadataVer, buf []byte) (
	*RootMetadataSigned, error)

DecodeRootMetadataSigned deserializes a metadata block into the specified versioned structure.

func SignRootMetadata

func SignRootMetadata(
	ctx context.Context, codec kbfscodec.Codec,
	rootMetadataSigner, writerMetadataSigner kbfscrypto.Signer,
	brmd RootMetadata) (*RootMetadataSigned, error)

SignRootMetadata signs the given RootMetadata and returns a *RootMetadataSigned object. rootMetadataSigner and writerMetadataSigner should be the same, except in tests.

func (*RootMetadataSigned) GetWriterMetadataSigInfo

func (rmds *RootMetadataSigned) GetWriterMetadataSigInfo() kbfscrypto.SignatureInfo

GetWriterMetadataSigInfo returns the signature of the writer metadata.

func (*RootMetadataSigned) IsLastModifiedBy

func (rmds *RootMetadataSigned) IsLastModifiedBy(
	uid keybase1.UID, key kbfscrypto.VerifyingKey) error

IsLastModifiedBy verifies that the RootMetadataSigned is written by the given user and device (identified by the device verifying key), and returns an error if not.

func (*RootMetadataSigned) IsValidAndSigned

func (rmds *RootMetadataSigned) IsValidAndSigned(
	ctx context.Context, codec kbfscodec.Codec,
	teamMemChecker TeamMembershipChecker, extra ExtraMetadata) error

IsValidAndSigned verifies the RootMetadataSigned, checks the root signature, and returns an error if a problem was found. This should be the first thing checked on an RMDS retrieved from an untrusted source, and then the signing users and keys should be validated, either by comparing to the current device key (using IsLastModifiedBy), or by checking with KBPKI.

func (*RootMetadataSigned) MakeFinalCopy

func (rmds *RootMetadataSigned) MakeFinalCopy(
	codec kbfscodec.Codec, finalizedInfo *tlf.HandleExtension) (*RootMetadataSigned, error)

MakeFinalCopy returns a complete copy of this RootMetadataSigned with the revision incremented and the final bit set.

func (*RootMetadataSigned) Version

func (rmds *RootMetadataSigned) Version() MetadataVer

Version returns the metadata version of this MD block, depending on which features it uses.

type RootMetadataV2

type RootMetadataV2 struct {
	// The metadata that is only editable by the writer.
	//
	// TODO: If we ever get a chance to update RootMetadata
	// without having to be backwards-compatible, WriterMetadata
	// should be unembedded; see comments to WriterMetadata as for
	// why.
	WriterMetadataV2

	// The signature for the writer metadata, to prove
	// that it's only been changed by writers.
	WriterMetadataSigInfo kbfscrypto.SignatureInfo

	// The last KB user who modified this RootMetadata
	LastModifyingUser keybase1.UID
	// Flags
	Flags MetadataFlags
	// The revision number
	Revision Revision
	// Pointer to the previous root block ID
	PrevRoot ID
	// For private TLFs. Reader key generations for this metadata. The
	// most recent one is last in the array. Must be same length as
	// WriterMetadata.WKeys. If there are no readers, each generation
	// is empty.
	RKeys TLFReaderKeyGenerationsV2 `codec:",omitempty"`
	// For private TLFs. Any unresolved social assertions for readers.
	UnresolvedReaders []keybase1.SocialAssertion `codec:"ur,omitempty"`

	// ConflictInfo is set if there's a conflict for the given folder's
	// handle after a social assertion resolution.
	ConflictInfo *tlf.HandleExtension `codec:"ci,omitempty"`

	// FinalizedInfo is set if there are no more valid writer keys capable
	// of writing to the given folder.
	FinalizedInfo *tlf.HandleExtension `codec:"fi,omitempty"`

	codec.UnknownFieldSetHandler
}

RootMetadataV2 is the MD that is signed by the reader or writer. Unlike RootMetadata, it contains exactly the serializable metadata.

func MakeInitialRootMetadataV2

func MakeInitialRootMetadataV2(tlfID tlf.ID, h tlf.Handle) (
	*RootMetadataV2, error)

MakeInitialRootMetadataV2 creates a new RootMetadataV2 object with revision RevisionInitial, and the given TLF ID and handle. Note that if the given ID/handle are private, rekeying must be done separately.

func (*RootMetadataV2) AddDiskUsage

func (md *RootMetadataV2) AddDiskUsage(diskUsage uint64)

AddDiskUsage implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) AddKeyGeneration

func (md *RootMetadataV2) AddKeyGeneration(
	codec kbfscodec.Codec, extra ExtraMetadata,
	updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
	ePubKey kbfscrypto.TLFEphemeralPublicKey,
	ePrivKey kbfscrypto.TLFEphemeralPrivateKey,
	pubKey kbfscrypto.TLFPublicKey,
	currCryptKey, nextCryptKey kbfscrypto.TLFCryptKey) (
	nextExtra ExtraMetadata,
	serverHalves UserDeviceKeyServerHalves, err error)

AddKeyGeneration implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) AddMDDiskUsage

func (md *RootMetadataV2) AddMDDiskUsage(mdDiskUsage uint64)

AddMDDiskUsage implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) AddMDRefBytes

func (md *RootMetadataV2) AddMDRefBytes(mdRefBytes uint64)

AddMDRefBytes implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) AddRefBytes

func (md *RootMetadataV2) AddRefBytes(refBytes uint64)

AddRefBytes implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) AddUnrefBytes

func (md *RootMetadataV2) AddUnrefBytes(unrefBytes uint64)

AddUnrefBytes implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) BID

func (md *RootMetadataV2) BID() BranchID

BID implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) CheckValidSuccessor

func (md *RootMetadataV2) CheckValidSuccessor(
	currID ID, nextMd RootMetadata) error

CheckValidSuccessor implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) CheckValidSuccessorForServer

func (md *RootMetadataV2) CheckValidSuccessorForServer(
	currID ID, nextMd RootMetadata) error

CheckValidSuccessorForServer implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) ClearFinalBit

func (md *RootMetadataV2) ClearFinalBit()

ClearFinalBit implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) ClearForV4Migration

func (md *RootMetadataV2) ClearForV4Migration()

ClearForV4Migration implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) ClearRekeyBit

func (md *RootMetadataV2) ClearRekeyBit()

ClearRekeyBit implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) ClearWriterMetadataCopiedBit

func (md *RootMetadataV2) ClearWriterMetadataCopiedBit()

ClearWriterMetadataCopiedBit implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) DeepCopy

func (md *RootMetadataV2) DeepCopy(
	codec kbfscodec.Codec) (MutableRootMetadata, error)

DeepCopy implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) DiskUsage

func (md *RootMetadataV2) DiskUsage() uint64

DiskUsage implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) FinalizeRekey

func (md *RootMetadataV2) FinalizeRekey(
	_ kbfscodec.Codec, _ ExtraMetadata) error

FinalizeRekey implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetCurrentTLFPublicKey

func (md *RootMetadataV2) GetCurrentTLFPublicKey(
	_ ExtraMetadata) (kbfscrypto.TLFPublicKey, error)

GetCurrentTLFPublicKey implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetHistoricTLFCryptKey

GetHistoricTLFCryptKey implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetLastModifyingUser

func (md *RootMetadataV2) GetLastModifyingUser() keybase1.UID

GetLastModifyingUser implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetPrevRoot

func (md *RootMetadataV2) GetPrevRoot() ID

GetPrevRoot implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetSerializedPrivateMetadata

func (md *RootMetadataV2) GetSerializedPrivateMetadata() []byte

GetSerializedPrivateMetadata implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetSerializedWriterMetadata

func (md *RootMetadataV2) GetSerializedWriterMetadata(
	codec kbfscodec.Codec) ([]byte, error)

GetSerializedWriterMetadata implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetTLFCryptKeyParams

GetTLFCryptKeyParams implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetTLFReaderKeyBundleID

func (md *RootMetadataV2) GetTLFReaderKeyBundleID() TLFReaderKeyBundleID

GetTLFReaderKeyBundleID implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetTLFWriterKeyBundleID

func (md *RootMetadataV2) GetTLFWriterKeyBundleID() TLFWriterKeyBundleID

GetTLFWriterKeyBundleID implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetUnresolvedParticipants

func (md *RootMetadataV2) GetUnresolvedParticipants() []keybase1.SocialAssertion

GetUnresolvedParticipants implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) GetUserDevicePublicKeys

func (md *RootMetadataV2) GetUserDevicePublicKeys(_ ExtraMetadata) (
	writerDeviceKeys, readerDeviceKeys UserDevicePublicKeys, err error)

GetUserDevicePublicKeys implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsFinal

func (md *RootMetadataV2) IsFinal() bool

IsFinal implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsLastModifiedBy

func (md *RootMetadataV2) IsLastModifiedBy(
	uid keybase1.UID, key kbfscrypto.VerifyingKey) error

IsLastModifiedBy implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsReader

IsReader implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsRekeySet

func (md *RootMetadataV2) IsRekeySet() bool

IsRekeySet implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsUnmergedSet

func (md *RootMetadataV2) IsUnmergedSet() bool

IsUnmergedSet implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsValidAndSigned

IsValidAndSigned implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsValidRekeyRequest

func (md *RootMetadataV2) IsValidRekeyRequest(
	codec kbfscodec.Codec, prevBareMd RootMetadata,
	user keybase1.UID, _, _ ExtraMetadata) (bool, error)

IsValidRekeyRequest implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsWriter

IsWriter implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) IsWriterMetadataCopiedSet

func (md *RootMetadataV2) IsWriterMetadataCopiedSet() bool

IsWriterMetadataCopiedSet implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) KeyGenerationsToUpdate

func (md *RootMetadataV2) KeyGenerationsToUpdate() (KeyGen, KeyGen)

KeyGenerationsToUpdate implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) LastModifyingWriter

func (md *RootMetadataV2) LastModifyingWriter() keybase1.UID

LastModifyingWriter implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) LatestKeyGeneration

func (md *RootMetadataV2) LatestKeyGeneration() KeyGen

LatestKeyGeneration implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) MDDiskUsage

func (md *RootMetadataV2) MDDiskUsage() uint64

MDDiskUsage implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) MDRefBytes

func (md *RootMetadataV2) MDRefBytes() uint64

MDRefBytes implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) MakeBareTlfHandle

func (md *RootMetadataV2) MakeBareTlfHandle(_ ExtraMetadata) (
	tlf.Handle, error)

MakeBareTlfHandle implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) MakeSuccessorCopy

func (md *RootMetadataV2) MakeSuccessorCopy(
	codec kbfscodec.Codec, extra ExtraMetadata, latestMDVer MetadataVer,
	tlfCryptKeyGetter func() ([]kbfscrypto.TLFCryptKey, error),
	isReadableAndWriter bool) (
	MutableRootMetadata, ExtraMetadata, error)

MakeSuccessorCopy implements the ImmutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) MergedStatus

func (md *RootMetadataV2) MergedStatus() MergeStatus

MergedStatus implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) PromoteReaders

func (md *RootMetadataV2) PromoteReaders(
	readersToPromote map[keybase1.UID]bool,
	_ ExtraMetadata) error

PromoteReaders implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) RefBytes

func (md *RootMetadataV2) RefBytes() uint64

RefBytes implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) RevisionNumber

func (md *RootMetadataV2) RevisionNumber() Revision

RevisionNumber implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) RevokeRemovedDevices

func (md *RootMetadataV2) RevokeRemovedDevices(
	updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
	_ ExtraMetadata) (ServerHalfRemovalInfo, error)

RevokeRemovedDevices implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetBranchID

func (md *RootMetadataV2) SetBranchID(bid BranchID)

SetBranchID implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetConflictInfo

func (md *RootMetadataV2) SetConflictInfo(ci *tlf.HandleExtension)

SetConflictInfo implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetDiskUsage

func (md *RootMetadataV2) SetDiskUsage(diskUsage uint64)

SetDiskUsage implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetFinalBit

func (md *RootMetadataV2) SetFinalBit()

SetFinalBit implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetFinalizedInfo

func (md *RootMetadataV2) SetFinalizedInfo(fi *tlf.HandleExtension)

SetFinalizedInfo implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetLastModifyingUser

func (md *RootMetadataV2) SetLastModifyingUser(user keybase1.UID)

SetLastModifyingUser implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetLastModifyingWriter

func (md *RootMetadataV2) SetLastModifyingWriter(user keybase1.UID)

SetLastModifyingWriter implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetLatestKeyGenerationForTeamTLF

func (md *RootMetadataV2) SetLatestKeyGenerationForTeamTLF(keyGen KeyGen)

SetLatestKeyGenerationForTeamTLF implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetMDDiskUsage

func (md *RootMetadataV2) SetMDDiskUsage(mdDiskUsage uint64)

SetMDDiskUsage implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetMDRefBytes

func (md *RootMetadataV2) SetMDRefBytes(mdRefBytes uint64)

SetMDRefBytes implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetPrevRoot

func (md *RootMetadataV2) SetPrevRoot(mdID ID)

SetPrevRoot implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetRefBytes

func (md *RootMetadataV2) SetRefBytes(refBytes uint64)

SetRefBytes implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetRekeyBit

func (md *RootMetadataV2) SetRekeyBit()

SetRekeyBit implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetRevision

func (md *RootMetadataV2) SetRevision(revision Revision)

SetRevision implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetSerializedPrivateMetadata

func (md *RootMetadataV2) SetSerializedPrivateMetadata(spmd []byte)

SetSerializedPrivateMetadata implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetTlfID

func (md *RootMetadataV2) SetTlfID(tlf tlf.ID)

SetTlfID implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetUnmerged

func (md *RootMetadataV2) SetUnmerged()

SetUnmerged implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetUnrefBytes

func (md *RootMetadataV2) SetUnrefBytes(unrefBytes uint64)

SetUnrefBytes implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetUnresolvedReaders

func (md *RootMetadataV2) SetUnresolvedReaders(readers []keybase1.SocialAssertion)

SetUnresolvedReaders implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetUnresolvedWriters

func (md *RootMetadataV2) SetUnresolvedWriters(writers []keybase1.SocialAssertion)

SetUnresolvedWriters implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetWriterMetadataCopiedBit

func (md *RootMetadataV2) SetWriterMetadataCopiedBit()

SetWriterMetadataCopiedBit implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SetWriters

func (md *RootMetadataV2) SetWriters(writers []keybase1.UserOrTeamID)

SetWriters implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) SignWriterMetadataInternally

func (md *RootMetadataV2) SignWriterMetadataInternally(
	ctx context.Context, codec kbfscodec.Codec,
	signer kbfscrypto.Signer) error

SignWriterMetadataInternally implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) StoresHistoricTLFCryptKeys

func (md *RootMetadataV2) StoresHistoricTLFCryptKeys() bool

StoresHistoricTLFCryptKeys implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) TlfHandleExtensions

func (md *RootMetadataV2) TlfHandleExtensions() (
	extensions []tlf.HandleExtension)

TlfHandleExtensions implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) TlfID

func (md *RootMetadataV2) TlfID() tlf.ID

TlfID implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) TypeForKeying

func (md *RootMetadataV2) TypeForKeying() tlf.KeyingType

TypeForKeying implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) UnrefBytes

func (md *RootMetadataV2) UnrefBytes() uint64

UnrefBytes implements the RootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) UpdateKeyBundles

func (md *RootMetadataV2) UpdateKeyBundles(codec kbfscodec.Codec,
	_ ExtraMetadata,
	updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
	ePubKey kbfscrypto.TLFEphemeralPublicKey,
	ePrivKey kbfscrypto.TLFEphemeralPrivateKey,
	tlfCryptKeys []kbfscrypto.TLFCryptKey) (
	[]UserDeviceKeyServerHalves, error)

UpdateKeyBundles implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV2) Version

func (md *RootMetadataV2) Version() MetadataVer

Version implements the MutableRootMetadata interface for RootMetadataV2.

type RootMetadataV3

type RootMetadataV3 struct {
	// The metadata that is only editable by the writer.
	WriterMetadata WriterMetadataV3 `codec:"wmd"`

	// The last KB user who modified this RootMetadata
	LastModifyingUser keybase1.UID
	// Flags
	Flags MetadataFlags
	// The revision number
	Revision Revision
	// Pointer to the previous root block ID
	PrevRoot ID

	// For private TLFs. Any unresolved social assertions for readers.
	UnresolvedReaders []keybase1.SocialAssertion `codec:"ur,omitempty"`
	// Pointer to the reader key bundle for private TLFs.
	RKeyBundleID TLFReaderKeyBundleID `codec:"rkid"`

	// ConflictInfo is set if there's a conflict for the given folder's
	// handle after a social assertion resolution.
	ConflictInfo *tlf.HandleExtension `codec:"ci,omitempty"`
	// FinalizedInfo is set if there are no more valid writer keys capable
	// of writing to the given folder.
	FinalizedInfo *tlf.HandleExtension `codec:"fi,omitempty"`

	// KBMerkleRoot is now DEPRECATED, and shouldn't be relied on for
	// future features.  Below is the original text for historians:
	//
	// The root of the global Keybase Merkle tree at the time this
	// update was created (from the writer's perspective).  This field
	// was added to V3 after it was live for a while, and older
	// clients that don't know about this field yet might copy it into
	// new updates via the unknown fields copier. Which means new MD
	// updates might end up referring to older Merkle roots.  That's
	// ok since this is just a hint anyway, and shouldn't be fully
	// trusted when checking MD updates against the Merkle tree.
	// NOTE: this is a pointer in order to get the correct "omitempty"
	// behavior, so that old MDs are still verifiable.
	KBMerkleRoot *keybase1.MerkleRootV2 `codec:"mr,omitempty"`

	codec.UnknownFieldSetHandler
}

RootMetadataV3 is the MD that is signed by the reader or writer. Unlike RootMetadata, it contains exactly the serializable metadata.

func MakeInitialRootMetadataV3

func MakeInitialRootMetadataV3(tlfID tlf.ID, h tlf.Handle) (
	*RootMetadataV3, error)

MakeInitialRootMetadataV3 creates a new RootMetadataV3 object with revision RevisionInitial, and the given TLF ID and handle. Note that if the given ID/handle are private, rekeying must be done separately. Since they are data-compatible, this also creates V4 MD objects.

func (*RootMetadataV3) AddDiskUsage

func (md *RootMetadataV3) AddDiskUsage(diskUsage uint64)

AddDiskUsage implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) AddKeyGeneration

func (md *RootMetadataV3) AddKeyGeneration(
	codec kbfscodec.Codec, currExtra ExtraMetadata,
	updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
	ePubKey kbfscrypto.TLFEphemeralPublicKey,
	ePrivKey kbfscrypto.TLFEphemeralPrivateKey,
	pubKey kbfscrypto.TLFPublicKey,
	currCryptKey, nextCryptKey kbfscrypto.TLFCryptKey) (
	nextExtra ExtraMetadata,
	serverHalves UserDeviceKeyServerHalves, err error)

AddKeyGeneration implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) AddMDDiskUsage

func (md *RootMetadataV3) AddMDDiskUsage(mdDiskUsage uint64)

AddMDDiskUsage implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) AddMDRefBytes

func (md *RootMetadataV3) AddMDRefBytes(mdRefBytes uint64)

AddMDRefBytes implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) AddRefBytes

func (md *RootMetadataV3) AddRefBytes(refBytes uint64)

AddRefBytes implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) AddUnrefBytes

func (md *RootMetadataV3) AddUnrefBytes(unrefBytes uint64)

AddUnrefBytes implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) BID

func (md *RootMetadataV3) BID() BranchID

BID implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) CheckValidSuccessor

func (md *RootMetadataV3) CheckValidSuccessor(
	currID ID, nextMd RootMetadata) error

CheckValidSuccessor implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) CheckValidSuccessorForServer

func (md *RootMetadataV3) CheckValidSuccessorForServer(
	currID ID, nextMd RootMetadata) error

CheckValidSuccessorForServer implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) ClearFinalBit

func (md *RootMetadataV3) ClearFinalBit()

ClearFinalBit implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) ClearForV4Migration

func (md *RootMetadataV3) ClearForV4Migration()

ClearForV4Migration implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) ClearRekeyBit

func (md *RootMetadataV3) ClearRekeyBit()

ClearRekeyBit implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) ClearWriterMetadataCopiedBit

func (md *RootMetadataV3) ClearWriterMetadataCopiedBit()

ClearWriterMetadataCopiedBit implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) DeepCopy

func (md *RootMetadataV3) DeepCopy(
	codec kbfscodec.Codec) (MutableRootMetadata, error)

DeepCopy implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) DiskUsage

func (md *RootMetadataV3) DiskUsage() uint64

DiskUsage implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) FinalizeRekey

func (md *RootMetadataV3) FinalizeRekey(
	codec kbfscodec.Codec, extra ExtraMetadata) error

FinalizeRekey implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetCurrentTLFPublicKey

func (md *RootMetadataV3) GetCurrentTLFPublicKey(
	extra ExtraMetadata) (kbfscrypto.TLFPublicKey, error)

GetCurrentTLFPublicKey implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetHistoricTLFCryptKey

func (md *RootMetadataV3) GetHistoricTLFCryptKey(codec kbfscodec.Codec,
	keyGen KeyGen, currentKey kbfscrypto.TLFCryptKey, extra ExtraMetadata) (
	kbfscrypto.TLFCryptKey, error)

GetHistoricTLFCryptKey implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetLastModifyingUser

func (md *RootMetadataV3) GetLastModifyingUser() keybase1.UID

GetLastModifyingUser implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetPrevRoot

func (md *RootMetadataV3) GetPrevRoot() ID

GetPrevRoot implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetSerializedPrivateMetadata

func (md *RootMetadataV3) GetSerializedPrivateMetadata() []byte

GetSerializedPrivateMetadata implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetSerializedWriterMetadata

func (md *RootMetadataV3) GetSerializedWriterMetadata(
	codec kbfscodec.Codec) ([]byte, error)

GetSerializedWriterMetadata implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetTLFCryptKeyParams

GetTLFCryptKeyParams implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetTLFKeyBundlesForTest

func (md *RootMetadataV3) GetTLFKeyBundlesForTest(extra ExtraMetadata) (
	*TLFWriterKeyBundleV3, *TLFReaderKeyBundleV3, error)

GetTLFKeyBundlesForTest returns the writer and reader key bundles from extra.

func (*RootMetadataV3) GetTLFReaderKeyBundleID

func (md *RootMetadataV3) GetTLFReaderKeyBundleID() TLFReaderKeyBundleID

GetTLFReaderKeyBundleID implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetTLFWriterKeyBundleID

func (md *RootMetadataV3) GetTLFWriterKeyBundleID() TLFWriterKeyBundleID

GetTLFWriterKeyBundleID implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetUnresolvedParticipants

func (md *RootMetadataV3) GetUnresolvedParticipants() []keybase1.SocialAssertion

GetUnresolvedParticipants implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) GetUserDevicePublicKeys

func (md *RootMetadataV3) GetUserDevicePublicKeys(extra ExtraMetadata) (
	writerDeviceKeys, readerDeviceKeys UserDevicePublicKeys, err error)

GetUserDevicePublicKeys implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsFinal

func (md *RootMetadataV3) IsFinal() bool

IsFinal implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsLastModifiedBy

func (md *RootMetadataV3) IsLastModifiedBy(
	uid keybase1.UID, key kbfscrypto.VerifyingKey) error

IsLastModifiedBy implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsReader

func (md *RootMetadataV3) IsReader(
	ctx context.Context, user keybase1.UID,
	cryptKey kbfscrypto.CryptPublicKey, teamMemChecker TeamMembershipChecker,
	extra ExtraMetadata) (bool, error)

IsReader implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsRekeySet

func (md *RootMetadataV3) IsRekeySet() bool

IsRekeySet implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsUnmergedSet

func (md *RootMetadataV3) IsUnmergedSet() bool

IsUnmergedSet implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsValidAndSigned

func (md *RootMetadataV3) IsValidAndSigned(
	ctx context.Context, codec kbfscodec.Codec,
	teamMemChecker TeamMembershipChecker, extra ExtraMetadata,
	writerVerifyingKey kbfscrypto.VerifyingKey) error

IsValidAndSigned implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsValidRekeyRequest

func (md *RootMetadataV3) IsValidRekeyRequest(
	codec kbfscodec.Codec, prevBareMd RootMetadata,
	user keybase1.UID, prevExtra, extra ExtraMetadata) (
	bool, error)

IsValidRekeyRequest implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsWriter

func (md *RootMetadataV3) IsWriter(
	ctx context.Context, user keybase1.UID,
	cryptKey kbfscrypto.CryptPublicKey, verifyingKey kbfscrypto.VerifyingKey,
	teamMemChecker TeamMembershipChecker, extra ExtraMetadata) (bool, error)

IsWriter implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) IsWriterMetadataCopiedSet

func (md *RootMetadataV3) IsWriterMetadataCopiedSet() bool

IsWriterMetadataCopiedSet implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) KeyGenerationsToUpdate

func (md *RootMetadataV3) KeyGenerationsToUpdate() (KeyGen, KeyGen)

KeyGenerationsToUpdate implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) LastModifyingWriter

func (md *RootMetadataV3) LastModifyingWriter() keybase1.UID

LastModifyingWriter implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) LatestKeyGeneration

func (md *RootMetadataV3) LatestKeyGeneration() KeyGen

LatestKeyGeneration implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) MDDiskUsage

func (md *RootMetadataV3) MDDiskUsage() uint64

MDDiskUsage implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) MDRefBytes

func (md *RootMetadataV3) MDRefBytes() uint64

MDRefBytes implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) MakeBareTlfHandle

func (md *RootMetadataV3) MakeBareTlfHandle(extra ExtraMetadata) (
	tlf.Handle, error)

MakeBareTlfHandle implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) MakeSuccessorCopy

func (md *RootMetadataV3) MakeSuccessorCopy(
	codec kbfscodec.Codec, extra ExtraMetadata, _ MetadataVer,
	_ func() ([]kbfscrypto.TLFCryptKey, error), isReadableAndWriter bool) (
	MutableRootMetadata, ExtraMetadata, error)

MakeSuccessorCopy implements the ImmutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) MergedStatus

func (md *RootMetadataV3) MergedStatus() MergeStatus

MergedStatus implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) PromoteReaders

func (md *RootMetadataV3) PromoteReaders(
	readersToPromote map[keybase1.UID]bool, extra ExtraMetadata) error

PromoteReaders implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) RefBytes

func (md *RootMetadataV3) RefBytes() uint64

RefBytes implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) RevisionNumber

func (md *RootMetadataV3) RevisionNumber() Revision

RevisionNumber implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) RevokeRemovedDevices

func (md *RootMetadataV3) RevokeRemovedDevices(
	updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
	extra ExtraMetadata) (ServerHalfRemovalInfo, error)

RevokeRemovedDevices implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetBranchID

func (md *RootMetadataV3) SetBranchID(bid BranchID)

SetBranchID implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetConflictInfo

func (md *RootMetadataV3) SetConflictInfo(ci *tlf.HandleExtension)

SetConflictInfo implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetDiskUsage

func (md *RootMetadataV3) SetDiskUsage(diskUsage uint64)

SetDiskUsage implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetFinalBit

func (md *RootMetadataV3) SetFinalBit()

SetFinalBit implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetFinalizedInfo

func (md *RootMetadataV3) SetFinalizedInfo(fi *tlf.HandleExtension)

SetFinalizedInfo implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetLastModifyingUser

func (md *RootMetadataV3) SetLastModifyingUser(user keybase1.UID)

SetLastModifyingUser implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetLastModifyingWriter

func (md *RootMetadataV3) SetLastModifyingWriter(user keybase1.UID)

SetLastModifyingWriter implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetLatestKeyGenerationForTeamTLF

func (md *RootMetadataV3) SetLatestKeyGenerationForTeamTLF(keyGen KeyGen)

SetLatestKeyGenerationForTeamTLF implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetMDDiskUsage

func (md *RootMetadataV3) SetMDDiskUsage(mdDiskUsage uint64)

SetMDDiskUsage implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetMDRefBytes

func (md *RootMetadataV3) SetMDRefBytes(mdRefBytes uint64)

SetMDRefBytes implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetPrevRoot

func (md *RootMetadataV3) SetPrevRoot(mdID ID)

SetPrevRoot implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetRefBytes

func (md *RootMetadataV3) SetRefBytes(refBytes uint64)

SetRefBytes implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetRekeyBit

func (md *RootMetadataV3) SetRekeyBit()

SetRekeyBit implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetRevision

func (md *RootMetadataV3) SetRevision(revision Revision)

SetRevision implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetSerializedPrivateMetadata

func (md *RootMetadataV3) SetSerializedPrivateMetadata(spmd []byte)

SetSerializedPrivateMetadata implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetTlfID

func (md *RootMetadataV3) SetTlfID(tlf tlf.ID)

SetTlfID implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetUnmerged

func (md *RootMetadataV3) SetUnmerged()

SetUnmerged implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetUnrefBytes

func (md *RootMetadataV3) SetUnrefBytes(unrefBytes uint64)

SetUnrefBytes implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetUnresolvedReaders

func (md *RootMetadataV3) SetUnresolvedReaders(readers []keybase1.SocialAssertion)

SetUnresolvedReaders implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetUnresolvedWriters

func (md *RootMetadataV3) SetUnresolvedWriters(writers []keybase1.SocialAssertion)

SetUnresolvedWriters implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetWriterMetadataCopiedBit

func (md *RootMetadataV3) SetWriterMetadataCopiedBit()

SetWriterMetadataCopiedBit implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SetWriters

func (md *RootMetadataV3) SetWriters(writers []keybase1.UserOrTeamID)

SetWriters implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) SignWriterMetadataInternally

func (md *RootMetadataV3) SignWriterMetadataInternally(
	ctx context.Context, codec kbfscodec.Codec,
	signer kbfscrypto.Signer) error

SignWriterMetadataInternally implements the MutableRootMetadata interface for RootMetadataV2.

func (*RootMetadataV3) StoresHistoricTLFCryptKeys

func (md *RootMetadataV3) StoresHistoricTLFCryptKeys() bool

StoresHistoricTLFCryptKeys implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) TlfHandleExtensions

func (md *RootMetadataV3) TlfHandleExtensions() (
	extensions []tlf.HandleExtension)

TlfHandleExtensions implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) TlfID

func (md *RootMetadataV3) TlfID() tlf.ID

TlfID implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) TypeForKeying

func (md *RootMetadataV3) TypeForKeying() tlf.KeyingType

TypeForKeying implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) UnrefBytes

func (md *RootMetadataV3) UnrefBytes() uint64

UnrefBytes implements the RootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) UpdateKeyBundles

func (md *RootMetadataV3) UpdateKeyBundles(codec kbfscodec.Codec,
	extra ExtraMetadata,
	updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys,
	ePubKey kbfscrypto.TLFEphemeralPublicKey,
	ePrivKey kbfscrypto.TLFEphemeralPrivateKey,
	tlfCryptKeys []kbfscrypto.TLFCryptKey) (
	[]UserDeviceKeyServerHalves, error)

UpdateKeyBundles implements the MutableRootMetadata interface for RootMetadataV3.

func (*RootMetadataV3) Version

func (md *RootMetadataV3) Version() MetadataVer

Version implements the MutableRootMetadata interface for RootMetadataV3.

type ServerError

type ServerError struct {
	Err error
}

ServerError is a generic server-side error.

func (ServerError) Error

func (e ServerError) Error() string

Error implements the Error interface for ServerError.

func (ServerError) ToStatus

func (e ServerError) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerError.

type ServerErrorBadRequest

type ServerErrorBadRequest struct {
	Reason string
}

ServerErrorBadRequest is a generic client-side error.

func (ServerErrorBadRequest) Error

func (e ServerErrorBadRequest) Error() string

Error implements the Error interface for ServerErrorBadRequest.

func (ServerErrorBadRequest) ToStatus

func (e ServerErrorBadRequest) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorBadRequest.

type ServerErrorCannotReadFinalizedTLF

type ServerErrorCannotReadFinalizedTLF struct{}

ServerErrorCannotReadFinalizedTLF is returned when the client isn't authorized to read a finalized TLF.

func (ServerErrorCannotReadFinalizedTLF) Error

Error implements the Error interface for ServerErrorCannotReadFinalizedTLF.

func (ServerErrorCannotReadFinalizedTLF) ToStatus

ToStatus implements the ExportableError interface for ServerErrorCannotReadFinalizedTLF.

type ServerErrorClassicTLFDoesNotExist

type ServerErrorClassicTLFDoesNotExist struct{}

ServerErrorClassicTLFDoesNotExist is the error type for StatusCodeServerErrorClassicTLFDoesNotExist.

func (ServerErrorClassicTLFDoesNotExist) Error

Error implements the Error interface.

func (ServerErrorClassicTLFDoesNotExist) ToStatus

ToStatus implements the ExportableError interface.

type ServerErrorConditionFailed

type ServerErrorConditionFailed struct {
	Err            error
	ShouldThrottle bool
}

ServerErrorConditionFailed is returned when a conditonal write failed. This means there was a race and the caller should consider it a conflict.

func (ServerErrorConditionFailed) Error

Error implements the Error interface for ServerErrorConditionFailed.

func (ServerErrorConditionFailed) ToStatus

func (e ServerErrorConditionFailed) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorConditionFailed.

type ServerErrorConflictDiskUsage

type ServerErrorConflictDiskUsage struct {
	Desc     string
	Expected uint64
	Actual   uint64
}

ServerErrorConflictDiskUsage is returned when the passed MD block is inconsistent with current history.

func (ServerErrorConflictDiskUsage) Error

Error implements the Error interface for ServerErrorConflictDiskUsage

func (ServerErrorConflictDiskUsage) ToStatus

func (e ServerErrorConflictDiskUsage) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorConflictDiskUsage.

type ServerErrorConflictFolderMapping

type ServerErrorConflictFolderMapping struct {
	Desc     string
	Expected tlf.ID
	Actual   tlf.ID
}

ServerErrorConflictFolderMapping is returned when there is a folder handle to folder ID mapping mismatch.

func (ServerErrorConflictFolderMapping) Error

Error implements the Error interface for ServerErrorConflictFolderMapping.

func (ServerErrorConflictFolderMapping) ToStatus

ToStatus implements the ExportableError interface for ServerErrorConflictFolderMapping

type ServerErrorConflictPrevRoot

type ServerErrorConflictPrevRoot struct {
	Desc     string
	Expected ID
	Actual   ID
}

ServerErrorConflictPrevRoot is returned when the passed MD block is inconsistent with current history.

func (ServerErrorConflictPrevRoot) Error

Error implements the Error interface for ServerErrorConflictPrevRoot.

func (ServerErrorConflictPrevRoot) ToStatus

func (e ServerErrorConflictPrevRoot) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorConflictPrevRoot.

type ServerErrorConflictRevision

type ServerErrorConflictRevision struct {
	Desc     string
	Expected Revision
	Actual   Revision
}

ServerErrorConflictRevision is returned when the passed MD block is inconsistent with current history.

func (ServerErrorConflictRevision) Error

Error implements the Error interface for ServerErrorConflictRevision.

func (ServerErrorConflictRevision) ToStatus

func (e ServerErrorConflictRevision) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorConflictRevision.

type ServerErrorLockConflict

type ServerErrorLockConflict struct{}

ServerErrorLockConflict is the error type for StatusCodeServerErrorLockConflict.

func (ServerErrorLockConflict) Error

func (e ServerErrorLockConflict) Error() string

Error implements the Error interface.

func (ServerErrorLockConflict) ToStatus

func (e ServerErrorLockConflict) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface.

type ServerErrorLocked

type ServerErrorLocked struct {
}

ServerErrorLocked is returned when the folder truncation lock is acquired by someone else.

func (ServerErrorLocked) Error

func (e ServerErrorLocked) Error() string

Error implements the Error interface for ServerErrorLocked.

func (ServerErrorLocked) ToStatus

func (e ServerErrorLocked) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorLocked.

type ServerErrorMissingFolderHandle

type ServerErrorMissingFolderHandle struct{}

ServerErrorMissingFolderHandle is the error type for StatusCodeServerErrorMissingFolderHandle.

func (ServerErrorMissingFolderHandle) Error

Error implements the Error interface.

func (ServerErrorMissingFolderHandle) ToStatus

ToStatus implements the ExportableError interface.

type ServerErrorThrottle

type ServerErrorThrottle struct {
	Err              error
	SuggestedRetryIn *time.Duration
}

ServerErrorThrottle is returned when the server wants the client to backoff.

func (ServerErrorThrottle) Error

func (e ServerErrorThrottle) Error() string

Error implements the Error interface for ServerErrorThrottle.

func (ServerErrorThrottle) ToStatus

func (e ServerErrorThrottle) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorThrottle.

type ServerErrorTooManyFoldersCreated

type ServerErrorTooManyFoldersCreated struct {
	Created uint64
	Limit   uint64
}

ServerErrorTooManyFoldersCreated is returned when a user has created more folders than their limit allows.

func (ServerErrorTooManyFoldersCreated) Error

Error implements the Error interface for ServerErrorTooManyFoldersCreated.

func (ServerErrorTooManyFoldersCreated) ToStatus

ToStatus implements the ExportableError interface for ServerErrorConflictFolderMapping

type ServerErrorUnauthorized

type ServerErrorUnauthorized struct {
	Err error
}

ServerErrorUnauthorized is returned when a device requests a key half which doesn't belong to it.

func (ServerErrorUnauthorized) Error

func (e ServerErrorUnauthorized) Error() string

Error implements the Error interface for ServerErrorUnauthorized.

func (ServerErrorUnauthorized) ToStatus

func (e ServerErrorUnauthorized) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorUnauthorized.

type ServerErrorUnwrapper

type ServerErrorUnwrapper struct{}

ServerErrorUnwrapper is an implementation of rpc.ErrorUnwrapper for errors coming from the MDServer.

func (ServerErrorUnwrapper) MakeArg

func (eu ServerErrorUnwrapper) MakeArg() interface{}

MakeArg implements rpc.ErrorUnwrapper for ServerErrorUnwrapper.

func (ServerErrorUnwrapper) UnwrapError

func (eu ServerErrorUnwrapper) UnwrapError(arg interface{}) (appError error, dispatchError error)

UnwrapError implements rpc.ErrorUnwrapper for ServerErrorUnwrapper.

type ServerErrorWriteAccess

type ServerErrorWriteAccess struct{}

ServerErrorWriteAccess is returned when the client isn't authorized to write to a TLF.

func (ServerErrorWriteAccess) Error

func (e ServerErrorWriteAccess) Error() string

Error implements the Error interface for ServerErrorWriteAccess.

func (ServerErrorWriteAccess) ToStatus

func (e ServerErrorWriteAccess) ToStatus() (s keybase1.Status)

ToStatus implements the ExportableError interface for ServerErrorWriteAccess.

type ServerHalfRemovalInfo

type ServerHalfRemovalInfo map[keybase1.UID]UserServerHalfRemovalInfo

ServerHalfRemovalInfo is a map from users and devices to a list of server half IDs to remove from the server.

func (ServerHalfRemovalInfo) AddGeneration

func (info ServerHalfRemovalInfo) AddGeneration(
	genInfo ServerHalfRemovalInfo) error

AddGeneration merges the keys in genInfo (which must be one per device) into info. genInfo must have the same users as info.

func (ServerHalfRemovalInfo) MergeUsers

MergeUsers returns a ServerHalfRemovalInfo that contains all the users in info and other, which must be disjoint. This isn't a deep copy.

type TLFCryptKeyInfo

type TLFCryptKeyInfo struct {
	ClientHalf   kbfscrypto.EncryptedTLFCryptKeyClientHalf
	ServerHalfID kbfscrypto.TLFCryptKeyServerHalfID
	EPubKeyIndex int `codec:"i,omitempty"`

	codec.UnknownFieldSetHandler
}

TLFCryptKeyInfo is a per-device key half entry in the TLF{Writer,Reader}KeyBundleV{2,3}.

type TLFCryptKeyNotPerDeviceEncrypted

type TLFCryptKeyNotPerDeviceEncrypted struct {
	// contains filtered or unexported fields
}

TLFCryptKeyNotPerDeviceEncrypted is returned when a given TLFCryptKey is not encrypted per-device but rather symmetrically encrypted with the current generation of the TLFCryptKey.

func (TLFCryptKeyNotPerDeviceEncrypted) Error

// Error implements the error interface for TLFCryptKeyNotPerDeviceEncrypted

type TLFReaderKeyBundleID

type TLFReaderKeyBundleID struct {
	// contains filtered or unexported fields
}

TLFReaderKeyBundleID is the hash of a serialized TLFReaderKeyBundle.

func MakeTLFReaderKeyBundleID

func MakeTLFReaderKeyBundleID(codec kbfscodec.Codec, rkb TLFReaderKeyBundleV3) (
	TLFReaderKeyBundleID, error)

MakeTLFReaderKeyBundleID hashes a TLFReaderKeyBundleV3 to create an ID.

func TLFReaderKeyBundleIDFromBytes

func TLFReaderKeyBundleIDFromBytes(data []byte) (TLFReaderKeyBundleID, error)

TLFReaderKeyBundleIDFromBytes creates a new TLFReaderKeyBundleID from the given bytes. If the returned error is nil, the returned TLFReaderKeyBundleID is valid.

func TLFReaderKeyBundleIDFromString

func TLFReaderKeyBundleIDFromString(id string) (TLFReaderKeyBundleID, error)

TLFReaderKeyBundleIDFromString creates a new TLFReaderKeyBundleID from the given string. If the returned error is nil, the returned TLFReaderKeyBundleID is valid.

func (TLFReaderKeyBundleID) Bytes

func (h TLFReaderKeyBundleID) Bytes() []byte

Bytes returns the bytes of the TLFReaderKeyBundleID.

func (TLFReaderKeyBundleID) IsNil

func (h TLFReaderKeyBundleID) IsNil() bool

IsNil returns true if the ID is unset.

func (TLFReaderKeyBundleID) MarshalBinary

func (h TLFReaderKeyBundleID) MarshalBinary() (data []byte, err error)

MarshalBinary implements the encoding.BinaryMarshaler interface for TLFReaderKeyBundleID. Returns an error if the TLFReaderKeyBundleID is invalid and not the zero TLFReaderKeyBundleID.

func (TLFReaderKeyBundleID) Size

func (h TLFReaderKeyBundleID) Size() int

Size implements the cache.Measurable interface.

func (TLFReaderKeyBundleID) String

func (h TLFReaderKeyBundleID) String() string

String returns the string form of the TLFReaderKeyBundleID.

func (*TLFReaderKeyBundleID) UnmarshalBinary

func (h *TLFReaderKeyBundleID) UnmarshalBinary(data []byte) error

UnmarshalBinary implements the encoding.BinaryUnmarshaler interface for TLFReaderKeyBundleID. Returns an error if the given byte array is non-empty and the TLFReaderKeyBundleID is invalid.

type TLFReaderKeyBundleV2

type TLFReaderKeyBundleV2 struct {
	RKeys UserDeviceKeyInfoMapV2

	// M_e as described in § 4.1.1. Because devices can be added
	// into the key generation after it is initially created (so
	// those devices can get access to existing data), we track
	// multiple ephemeral public keys; the one used by a
	// particular device is specified by EPubKeyIndex in its
	// TLFCryptoKeyInfo struct.  This list is needed so a reader
	// rekey doesn't modify the writer metadata.
	TLFReaderEphemeralPublicKeys kbfscrypto.TLFEphemeralPublicKeys `codec:"readerEPubKey,omitempty"`

	codec.UnknownFieldSetHandler
}

TLFReaderKeyBundleV2 stores all the reader keys with reader permissions on a TLF.

func (TLFReaderKeyBundleV2) IsReader

func (trb TLFReaderKeyBundleV2) IsReader(user keybase1.UID, deviceKey kbfscrypto.CryptPublicKey) bool

IsReader returns true if the given user device is in the reader set.

type TLFReaderKeyBundleV3

type TLFReaderKeyBundleV3 struct {
	Keys UserDeviceKeyInfoMapV3 `codec:"rKeys,omitempty"`

	// M_e as described in § 4.1.1. Because devices can be added
	// into the key generation after it is initially created (so
	// those devices can get access to existing data), we track
	// multiple ephemeral public keys; the one used by a
	// particular device is specified by EPubKeyIndex in its
	// TLFCryptoKeyInfo struct.  This list is needed so a reader
	// rekey doesn't modify the writer metadata.
	TLFEphemeralPublicKeys kbfscrypto.TLFEphemeralPublicKeys `codec:"rEPubKey,omitempty"`

	codec.UnknownFieldSetHandler
}

TLFReaderKeyBundleV3 stores all the reader keys with reader permissions on a TLF.

func DeserializeTLFReaderKeyBundleV3

func DeserializeTLFReaderKeyBundleV3(codec kbfscodec.Codec, path string) (
	TLFReaderKeyBundleV3, error)

DeserializeTLFReaderKeyBundleV3 deserializes a TLFReaderKeyBundleV3 from the given path and returns it.

func (TLFReaderKeyBundleV3) DeepCopy

DeepCopy creates a deep copy of this key bundle.

func (TLFReaderKeyBundleV3) IsReader

func (rkb TLFReaderKeyBundleV3) IsReader(user keybase1.UID, deviceKey kbfscrypto.CryptPublicKey) bool

IsReader returns true if the given user device is in the reader set.

func (TLFReaderKeyBundleV3) Size

func (rkb TLFReaderKeyBundleV3) Size() (bytes int)

Size implements the cache.Measurable interface.

type TLFReaderKeyGenerationsV2

type TLFReaderKeyGenerationsV2 []TLFReaderKeyBundleV2

TLFReaderKeyGenerationsV2 stores a slice of TLFReaderKeyBundleV2, where the last element is the current generation.

func (TLFReaderKeyGenerationsV2) IsReader

func (rkg TLFReaderKeyGenerationsV2) IsReader(user keybase1.UID, deviceKey kbfscrypto.CryptPublicKey) bool

IsReader returns whether or not the user+device is an authorized reader for the latest generation.

func (TLFReaderKeyGenerationsV2) LatestKeyGeneration

func (rkg TLFReaderKeyGenerationsV2) LatestKeyGeneration() KeyGen

LatestKeyGeneration returns the current key generation for this TLF.

func (TLFReaderKeyGenerationsV2) ToTLFReaderKeyBundleV3

func (rkg TLFReaderKeyGenerationsV2) ToTLFReaderKeyBundleV3(
	codec kbfscodec.Codec, wkb TLFWriterKeyBundleV2) (
	TLFReaderKeyBundleV3, error)

ToTLFReaderKeyBundleV3 converts a TLFReaderKeyGenerationsV2 to a TLFReaderkeyBundleV3.

type TLFWriterKeyBundleID

type TLFWriterKeyBundleID struct {
	// contains filtered or unexported fields
}

TLFWriterKeyBundleID is the hash of a serialized TLFWriterKeyBundle.

func MakeTLFWriterKeyBundleID

func MakeTLFWriterKeyBundleID(codec kbfscodec.Codec, wkb TLFWriterKeyBundleV3) (
	TLFWriterKeyBundleID, error)

MakeTLFWriterKeyBundleID hashes a TLFWriterKeyBundleV3 to create an ID.

func TLFWriterKeyBundleIDFromBytes

func TLFWriterKeyBundleIDFromBytes(data []byte) (TLFWriterKeyBundleID, error)

TLFWriterKeyBundleIDFromBytes creates a new TLFWriterKeyBundleID from the given bytes. If the returned error is nil, the returned TLFWriterKeyBundleID is valid.

func TLFWriterKeyBundleIDFromString

func TLFWriterKeyBundleIDFromString(id string) (TLFWriterKeyBundleID, error)

TLFWriterKeyBundleIDFromString creates a new TLFWriterKeyBundleID from the given string. If the returned error is nil, the returned TLFWriterKeyBundleID is valid.

func (TLFWriterKeyBundleID) Bytes

func (h TLFWriterKeyBundleID) Bytes() []byte

Bytes returns the bytes of the TLFWriterKeyBundleID.

func (TLFWriterKeyBundleID) IsNil

func (h TLFWriterKeyBundleID) IsNil() bool

IsNil returns true if the ID is unset.

func (TLFWriterKeyBundleID) MarshalBinary

func (h TLFWriterKeyBundleID) MarshalBinary() (data []byte, err error)

MarshalBinary implements the encoding.BinaryMarshaler interface for TLFWriterKeyBundleID. Returns an error if the TLFWriterKeyBundleID is invalid and not the zero TLFWriterKeyBundleID.

func (TLFWriterKeyBundleID) Size

func (h TLFWriterKeyBundleID) Size() int

Size implements the cache.Measurable interface.

func (TLFWriterKeyBundleID) String

func (h TLFWriterKeyBundleID) String() string

String returns the string form of the TLFWriterKeyBundleID.

func (*TLFWriterKeyBundleID) UnmarshalBinary

func (h *TLFWriterKeyBundleID) UnmarshalBinary(data []byte) error

UnmarshalBinary implements the encoding.BinaryUnmarshaler interface for TLFWriterKeyBundleID. Returns an error if the given byte array is non-empty and the TLFWriterKeyBundleID is invalid.

type TLFWriterKeyBundleV2

type TLFWriterKeyBundleV2 struct {
	// Maps from each writer to their crypt key bundle.
	WKeys UserDeviceKeyInfoMapV2

	// M_f as described in § 4.1.1.
	TLFPublicKey kbfscrypto.TLFPublicKey `codec:"pubKey"`

	// M_e as described in § 4.1.1.  Because devices can be added
	// into the key generation after it is initially created (so
	// those devices can get access to existing data), we track
	// multiple ephemeral public keys; the one used by a
	// particular device is specified by EPubKeyIndex in its
	// TLFCryptoKeyInfo struct.
	TLFEphemeralPublicKeys kbfscrypto.TLFEphemeralPublicKeys `codec:"ePubKey"`

	codec.UnknownFieldSetHandler
}

TLFWriterKeyBundleV2 is a bundle of all the writer keys for a top-level folder.

func (TLFWriterKeyBundleV2) IsWriter

func (wkb TLFWriterKeyBundleV2) IsWriter(user keybase1.UID, deviceKey kbfscrypto.CryptPublicKey) bool

IsWriter returns true if the given user device is in the writer set.

type TLFWriterKeyBundleV3

type TLFWriterKeyBundleV3 struct {
	// Maps from each user to their crypt key bundle for the current generation.
	Keys UserDeviceKeyInfoMapV3 `codec:"wKeys"`

	// M_f as described in § 4.1.1.
	TLFPublicKey kbfscrypto.TLFPublicKey `codec:"pubKey"`

	// M_e as described in § 4.1.1. Because devices can be added
	// into the key generation after it is initially created (so
	// those devices can get access to existing data), we track
	// multiple ephemeral public keys; the one used by a
	// particular device is specified by EPubKeyIndex in its
	// TLFCryptoKeyInfo struct.
	TLFEphemeralPublicKeys kbfscrypto.TLFEphemeralPublicKeys `codec:"ePubKey"`

	// This is a time-ordered encrypted list of historic key generations.
	// It is encrypted with the latest generation of the TLF crypt key.
	EncryptedHistoricTLFCryptKeys kbfscrypto.EncryptedTLFCryptKeys `codec:"oldKeys"`

	codec.UnknownFieldSetHandler
}

TLFWriterKeyBundleV3 is a bundle of writer keys and historic symmetric encryption keys for a top-level folder.

func DeserializeTLFWriterKeyBundleV3

func DeserializeTLFWriterKeyBundleV3(codec kbfscodec.Codec, path string) (
	TLFWriterKeyBundleV3, error)

DeserializeTLFWriterKeyBundleV3 deserializes a TLFWriterKeyBundleV3 from the given path and returns it.

func (TLFWriterKeyBundleV3) DeepCopy

DeepCopy creates a deep copy of this key bundle.

func (TLFWriterKeyBundleV3) IsWriter

func (wkb TLFWriterKeyBundleV3) IsWriter(user keybase1.UID, deviceKey kbfscrypto.CryptPublicKey) bool

IsWriter returns true if the given user device is in the device set.

func (TLFWriterKeyBundleV3) Size

func (wkb TLFWriterKeyBundleV3) Size() (bytes int)

Size implements the cache.Measurable interface.

type TLFWriterKeyGenerationsV2

type TLFWriterKeyGenerationsV2 []TLFWriterKeyBundleV2

TLFWriterKeyGenerationsV2 stores a slice of TLFWriterKeyBundleV2, where the last element is the current generation.

func (TLFWriterKeyGenerationsV2) IsWriter

func (wkg TLFWriterKeyGenerationsV2) IsWriter(user keybase1.UID, deviceKey kbfscrypto.CryptPublicKey) bool

IsWriter returns whether or not the user+device is an authorized writer for the latest generation.

func (TLFWriterKeyGenerationsV2) LatestKeyGeneration

func (wkg TLFWriterKeyGenerationsV2) LatestKeyGeneration() KeyGen

LatestKeyGeneration returns the current key generation for this TLF.

func (TLFWriterKeyGenerationsV2) ToTLFWriterKeyBundleV3

func (wkg TLFWriterKeyGenerationsV2) ToTLFWriterKeyBundleV3(
	codec kbfscodec.Codec,
	tlfCryptKeyGetter func() ([]kbfscrypto.TLFCryptKey, error)) (
	TLFWriterKeyBundleV2, TLFWriterKeyBundleV3, error)

ToTLFWriterKeyBundleV3 converts a TLFWriterKeyGenerationsV2 to a TLFWriterKeyBundleV3.

type TeamMembershipChecker

type TeamMembershipChecker interface {
	// IsTeamWriter checks whether the given user (with the given
	// verifying key) is a writer of the given team right now.
	IsTeamWriter(ctx context.Context, tid keybase1.TeamID, uid keybase1.UID,
		verifyingKey kbfscrypto.VerifyingKey) (bool, error)
	// IsTeamReader checks whether the given user is a reader of the
	// given team right now.
	IsTeamReader(ctx context.Context, tid keybase1.TeamID, uid keybase1.UID) (
		bool, error)
}

TeamMembershipChecker is an interface for objects that can check the writer/reader membership of teams.

type UserDeviceKeyInfoMapV2

type UserDeviceKeyInfoMapV2 map[keybase1.UID]DeviceKeyInfoMapV2

UserDeviceKeyInfoMapV2 maps a user's keybase UID to their DeviceKeyInfoMapV2.

func (UserDeviceKeyInfoMapV2) FillInUserInfos

func (udkimV2 UserDeviceKeyInfoMapV2) FillInUserInfos(
	newIndex int, updatedUserKeys UserDevicePublicKeys,
	ePrivKey kbfscrypto.TLFEphemeralPrivateKey,
	tlfCryptKey kbfscrypto.TLFCryptKey) (
	serverHalves UserDeviceKeyServerHalves, err error)

FillInUserInfos fills in this map from the given info.

func (UserDeviceKeyInfoMapV2) RemoveDevicesNotIn

func (udkimV2 UserDeviceKeyInfoMapV2) RemoveDevicesNotIn(
	updatedUserKeys UserDevicePublicKeys) ServerHalfRemovalInfo

RemoveDevicesNotIn removes any info for any device that is not contained in the given map of users and devices.

func (UserDeviceKeyInfoMapV2) ToPublicKeys

func (udkimV2 UserDeviceKeyInfoMapV2) ToPublicKeys() UserDevicePublicKeys

ToPublicKeys converts this object to a UserDevicePublicKeys object.

type UserDeviceKeyInfoMapV3

type UserDeviceKeyInfoMapV3 map[keybase1.UID]DeviceKeyInfoMapV3

UserDeviceKeyInfoMapV3 maps a user's keybase UID to their DeviceKeyInfoMapV3.

func (UserDeviceKeyInfoMapV3) FillInUserInfos

func (udkimV3 UserDeviceKeyInfoMapV3) FillInUserInfos(
	newIndex int, updatedUserKeys UserDevicePublicKeys,
	ePrivKey kbfscrypto.TLFEphemeralPrivateKey,
	tlfCryptKey kbfscrypto.TLFCryptKey) (
	serverHalves UserDeviceKeyServerHalves, err error)

FillInUserInfos fills in this map from the given info.

func (UserDeviceKeyInfoMapV3) RemoveDevicesNotIn

func (udkimV3 UserDeviceKeyInfoMapV3) RemoveDevicesNotIn(
	updatedUserKeys UserDevicePublicKeys) ServerHalfRemovalInfo

RemoveDevicesNotIn removes any info for any device that is not contained in the given map of users and devices.

func (UserDeviceKeyInfoMapV3) Size

func (udkimV3 UserDeviceKeyInfoMapV3) Size() int

Size implements the cache.Measurable interface.

func (UserDeviceKeyInfoMapV3) ToPublicKeys

func (udkimV3 UserDeviceKeyInfoMapV3) ToPublicKeys() UserDevicePublicKeys

ToPublicKeys converts this object to a UserDevicePublicKeys object.

type UserDeviceKeyServerHalves

type UserDeviceKeyServerHalves map[keybase1.UID]DeviceKeyServerHalves

UserDeviceKeyServerHalves maps a user's keybase UID to their DeviceServerHalves map.

func (UserDeviceKeyServerHalves) MergeUsers

MergeUsers returns a UserDeviceKeyServerHalves that contains all the users in serverHalves and other, which must be disjoint. This isn't a deep copy.

type UserDevicePublicKeys

type UserDevicePublicKeys map[keybase1.UID]DevicePublicKeys

UserDevicePublicKeys is a map from users to that user's set of devices.

func (UserDevicePublicKeys) Equals

func (udpk UserDevicePublicKeys) Equals(other UserDevicePublicKeys) bool

Equals returns whether both sets of users are equal, and they all have corresponding equal sets of keys.

func (UserDevicePublicKeys) RemoveKeylessUsersForTest

func (udpk UserDevicePublicKeys) RemoveKeylessUsersForTest() UserDevicePublicKeys

RemoveKeylessUsersForTest returns a new UserDevicePublicKeys objects with all the users with an empty DevicePublicKeys removed.

type UserServerHalfRemovalInfo

type UserServerHalfRemovalInfo struct {
	UserRemoved         bool
	DeviceServerHalfIDs DeviceServerHalfRemovalInfo
}

UserServerHalfRemovalInfo contains a map from devices (identified by its crypt public key) to a list of IDs for key server halves to remove (one per key generation). For logging purposes, it also contains a bool indicating whether all of the user's devices were removed.

type WriterFlags

type WriterFlags byte

WriterFlags bitfield.

const (
	MetadataFlagUnmerged WriterFlags = 1 << iota
)

Possible flags set in the WriterFlags bitfield.

func (WriterFlags) String

func (flags WriterFlags) String() string

type WriterMetadataExtraV2

type WriterMetadataExtraV2 struct {
	UnresolvedWriters []keybase1.SocialAssertion `codec:"uw,omitempty"`
	codec.UnknownFieldSetHandler
}

WriterMetadataExtraV2 stores more fields for WriterMetadataV2. (See WriterMetadataV2 comments as to why this type is needed.)

type WriterMetadataV2

type WriterMetadataV2 struct {
	// Serialized, possibly encrypted, version of the PrivateMetadata
	SerializedPrivateMetadata []byte `codec:"data"`
	// The last KB user with writer permissions to this TLF
	// who modified this WriterMetadata
	LastModifyingWriter keybase1.UID
	// For public and single-team TLFs (since those don't have any
	// keys at all).
	Writers []keybase1.UserOrTeamID `codec:",omitempty"`
	// For private TLFs. Writer key generations for this metadata. The
	// most recent one is last in the array. Must be same length as
	// RootMetadata.RKeys.
	WKeys TLFWriterKeyGenerationsV2 `codec:",omitempty"`
	// The directory ID, signed over to make verification easier
	ID tlf.ID
	// The branch ID, currently only set if this is in unmerged per-device history.
	BID BranchID
	// Flags
	WFlags WriterFlags
	// Estimated disk usage at this revision
	DiskUsage uint64
	// Estimated MD disk usage at this revision (for testing only --
	// real v2 MDs in the wild won't ever have this set).
	MDDiskUsage uint64 `codec:",omitempty"`

	// The total number of bytes in new data blocks
	RefBytes uint64
	// The total number of bytes in unreferenced blocks
	UnrefBytes uint64
	// The total number of bytes in new MD blocks (for testing only --
	// real v2 MDs in the wild won't ever have this set).
	MDRefBytes uint64 `codec:",omitempty"`

	// TODO: Remove omitempty and omitemptycheckstruct once we use
	// a version of go-codec that supports omitemptyrecursive.
	Extra WriterMetadataExtraV2 `codec:"x,omitemptyrecursive,omitempty,omitemptycheckstruct"`
}

WriterMetadataV2 stores the metadata for a TLF that is only editable by users with writer permissions.

NOTE: Don't add new fields to this type! Instead, add them to WriterMetadataExtraV2. This is because we want old clients to preserve unknown fields, and we're unable to do that for WriterMetadata directly because it's embedded in RootMetadata.

func (*WriterMetadataV2) ToWriterMetadataV3

func (wmdV2 *WriterMetadataV2) ToWriterMetadataV3() WriterMetadataV3

ToWriterMetadataV3 converts the WriterMetadataV2 to a WriterMetadataV3.

type WriterMetadataV3

type WriterMetadataV3 struct {
	// Serialized, possibly encrypted, version of the PrivateMetadata
	SerializedPrivateMetadata []byte `codec:"data"`

	// The last KB user with writer permissions to this TLF
	// who modified this WriterMetadata
	LastModifyingWriter keybase1.UID `codec:"lmw"`

	// For public and single-team TLFs (since those don't have any
	// keys at all).
	Writers []keybase1.UserOrTeamID `codec:",omitempty"`
	// Writers identified by unresolved social assertions.
	UnresolvedWriters []keybase1.SocialAssertion `codec:"uw,omitempty"`
	// Pointer to the writer key bundle for private TLFs.
	WKeyBundleID TLFWriterKeyBundleID `codec:"wkid"`
	// Latest key generation.
	LatestKeyGen KeyGen `codec:"lkg"`

	// The directory ID, signed over to make verification easier
	ID tlf.ID
	// The branch ID, currently only set if this is in unmerged per-device history.
	BID BranchID
	// Flags
	WFlags WriterFlags

	// Estimated disk usage at this revision
	DiskUsage uint64
	// Estimated MD disk usage at this revision
	MDDiskUsage uint64 `codec:",omitempty"`
	// The total number of bytes in new data blocks
	RefBytes uint64
	// The total number of bytes in unreferenced blocks
	UnrefBytes uint64
	// The total number of bytes in new MD blocks
	MDRefBytes uint64 `codec:",omitempty"`

	codec.UnknownFieldSetHandler
}

WriterMetadataV3 stores the metadata for a TLF that is only editable by users with writer permissions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL