teams

package
v2.10.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 20, 2018 License: BSD-3-Clause, BSD-3-Clause Imports: 47 Imported by: 0

Documentation

Overview

Similar to libkb/kbsigs.go, but for teams sigs.

Index

Constants

View Source
const (
	SeitanScryptCost   = 1 << 10
	SeitanScryptR      = 8
	SeitanScryptP      = 1
	SeitanScryptKeylen = 32
)
View Source
const AuditCurrentVersion = keybase1.AuditVersion_V3

AuditCurrentVersion is the version that works with this code. Older stored versions will be discarded on load from level DB.

View Source
const FTLVersion = 1
View Source
const KBase30EncodeStd = "abcdefghjkmnpqrsuvwxyz23456789"

Key-Base 30 encoding. lower case letters except "ilot", and digits except for '0' and '1'. See TestSeitanParams for a test to make sure these two parameters match up.

View Source
const SeitanEncodedIKeyLength = 18

This is expected seitan token length, the secret "Invite Key" that is generated on one client and distributed to another via face-to- face meeting, use of a trusted courier etc.

Seitan tokens have a '+' as the fifth character. We use this to distinguish from email invite tokens (and team names). See `IsSeitany`

View Source
const TeamSigChainPlayerSupportedLinkVersion = 2

Variables

This section is empty.

Functions

func AcceptInvite

func AcceptInvite(ctx context.Context, g *libkb.GlobalContext, token string) error

func AcceptSeitan added in v1.0.34

func AcceptSeitan(ctx context.Context, g *libkb.GlobalContext, ikey SeitanIKey) error

func AcceptSeitanV2 added in v1.0.42

func AcceptSeitanV2(ctx context.Context, g *libkb.GlobalContext, ikey SeitanIKeyV2) error

func AddEmailsBulk added in v1.0.34

func AddEmailsBulk(ctx context.Context, g *libkb.GlobalContext, teamname, emails string, role keybase1.TeamRole) (resOuter keybase1.BulkRes, err error)

func AddMember

func AddMember(ctx context.Context, g *libkb.GlobalContext, teamname, username string, role keybase1.TeamRole) (res keybase1.TeamAddMemberResult, err error)

func AddMemberByID added in v1.0.40

func AddMemberByID(ctx context.Context, g *libkb.GlobalContext, teamID keybase1.TeamID, username string, role keybase1.TeamRole) (res keybase1.TeamAddMemberResult, err error)

func AllApplicationKeys added in v1.0.41

func AllApplicationKeys(mctx libkb.MetaContext, teamData *keybase1.TeamData,
	application keybase1.TeamApplication, latestGen keybase1.PerTeamKeyGeneration) (res []keybase1.TeamApplicationKey, err error)

func AllApplicationKeysWithKBFS

func AllApplicationKeysWithKBFS(mctx libkb.MetaContext, teamData *keybase1.TeamData,
	application keybase1.TeamApplication, latestGen keybase1.PerTeamKeyGeneration) (res []keybase1.TeamApplicationKey, err error)

func AnnotateSeitanInvite added in v1.0.34

func AnnotateSeitanInvite(ctx context.Context, team *Team, invite keybase1.TeamInvite) (name keybase1.TeamInviteName, err error)

func ApplicationKeyAtGeneration added in v1.0.41

func ApplicationKeyAtGeneration(mctx libkb.MetaContext, teamData *keybase1.TeamData,
	application keybase1.TeamApplication, generation keybase1.PerTeamKeyGeneration) (res keybase1.TeamApplicationKey, err error)

func ApplicationKeyAtGenerationWithKBFS

func ApplicationKeyAtGenerationWithKBFS(mctx libkb.MetaContext, teamData *keybase1.TeamData,
	application keybase1.TeamApplication, generation keybase1.PerTeamKeyGeneration) (res keybase1.TeamApplicationKey, err error)

func BackgroundPinTLFLoop

func BackgroundPinTLFLoop(m libkb.MetaContext)

func CanUserPerform added in v1.0.39

func CanUserPerform(ctx context.Context, g *libkb.GlobalContext, teamname string) (ret keybase1.TeamOperation, err error)

func CancelEmailInvite added in v1.0.34

func CancelEmailInvite(ctx context.Context, g *libkb.GlobalContext, teamname, email string) error

func CancelInviteByID added in v1.0.34

func CancelInviteByID(ctx context.Context, g *libkb.GlobalContext, teamname string, inviteID keybase1.TeamInviteID) error

func ChangeRoles

func ChangeRoles(ctx context.Context, g *libkb.GlobalContext, teamname string, req keybase1.TeamChangeReq) error

func ChangeSig

func ChangeSig(g *libkb.GlobalContext, me libkb.UserForSignatures, prev libkb.LinkID, seqno keybase1.Seqno, key libkb.GenericKey, teamSection SCTeamSection,
	linkType libkb.LinkType, merkleRoot *libkb.MerkleRoot) (*jsonw.Wrapper, error)

func ChangeTeamAvatar

func ChangeTeamAvatar(mctx libkb.MetaContext, arg keybase1.UploadTeamAvatarArg) error

func ChangeTeamSettings added in v1.0.33

func ChangeTeamSettings(ctx context.Context, g *libkb.GlobalContext, teamName string, settings keybase1.TeamSettings) error

func CreateImplicitTeam added in v1.0.29

func CreateImplicitTeam(ctx context.Context, g *libkb.GlobalContext, impTeam keybase1.ImplicitTeamDisplayName) (res keybase1.TeamID, teamName keybase1.TeamName, err error)

func CreateRootTeam

func CreateRootTeam(ctx context.Context, g *libkb.GlobalContext, nameString string, settings keybase1.TeamSettings) (res *keybase1.TeamID, err error)

func CreateSeitanToken added in v1.0.34

func CreateSeitanToken(ctx context.Context, g *libkb.GlobalContext, teamname string, role keybase1.TeamRole, label keybase1.SeitanKeyLabel) (keybase1.SeitanIKey, error)

func CreateSeitanTokenV2 added in v1.0.42

func CreateSeitanTokenV2(ctx context.Context, g *libkb.GlobalContext, teamname string, role keybase1.TeamRole, label keybase1.SeitanKeyLabel) (keybase1.SeitanIKeyV2, error)

func CreateSubteam

func CreateSubteam(ctx context.Context, g *libkb.GlobalContext, subteamBasename string,
	parentName keybase1.TeamName, addSelfAs keybase1.TeamRole) (ret *keybase1.TeamID, err error)

func CreateTLF added in v1.0.39

func CreateTLF(ctx context.Context, g *libkb.GlobalContext, arg keybase1.CreateTLFArg) (err error)

CreateTLF is called by KBFS when a TLF ID is associated with an implicit team. Should work on either named or implicit teams.

func Delete

func Details

func Details(ctx context.Context, g *libkb.GlobalContext, name string) (res keybase1.TeamDetails, err error)

Details returns TeamDetails for team name. Keybase-type invites are returned as members. It always repolls to ensure latest version of a team, but member infos (username, full name, if they reset or not) are subject to UIDMapper caching.

func EditMember

func EditMember(ctx context.Context, g *libkb.GlobalContext, teamname, username string, role keybase1.TeamRole) error

func FixupTeamGetError

func FixupTeamGetError(ctx context.Context, g *libkb.GlobalContext, e error, teamDescriptor string, publicTeam bool) error

func FormatImplicitTeamDisplayName added in v1.0.29

func FormatImplicitTeamDisplayName(ctx context.Context, g *libkb.GlobalContext, impTeamName keybase1.ImplicitTeamDisplayName) (string, error)

func FormatImplicitTeamDisplayNameWithUserFront added in v1.0.30

func FormatImplicitTeamDisplayNameWithUserFront(ctx context.Context, g *libkb.GlobalContext, impTeamName keybase1.ImplicitTeamDisplayName, frontName libkb.NormalizedUsername) (string, error)

Format an implicit display name, but order the specified username first in each of the writer and reader lists if it appears.

func GenerateSeitanSignatureMessage added in v1.0.42

func GenerateSeitanSignatureMessage(uid keybase1.UID, eldestSeqno keybase1.Seqno, inviteID SCTeamInviteID, time keybase1.Time) (payload []byte, err error)

func GetAndVerifyPerTeamKey

func GetAndVerifyPerTeamKey(mctx libkb.MetaContext, teamData *keybase1.TeamData,
	gen keybase1.PerTeamKeyGeneration) (ret keybase1.PerTeamKeySeedItem, err error)

Get a PTK seed and verify against the sigchain that is the correct key.

func GetConflictInfo added in v1.0.39

func GetConflictInfo(ctx context.Context, g *libkb.GlobalContext, id keybase1.TeamID, isFullyResolved bool, name keybase1.ImplicitTeamDisplayName) (ret keybase1.ImplicitTeamDisplayName, err error)

func GetKBFSTeamSettings added in v1.0.39

func GetKBFSTeamSettings(ctx context.Context, g *libkb.GlobalContext, isPublic bool, teamID keybase1.TeamID) (res keybase1.KBFSTeamSettings, err error)

func GetTarsDisabled added in v1.0.40

func GetTarsDisabled(ctx context.Context, g *libkb.GlobalContext, teamname string) (bool, error)

func GetTeamAndMemberShowcase added in v1.0.34

func GetTeamAndMemberShowcase(ctx context.Context, g *libkb.GlobalContext, teamname string) (ret keybase1.TeamAndMemberShowcase, err error)

func GetTeamIDByNameRPC

func GetTeamIDByNameRPC(mctx libkb.MetaContext, teamName string) (res keybase1.TeamID, err error)

func GetTeamShowcase added in v1.0.34

func GetTeamShowcase(ctx context.Context, g *libkb.GlobalContext, teamname string) (ret keybase1.TeamShowcase, err error)

func HandleChangeNotification

func HandleChangeNotification(ctx context.Context, g *libkb.GlobalContext, rows []keybase1.TeamChangeRow, changes keybase1.TeamChangeSet) (err error)

func HandleDeleteNotification added in v1.0.30

func HandleDeleteNotification(ctx context.Context, g *libkb.GlobalContext, rows []keybase1.TeamChangeRow) (err error)

func HandleExitNotification added in v1.0.33

func HandleExitNotification(ctx context.Context, g *libkb.GlobalContext, rows []keybase1.TeamExitRow) (err error)

func HandleForceRepollNotification

func HandleForceRepollNotification(ctx context.Context, g *libkb.GlobalContext, dtime gregor.TimeOrOffset) error

func HandleNewlyAddedToTeamNotification

func HandleNewlyAddedToTeamNotification(ctx context.Context, g *libkb.GlobalContext, rows []keybase1.TeamNewlyAddedRow) (err error)

func HandleOpenTeamAccessRequest added in v1.0.33

func HandleOpenTeamAccessRequest(ctx context.Context, g *libkb.GlobalContext, msg keybase1.TeamOpenReqMsg) (err error)

func HandleRotateRequest

func HandleRotateRequest(ctx context.Context, g *libkb.GlobalContext, msg keybase1.TeamCLKRMsg) (err error)

func HandleSBSRequest

func HandleSBSRequest(ctx context.Context, g *libkb.GlobalContext, msg keybase1.TeamSBSMsg) (err error)

func HandleTeamSeitan added in v1.0.34

func HandleTeamSeitan(ctx context.Context, g *libkb.GlobalContext, msg keybase1.TeamSeitanMsg) (err error)

func IgnoreRequest

func IgnoreRequest(ctx context.Context, g *libkb.GlobalContext, teamName, username string) error

func ImplicitAdmins added in v1.0.34

func ImplicitAdmins(ctx context.Context, g *libkb.GlobalContext, teamID keybase1.TeamID) (res []keybase1.TeamMemberDetails, err error)

List all the admins of ancestor teams. Includes admins of the specified team only if they are also admins of ancestor teams.

func InviteEmailMember

func InviteEmailMember(ctx context.Context, g *libkb.GlobalContext, teamname, email string, role keybase1.TeamRole) error

func IsSeitany added in v1.0.39

func IsSeitany(s string) bool

IsSeitany is a very conservative check of whether a given string looks like a Seitan token. We want to err on the side of considering strings Seitan tokens, since we don't mistakenly want to send botched Seitan tokens to the server.

func IsTeamReadError added in v1.0.43

func IsTeamReadError(err error) bool

func Leave

func Leave(ctx context.Context, g *libkb.GlobalContext, teamname string, permanent bool) error

func ListMyAccessRequests added in v1.0.39

func ListMyAccessRequests(ctx context.Context, g *libkb.GlobalContext, teamName *string) (res []keybase1.TeamName, err error)

func ListRequests

func ListRequests(ctx context.Context, g *libkb.GlobalContext, teamName *string) ([]keybase1.TeamJoinRequest, error)

func ListSubteamsRecursive added in v1.0.33

func ListSubteamsRecursive(ctx context.Context, g *libkb.GlobalContext,
	parentTeamName string, forceRepoll bool) (res []keybase1.TeamIDAndName, err error)

func ListTeamsUnverified added in v1.0.40

func ListTeamsVerified added in v1.0.40

func LoadTeamPlusApplicationKeys

func LoadTeamPlusApplicationKeys(ctx context.Context, g *libkb.GlobalContext, id keybase1.TeamID,
	application keybase1.TeamApplication, refreshers keybase1.TeamRefreshers, includeKBFSKeys bool) (res keybase1.TeamPlusApplicationKeys, err error)

func LookupImplicitTeamIDUntrusted

func LookupImplicitTeamIDUntrusted(ctx context.Context, g *libkb.GlobalContext, displayName string,
	public bool) (res keybase1.TeamID, err error)

func MapImplicitTeamIDToDisplayName added in v1.0.39

func MapImplicitTeamIDToDisplayName(ctx context.Context, g *libkb.GlobalContext, id keybase1.TeamID, isPublic bool) (folder keybase1.Folder, err error)

func MemberRole

func MemberRole(ctx context.Context, g *libkb.GlobalContext, teamname, username string) (role keybase1.TeamRole, err error)

func NewAdminPermissionRequiredError

func NewAdminPermissionRequiredError() error

func NewAttemptedInviteSocialOwnerError

func NewAttemptedInviteSocialOwnerError(assertion string) error

func NewAuditError

func NewAuditError(format string, args ...interface{}) error

func NewBadPublicError

func NewBadPublicError(id keybase1.TeamID, isPublic bool) error

func NewCompoundInviteError

func NewCompoundInviteError(s string) error

func NewExplicitTeamOperationError added in v1.0.39

func NewExplicitTeamOperationError(m string) error

func NewFTLMissingSeedError

func NewFTLMissingSeedError(g keybase1.PerTeamKeyGeneration) error

func NewFastLoadError

func NewFastLoadError(format string, args ...interface{}) error

func NewGreenLinkError added in v1.0.34

func NewGreenLinkError(seqno keybase1.Seqno) error

func NewImplicitAdminCannotLeaveError added in v1.0.34

func NewImplicitAdminCannotLeaveError() error

func NewImplicitTeamConflictInfoCache added in v1.0.39

func NewImplicitTeamConflictInfoCache(g *libkb.GlobalContext) *lru.Cache

func NewImplicitTeamConflictInfoCacheAndInstall added in v1.0.39

func NewImplicitTeamConflictInfoCacheAndInstall(g *libkb.GlobalContext)

func NewImplicitTeamName added in v1.0.29

func NewImplicitTeamName() (res keybase1.TeamName, err error)

func NewImplicitTeamOperationError added in v1.0.29

func NewImplicitTeamOperationError(format string, args ...interface{}) error

func NewKeyMaskNotFoundErrorForApplication added in v1.0.29

func NewKeyMaskNotFoundErrorForApplication(a keybase1.TeamApplication) libkb.KeyMaskNotFoundError

func NewKeyMaskNotFoundErrorForApplicationAndGeneration added in v1.0.29

func NewKeyMaskNotFoundErrorForApplicationAndGeneration(a keybase1.TeamApplication, g keybase1.PerTeamKeyGeneration) libkb.KeyMaskNotFoundError

func NewMixedServerTrustAssertionError

func NewMixedServerTrustAssertionError() error

func NewPrecheckAppendError added in v1.0.46

func NewPrecheckAppendError(inner error) error

func NewPrecheckStructuralError added in v1.0.46

func NewPrecheckStructuralError(message string, inner error) error

func NewPrevError

func NewPrevError(format string, args ...interface{}) error

func NewSubteamID

func NewSubteamID(public bool) keybase1.TeamID

15 random bytes, followed by the byte 0x25, encoded as hex

func NewSubteamOwnersError added in v1.0.34

func NewSubteamOwnersError() error

func NewSubteamSig

func NewSubteamSig(g *libkb.GlobalContext, me libkb.UserForSignatures, key libkb.GenericKey, parentTeam *TeamSigChainState, subteamName keybase1.TeamName, subteamID keybase1.TeamID, admin *SCTeamAdmin) (*jsonw.Wrapper, error)

func NewTeamDeletedError added in v1.0.34

func NewTeamDeletedError() error

func NewTeamDoesNotExistError

func NewTeamDoesNotExistError(public bool, format string, args ...interface{}) error

func NewUnsupportedLinkTypeError added in v1.0.34

func NewUnsupportedLinkTypeError(outerType libkb.SigchainV2Type, innerType string) error

func NewUserHasNotResetError

func NewUserHasNotResetError(format string, args ...interface{}) error

func NewUserVersion

func NewUserVersion(uid keybase1.UID, eldestSeqno keybase1.Seqno) keybase1.UserVersion

Create a new user/version pair.

func ParseAndAcceptSeitanToken added in v1.0.39

func ParseAndAcceptSeitanToken(ctx context.Context, g *libkb.GlobalContext, tok string) (wasSeitan bool, err error)

func ParseSeitanTokenFromPaste added in v1.0.39

func ParseSeitanTokenFromPaste(token string) (string, bool)

Returns the string that might be the token, and whether the content looked like a token paste.

func ProfileTeamLoad

func ProfileTeamLoad(mctx libkb.MetaContext, arg keybase1.LoadTeamArg) (res keybase1.ProfileTeamLoadRes, err error)

func PurgeResolverTeamID

func PurgeResolverTeamID(ctx context.Context, g *libkb.GlobalContext, teamID keybase1.TeamID) error

func ReAddMemberAfterReset added in v1.0.29

func ReAddMemberAfterReset(ctx context.Context, g *libkb.GlobalContext, teamID keybase1.TeamID,
	username string) (err error)

func RemoveMember

func RemoveMember(ctx context.Context, g *libkb.GlobalContext, teamname, username string) error

func RenameSubteam

func RenameSubteam(ctx context.Context, g *libkb.GlobalContext, prevName keybase1.TeamName, newName keybase1.TeamName) error

func RenameSubteamSig

func RenameSubteamSig(g *libkb.GlobalContext, me libkb.UserForSignatures, key libkb.GenericKey, parentTeam *TeamSigChainState, teamSection SCTeamSection) (*jsonw.Wrapper, error)

func RenameUpPointerSig

func RenameUpPointerSig(g *libkb.GlobalContext, me libkb.UserForSignatures, key libkb.GenericKey, subteam *TeamSigChainState, teamSection SCTeamSection) (*jsonw.Wrapper, error)

func ResolveIDToName

func ResolveIDToName(ctx context.Context, g *libkb.GlobalContext, id keybase1.TeamID) (name keybase1.TeamName, err error)

ResolveIDToName takes a team ID and resolves it to a name. It can use server-assist but always cryptographically checks the result.

func ResolveIDToNameForceRefresh

func ResolveIDToNameForceRefresh(ctx context.Context, g *libkb.GlobalContext, id keybase1.TeamID) (name keybase1.TeamName, err error)

ResolveIDToNameForceRefresh is like ResolveIDToName but forces a refresh of the FTL cache.

func ResolveImplicitTeamDisplayName added in v1.0.31

func ResolveImplicitTeamDisplayName(ctx context.Context, g *libkb.GlobalContext,
	name string, public bool) (res keybase1.ImplicitTeamDisplayName, err error)

Resolve assertions in an implicit team display name and verify the result. Resolve an implicit team name with assertions like "alice,bob+bob@twitter#char (conflicted copy 2017-03-04 #1)" Into "alice,bob#char (conflicted copy 2017-03-04 #1)" The input can contain compound assertions, but if compound assertions are left unresolved, an error will be returned.

func ResolveImplicitTeamSetUntrusted added in v1.0.31

func ResolveImplicitTeamSetUntrusted(ctx context.Context, g *libkb.GlobalContext,
	sourceAssertions []libkb.AssertionExpression, resSet *keybase1.ImplicitTeamUserSet, resolvedAssertions *[]libkb.ResolvedAssertion) error

Try to resolve implicit team members. Modifies the arguments `resSet` and appends to `resolvedAssertions`. For each assertion in `sourceAssertions`, try to resolve them.

If they resolve, add the username to `resSet` and the assertion to `resolvedAssertions`.
If they don't resolve, add the SocialAssertion to `resSet`, but nothing to `resolvedAssertions`.

func ResolveNameToID

func ResolveNameToID(ctx context.Context, g *libkb.GlobalContext, name keybase1.TeamName) (id keybase1.TeamID, err error)

ResolveNameToID takes a team name and resolves it to a team ID. It can use server-assist but always cryptographically checks the result.

func ResolveNameToIDForceRefresh

func ResolveNameToIDForceRefresh(ctx context.Context, g *libkb.GlobalContext, name keybase1.TeamName) (id keybase1.TeamID, err error)

ResolveNameToIDForceRefresh is just like ResolveNameToID but it forces a refresh.

func RetryOnSigOldSeqnoError added in v1.0.34

func RetryOnSigOldSeqnoError(ctx context.Context, g *libkb.GlobalContext, post func(ctx context.Context, attempt int) error) (err error)

Try to run `post` (expected to post new team sigchain links). Retry it several times if it fails due to being behind the latest team sigchain state. Passes the attempt number (initially 0) to `post`.

func RotateKey added in v1.0.39

func RotateKey(ctx context.Context, g *libkb.GlobalContext, teamID keybase1.TeamID) (err error)

func SendChatInviteWelcomeMessage added in v1.0.34

func SendChatInviteWelcomeMessage(ctx context.Context, g *libkb.GlobalContext, team string,
	category keybase1.TeamInviteCategory, inviter, invitee keybase1.UID) (res bool)

func SendTeamChatChangeAvatar

func SendTeamChatChangeAvatar(mctx libkb.MetaContext, team, username string) bool

func SendTeamChatCreateMessage added in v1.0.39

func SendTeamChatCreateMessage(ctx context.Context, g *libkb.GlobalContext, team, creator string) bool

func SendTeamChatWelcomeMessage added in v1.0.34

func SendTeamChatWelcomeMessage(ctx context.Context, g *libkb.GlobalContext, team, user string) (err error)

func ServiceInit added in v1.0.39

func ServiceInit(g *libkb.GlobalContext)

func SetRoleAdmin

func SetRoleAdmin(ctx context.Context, g *libkb.GlobalContext, teamname, username string) error

func SetRoleOwner

func SetRoleOwner(ctx context.Context, g *libkb.GlobalContext, teamname, username string) error

func SetRoleReader

func SetRoleReader(ctx context.Context, g *libkb.GlobalContext, teamname, username string) error

func SetRoleWriter

func SetRoleWriter(ctx context.Context, g *libkb.GlobalContext, teamname, username string) error

func SetTarsDisabled added in v1.0.40

func SetTarsDisabled(ctx context.Context, g *libkb.GlobalContext, teamname string, disabled bool) error

func SetTeamMemberShowcase added in v1.0.34

func SetTeamMemberShowcase(ctx context.Context, g *libkb.GlobalContext, teamname string, isShowcased bool) error

func SetTeamShowcase added in v1.0.34

func SetTeamShowcase(ctx context.Context, g *libkb.GlobalContext, teamname string, isShowcased *bool, description *string, anyMemberShowcase *bool) error

func ShouldSuppressLogging

func ShouldSuppressLogging(ctx context.Context) bool

func SubteamHeadSig

func SubteamHeadSig(g *libkb.GlobalContext, me libkb.UserForSignatures, key libkb.GenericKey, subteamTeamSection SCTeamSection) (*jsonw.Wrapper, error)

func TeamAcceptInviteOrRequestAccess added in v1.0.30

func TeamAcceptInviteOrRequestAccess(ctx context.Context, g *libkb.GlobalContext, tokenOrName string) (keybase1.TeamAcceptOrRequestResult, error)

func TeamDebug added in v1.0.39

func TeamDebug(ctx context.Context, g *libkb.GlobalContext, teamID keybase1.TeamID) (res keybase1.TeamDebugRes, err error)

func TeamProfileAddList

func TeamProfileAddList(ctx context.Context, g *libkb.GlobalContext, username string) (res []keybase1.TeamProfileAddEntry, err error)

func TryDecryptWithTeamKey

func TryDecryptWithTeamKey(mctx libkb.MetaContext, arg keybase1.TryDecryptWithTeamKeyArg) (ret []byte, err error)

func UpgradeTLFIDToImpteam added in v1.0.41

func UpgradeTLFIDToImpteam(ctx context.Context, g *libkb.GlobalContext, tlfName string, tlfID keybase1.TLFID,
	public bool, appType keybase1.TeamApplication, cryptKeys []keybase1.CryptKey) (err error)

func UseRKMForApp added in v1.0.41

func UseRKMForApp(application keybase1.TeamApplication) bool

func VerifySeitanSignatureMessage added in v1.0.42

func VerifySeitanSignatureMessage(pubKey SeitanPubKey, msg []byte, sig SeitanSig) error

func WithSuppressLogging

func WithSuppressLogging(ctx context.Context, suppress bool) context.Context

Types

type AddMemberTx added in v1.0.42

type AddMemberTx struct {

	// Override whether the team key is rotated.
	SkipKeyRotation *bool
	// contains filtered or unexported fields
}

AddMemberTx helps build a transaction that may contain multiple team sigchain links. The caller can use the transaction to add users to a team whether they be pukful, pukless, or social assertions. Behind the scenes cryptomembers and invites may be removed if they are for stale versions of the addees. Not threadsafe.

func CreateAddMemberTx added in v1.0.42

func CreateAddMemberTx(t *Team) *AddMemberTx

func (*AddMemberTx) AddMemberByAssertionOrEmail

func (tx *AddMemberTx) AddMemberByAssertionOrEmail(ctx context.Context, assertion string, role keybase1.TeamRole) (username libkb.NormalizedUsername, uv keybase1.UserVersion, invite bool, err error)

AddMemberByAssertionOrEmail adds an assertion to the team. It can handle three major cases:

  1. joe OR joe+foo@reddit WHERE joe is already a keybase user, or the assertions map to a unique keybase user
  2. joe@reddit WHERE joe isn't a keybase user, and this is a social invitations
  3. [bob@gmail.com]@email WHERE there's an email-based invitation in play

**Does** attempt to resolve the assertion, to distinguish between case (1), case (2) and an error The return values (uv, username) can both be zero-valued if the assertion is not a keybase user.

func (*AddMemberTx) AddMemberBySBS added in v1.0.46

func (tx *AddMemberTx) AddMemberBySBS(ctx context.Context, invitee keybase1.TeamInvitee, role keybase1.TeamRole) (err error)

AddMemberBySBS is very similar in what it does to addMemberByUPAKV2 (or AddMemberBy* family of functions), but it has easier job because it only adds cryptomembers and fails on PUKless users. It also sets invite referenced by `invitee.InviteID` as Completed by UserVersion from `invitee` in the same ChangeMembership link that adds the user to the team.

AddMemberBySBS assumes that member role is already checked by the caller, so it might generate invalid signature if invitee is already a member with same role.

func (*AddMemberTx) AddMemberByUV added in v1.0.46

func (tx *AddMemberTx) AddMemberByUV(ctx context.Context, uv keybase1.UserVersion, role keybase1.TeamRole) (err error)

AddMemberByUsername will add member by UV and role. It checks if given UV is valid (that we don't have outdated EldestSeqno), and if user has PUK, and if not, it properly handles that by adding Keybase-type invite. It also cleans up old invites and memberships.

func (*AddMemberTx) AddMemberByUsername added in v1.0.42

func (tx *AddMemberTx) AddMemberByUsername(ctx context.Context, username string, role keybase1.TeamRole) (err error)

AddMemberByUsername will add member by username and role. It checks if given username can become crypto member or a PUKless member. It will also clean up old invites and memberships if necessary.

func (*AddMemberTx) CancelInvite added in v1.0.46

func (tx *AddMemberTx) CancelInvite(id keybase1.TeamInviteID, forUID keybase1.UID)

func (*AddMemberTx) CompleteInviteByID added in v1.0.46

func (tx *AddMemberTx) CompleteInviteByID(ctx context.Context, inviteID keybase1.TeamInviteID, uv keybase1.UserVersion) error

func (*AddMemberTx) CompleteSocialInvitesFor added in v1.0.42

func (tx *AddMemberTx) CompleteSocialInvitesFor(ctx context.Context, uv keybase1.UserVersion, username string) (err error)

func (*AddMemberTx) DebugPayloads added in v1.0.42

func (tx *AddMemberTx) DebugPayloads() (res []interface{})

func (*AddMemberTx) IsEmpty added in v1.0.46

func (tx *AddMemberTx) IsEmpty() bool

func (*AddMemberTx) Post added in v1.0.42

func (tx *AddMemberTx) Post(mctx libkb.MetaContext) (err error)

func (*AddMemberTx) ReAddMemberToImplicitTeam added in v1.0.46

func (tx *AddMemberTx) ReAddMemberToImplicitTeam(uv keybase1.UserVersion, hasPUK bool, role keybase1.TeamRole) error

type AddMembersError

type AddMembersError struct {
	Assertion string
	Err       error
}

func NewAddMembersError

func NewAddMembersError(a string, e error) AddMembersError

func (AddMembersError) Error

func (a AddMembersError) Error() string

type AddMembersRes

type AddMembersRes struct {
	Invite   bool                     // Whether the membership addition was an invite.
	Username libkb.NormalizedUsername // Resolved username. May be nil for social assertions.
}

func AddMembers

func AddMembers(ctx context.Context, g *libkb.GlobalContext, teamname string, users []keybase1.UserRolePair) (res []AddMembersRes, err error)

AddMembers adds a bunch of people to a team. Assertions can contain usernames or social assertions. Adds them all in a transaction so it's all or nothing. On success, returns a list where len(res)=len(assertions) and in corresponding order.

type AdminNotFoundError

type AdminNotFoundError struct {
	Admin SCTeamAdmin
}

func NewAdminNotFoundError

func NewAdminNotFoundError(a SCTeamAdmin) AdminNotFoundError

func (AdminNotFoundError) Error

func (e AdminNotFoundError) Error() string

type AdminPermissionError

type AdminPermissionError struct {
	TeamID      keybase1.TeamID
	UserVersion keybase1.UserVersion
	Desc        string
}

func (AdminPermissionError) Error

func (e AdminPermissionError) Error() string

type AdminPermissionRequiredError

type AdminPermissionRequiredError struct{}

func (AdminPermissionRequiredError) Error

type AnnotatedInviteMap added in v1.0.40

type AnnotatedInviteMap map[keybase1.TeamInviteID]keybase1.AnnotatedTeamInvite

func AnnotateInvites

func AnnotateInvites(ctx context.Context, g *libkb.GlobalContext, team *Team) (AnnotatedInviteMap, error)

func AnnotateInvitesUIDMapper added in v1.0.40

func AnnotateInvitesUIDMapper(ctx context.Context, g *libkb.GlobalContext, team *Team,
	members *keybase1.TeamMembersDetails) (AnnotatedInviteMap, error)

AnnotateInvitesUIDMapper does what AnnotateInvites does but using UIDMapper, so it's fast but may be wrong. It also puts any keybase invites to members set which reference should be passed as argument. PUKless members also will not be present in returned AnnotatedInviteMap.

type AppendLinkError

type AppendLinkError struct {
	// contains filtered or unexported fields
}

func NewAppendLinkError

func NewAppendLinkError(l *ChainLinkUnpacked, prevSeqno keybase1.Seqno, inner error) AppendLinkError

func (AppendLinkError) Error

func (e AppendLinkError) Error() string

type AttemptedInviteSocialOwnerError

type AttemptedInviteSocialOwnerError struct{ Msg string }

func (AttemptedInviteSocialOwnerError) Error

type AuditError

type AuditError struct {
	Msg string
}

func (AuditError) Error

func (e AuditError) Error() string

type Auditor

type Auditor struct {
	// contains filtered or unexported fields
}

func NewAuditor

func NewAuditor(g *libkb.GlobalContext) *Auditor

NewAuditor makes a new auditor

func NewAuditorAndInstall

func NewAuditorAndInstall(g *libkb.GlobalContext) *Auditor

NewAuditorAndInstall makes a new Auditor and dangles it off of the given GlobalContext.

func (*Auditor) AuditTeam

func (a *Auditor) AuditTeam(m libkb.MetaContext, id keybase1.TeamID, isPublic bool, headMerkleSeqno keybase1.Seqno, chain map[keybase1.Seqno]keybase1.LinkID, maxSeqno keybase1.Seqno) (err error)

AuditTeam runs an audit on the links of the given team chain (or team chain suffix). The security factor of the audit is a function of the hardcoded parameters above, and the amount of time since the last audit. This method should use some sort of long-lived cache (via local DB) so that previous audits can be combined with the current one. headMerkleSeqno is is the Merkle Root claimed in the head of the team. maxSeqno is the maximum seqno of the chainLinks passed; that is, the highest Seqno for which chain[s] is defined.

func (*Auditor) OnLogout

func (a *Auditor) OnLogout(m libkb.MetaContext)

type BadNameError

type BadNameError struct {
	Msg string
}

func NewBadNameError

func NewBadNameError(s string) BadNameError

func (BadNameError) Error

func (b BadNameError) Error() string

type BadPublicError

type BadPublicError struct {
	// contains filtered or unexported fields
}

func (BadPublicError) Error

func (e BadPublicError) Error() string

type ChainLinkUnpacked

type ChainLinkUnpacked struct {
	// contains filtered or unexported fields
}
func UnpackChainLink(link *SCChainLink) (*ChainLinkUnpacked, error)

func (*ChainLinkUnpacked) AssertInnerOuterMatch

func (l *ChainLinkUnpacked) AssertInnerOuterMatch() (err error)

func (*ChainLinkUnpacked) LinkID

func (l *ChainLinkUnpacked) LinkID() libkb.LinkID

func (ChainLinkUnpacked) LinkTriple

func (l ChainLinkUnpacked) LinkTriple() keybase1.LinkTriple

func (*ChainLinkUnpacked) LinkType

func (l *ChainLinkUnpacked) LinkType() libkb.SigchainV2Type

func (*ChainLinkUnpacked) Prev

func (l *ChainLinkUnpacked) Prev() libkb.LinkID

func (*ChainLinkUnpacked) SeqType

func (l *ChainLinkUnpacked) SeqType() keybase1.SeqType

func (*ChainLinkUnpacked) Seqno

func (l *ChainLinkUnpacked) Seqno() keybase1.Seqno

func (ChainLinkUnpacked) SigChainLocation

func (l ChainLinkUnpacked) SigChainLocation() keybase1.SigChainLocation

func (*ChainLinkUnpacked) SigID

func (l *ChainLinkUnpacked) SigID() keybase1.SigID

func (ChainLinkUnpacked) SignatureMetadata

func (l ChainLinkUnpacked) SignatureMetadata() keybase1.SignatureMetadata

type ChangeMembershipOptions added in v1.0.48

type ChangeMembershipOptions struct {
	// Pass "permanent" flag, user will not be able to request access
	// to the team again, admin will have to add them back.
	Permanent bool

	// Do not rotate team key, even on member removals. Server will
	// queue CLKR if client sends removals without rotation.
	SkipKeyRotation bool
}

type CompoundInviteError

type CompoundInviteError struct {
	Assertion string
}

func (CompoundInviteError) Error

func (e CompoundInviteError) Error() string

type DiskStorageItem

type DiskStorageItem struct {
	Version int                `codec:"V"`
	State   *keybase1.TeamData `codec:"S"`
}

type ExplicitTeamOperationError added in v1.0.39

type ExplicitTeamOperationError struct {
	// contains filtered or unexported fields
}

func (ExplicitTeamOperationError) Error added in v1.0.39

type FTLMissingSeedError

type FTLMissingSeedError struct {
	// contains filtered or unexported fields
}

func (FTLMissingSeedError) Error

func (e FTLMissingSeedError) Error() string

type FTLStorage

type FTLStorage struct {
	// contains filtered or unexported fields
}

FTLStorage stores FTL state to disk or memory.

func NewFTLStorage

func NewFTLStorage(g *libkb.GlobalContext) *FTLStorage

func (FTLStorage) Delete

func (s FTLStorage) Delete(mctx libkb.MetaContext, teamID keybase1.TeamID, public bool) error

func (*FTLStorage) Get

func (s *FTLStorage) Get(mctx libkb.MetaContext, teamID keybase1.TeamID, public bool) *keybase1.FastTeamData

Can return nil.

func (*FTLStorage) Put

func (s *FTLStorage) Put(mctx libkb.MetaContext, state *keybase1.FastTeamData)

type FastLoadError

type FastLoadError struct {
	Msg string
}

func (FastLoadError) Error

func (f FastLoadError) Error() string

type FastTeamChainLoader

type FastTeamChainLoader struct {
	// contains filtered or unexported fields
}

FastTeamChainLoader loads teams using the "fast approach." It doesn't compute membership or check any signatures. It just checks for consistency against the merkle tree, and audits that the merkle tree is being faithfully constructed.

func NewFastTeamLoader

func NewFastTeamLoader(g *libkb.GlobalContext) *FastTeamChainLoader

NewFastLoader makes a new fast loader and initializes it.

func NewFastTeamLoaderAndInstall

func NewFastTeamLoaderAndInstall(g *libkb.GlobalContext) *FastTeamChainLoader

NewFastTeamLoaderAndInstall creates a new loader and installs it into G.

func (*FastTeamChainLoader) ForceRepollUntil

func (f *FastTeamChainLoader) ForceRepollUntil(m libkb.MetaContext, dtime gregor.TimeOrOffset) error

func (*FastTeamChainLoader) HintLatestSeqno

func (f *FastTeamChainLoader) HintLatestSeqno(m libkb.MetaContext, id keybase1.TeamID, seqno keybase1.Seqno) (err error)

func (*FastTeamChainLoader) InForceRepollMode

func (f *FastTeamChainLoader) InForceRepollMode(m libkb.MetaContext) bool

func (*FastTeamChainLoader) Load

Load fast-loads the given team. Provide some hints as to how to load it. You can specify an application and key generations needed, if you are entering chat. Those links will be returned unstubbed from the server, and then the keys can be output in the result.

func (*FastTeamChainLoader) OnLogout

func (f *FastTeamChainLoader) OnLogout()

OnLogout is called when the user logs out, which pruges the LRU.

func (*FastTeamChainLoader) VerifyTeamName

func (f *FastTeamChainLoader) VerifyTeamName(m libkb.MetaContext, id keybase1.TeamID, name keybase1.TeamName, forceRefresh bool) (err error)

VerifyTeamName verifies that the given ID aligns with the given name, using the Merkle tree only (and not verifying sigs along the way).

type GreenLinkError added in v1.0.34

type GreenLinkError struct {
	// contains filtered or unexported fields
}

The sigchain link is problematically new.

func (GreenLinkError) Error added in v1.0.34

func (e GreenLinkError) Error() string

type ImplicitAdminCannotLeaveError added in v1.0.34

type ImplicitAdminCannotLeaveError struct{}

func (ImplicitAdminCannotLeaveError) Error added in v1.0.34

type ImplicitTeamOperationError added in v1.0.29

type ImplicitTeamOperationError struct {
	// contains filtered or unexported fields
}

func (ImplicitTeamOperationError) Error added in v1.0.29

type InflateError

type InflateError struct {
	// contains filtered or unexported fields
}

func NewInflateError

func NewInflateError(l *ChainLinkUnpacked) InflateError

func NewInflateErrorWithNote

func NewInflateErrorWithNote(l *ChainLinkUnpacked, note string) InflateError

func (InflateError) Error

func (e InflateError) Error() string
type InvalidLink struct {
	// contains filtered or unexported fields
}
func NewInvalidLink(l *ChainLinkUnpacked, format string, args ...interface{}) InvalidLink

func (InvalidLink) Error

func (e InvalidLink) Error() string

type InviteError

type InviteError struct {
	// contains filtered or unexported fields
}

func NewInviteError

func NewInviteError(m string) InviteError

func (InviteError) Error

func (i InviteError) Error() string

type KBFSKeyGenerationError

type KBFSKeyGenerationError struct {
	Required, Exists int
}

func NewKBFSKeyGenerationError

func NewKBFSKeyGenerationError(required, exists int) KBFSKeyGenerationError

func (KBFSKeyGenerationError) Error

func (e KBFSKeyGenerationError) Error() string

type LameSecretUI

type LameSecretUI struct{}

func (LameSecretUI) GetPassphrase

func (d LameSecretUI) GetPassphrase(pinentry keybase1.GUIEntryArg, terminal *keybase1.SecretEntryArg) (keybase1.GetPassphraseRes, error)

type LinkRules added in v1.0.46

type LinkRules struct {
	// Sections
	Name             Tristate
	Members          Tristate
	Parent           Tristate
	Subteam          Tristate
	PerTeamKey       Tristate
	Admin            Tristate
	Invites          Tristate
	CompletedInvites Tristate
	Settings         Tristate
	KBFS             Tristate

	AllowInImplicitTeam bool // whether this link is allowed in implicit team chains
	AllowInflate        bool // whether this link is allowed to be filled later
	FirstInChain        bool // whether this link must be the beginning of the chain
}

LinkRules describes what fields and properties are required for a link type. Default values are the strictest. Keep this in sync with `func enforce`.

type LoaderContext

type LoaderContext interface {
	// contains filtered or unexported methods
}

Things TeamLoader uses that are mocked out for tests.

func NewLoaderContextFromG

func NewLoaderContextFromG(g *libkb.GlobalContext) LoaderContext

type LoaderContextG

type LoaderContextG struct {
	libkb.Contextified
}

The main LoaderContext is G.

type MemberChecker

type MemberChecker interface {
	IsMember(context.Context, keybase1.UserVersion) bool
}

type MemberMap added in v1.0.48

type MixedServerTrustAssertionError

type MixedServerTrustAssertionError struct{}

func (MixedServerTrustAssertionError) Error

type PerTeamSharedSecretBox

type PerTeamSharedSecretBox struct {
	Version         uint
	PerUserKeySeqno keybase1.Seqno
	NonceCounter    uint32
	Ctext           []byte
	// contains filtered or unexported fields
}

type PerTeamSharedSecretBoxes

type PerTeamSharedSecretBoxes struct {
	Generation    keybase1.PerTeamKeyGeneration `json:"generation"`
	EncryptingKid keybase1.KID                  `json:"encrypting_kid"`
	Nonce         string                        `json:"nonce"`
	PrevKey       *prevKeySealedEncoded         `json:"prev"`
	Boxes         map[keybase1.UID]string       `json:"boxes"`
}

type PermissionError

type PermissionError struct {
	TeamID      keybase1.TeamID
	UserVersion keybase1.UserVersion
	Desc        string
}

func (PermissionError) Error

func (e PermissionError) Error() string

type PrecheckAppendError added in v1.0.46

type PrecheckAppendError struct {
	Inner error
}

func (PrecheckAppendError) Error added in v1.0.46

func (e PrecheckAppendError) Error() string

type PrecheckStructuralError added in v1.0.46

type PrecheckStructuralError struct {
	Inner error
	Msg   string
}

func (PrecheckStructuralError) Error added in v1.0.46

func (e PrecheckStructuralError) Error() string

type PrevError

type PrevError struct {
	Msg string
}

func (PrevError) Error

func (e PrevError) Error() string

type ProofError

type ProofError struct {
	// contains filtered or unexported fields
}

func NewProofError

func NewProofError(p proof, s string) ProofError

func (ProofError) Error

func (p ProofError) Error() string

type ResolveError

type ResolveError struct {
	// contains filtered or unexported fields
}

func NewResolveError

func NewResolveError(name keybase1.TeamName, id keybase1.TeamID) ResolveError

func (ResolveError) Error

func (e ResolveError) Error() string
type SCChainLink struct {
	Seqno        keybase1.Seqno   `json:"seqno"`
	Sig          string           `json:"sig"`
	SigV2Payload string           `json:"s2"`
	Payload      string           `json:"payload_json"` // String containing json of a SCChainLinkPayload
	UID          keybase1.UID     `json:"uid"`          // UID of the signer
	EldestSeqno  keybase1.Seqno   `json:"eldest_seqno"` // Eldest seqn of the signer
	Version      libkb.SigVersion `json:"version"`
}
func ParseTeamChainLink(link string) (res SCChainLink, err error)

Parse a chain link from a string. Just parses, does not validate.

func (*SCChainLink) UnmarshalPayload

func (link *SCChainLink) UnmarshalPayload() (res SCChainLinkPayload, err error)

type SCChainLinkPayload

type SCChainLinkPayload struct {
	Body                SCPayloadBody                `json:"body,omitempty"`
	Ctime               int                          `json:"ctime,omitempty"`
	ExpireIn            int                          `json:"expire_in,omitempty"`
	Prev                *string                      `json:"prev,omitempty"`
	SeqType             keybase1.SeqType             `json:"seq_type,omitempty"`
	Seqno               keybase1.Seqno               `json:"seqno,omitempty"`
	Tag                 string                       `json:"tag,omitempty"`
	IgnoreIfUnsupported libkb.SigIgnoreIfUnsupported `json:"ignore_if_unsupported,omitempty"`
}

func (SCChainLinkPayload) SigChainLocation

func (s SCChainLinkPayload) SigChainLocation() keybase1.SigChainLocation

func (*SCChainLinkPayload) SignatureMetadata

func (i *SCChainLinkPayload) SignatureMetadata() keybase1.SignatureMetadata

func (SCChainLinkPayload) TeamAdmin

func (s SCChainLinkPayload) TeamAdmin() *SCTeamAdmin

func (SCChainLinkPayload) TeamID

func (s SCChainLinkPayload) TeamID() (keybase1.TeamID, error)

type SCKeySection

type SCKeySection struct {
	KID       keybase1.KID `json:"kid"`
	UID       keybase1.UID `json:"uid"`
	Username  string       `json:"username,omitempty"`
	EldestKID keybase1.KID `json:"eldest_kid"`
	Host      string       `json:"host,omitempty"`
}

type SCMapInviteIDToUV added in v1.0.41

type SCMerkleRootSection

type SCMerkleRootSection struct {
	Ctime    int               `json:"ctime"`
	Seqno    keybase1.Seqno    `json:"seqno"`
	HashMeta keybase1.HashMeta `json:"hash_meta"`
}

func (SCMerkleRootSection) ToMerkleRootV2

func (sr SCMerkleRootSection) ToMerkleRootV2() keybase1.MerkleRootV2

type SCPayloadBody

type SCPayloadBody struct {
	Key        *SCKeySection       `json:"key,omitempty"`
	Type       string              `json:"type,omitempty"`
	MerkleRoot SCMerkleRootSection `json:"merkle_root"`
	Version    libkb.SigVersion    `json:"version"`

	Team *SCTeamSection `json:"team,omitempty"`
}

type SCPerTeamKey

type SCPerTeamKey struct {
	Generation keybase1.PerTeamKeyGeneration `json:"generation"`
	EncKID     keybase1.KID                  `json:"encryption_kid"`
	SigKID     keybase1.KID                  `json:"signing_kid"`
	ReverseSig string                        `json:"reverse_sig"`
}

type SCSubteam

type SCSubteam struct {
	ID   SCTeamID   `json:"id"`
	Name SCTeamName `json:"name"`
}

type SCTeamAdmin

type SCTeamAdmin struct {
	TeamID  SCTeamID         `json:"team_id"`
	Seqno   keybase1.Seqno   `json:"seqno"`
	SeqType keybase1.SeqType `json:"seq_type"`
}

func (SCTeamAdmin) SigChainLocation

func (a SCTeamAdmin) SigChainLocation() keybase1.SigChainLocation

type SCTeamEntropy added in v1.0.31

type SCTeamEntropy string

SCTeamEntropy is used to render stubbed out links unguessable. Basically, we shove a random 18-byte string into sensitive links.

type SCTeamID

type SCTeamID string

func (SCTeamID) ToTeamID

func (s SCTeamID) ToTeamID() (keybase1.TeamID, error)

type SCTeamInvite

type SCTeamInvite struct {
	Type string                  `json:"type"`
	Name keybase1.TeamInviteName `json:"name"`
	ID   SCTeamInviteID          `json:"id"`
}

func (SCTeamInvite) TeamInvite

type SCTeamInviteID

type SCTeamInviteID string

func NewInviteID

func NewInviteID() SCTeamInviteID

func ProcessSeitanV2 added in v1.0.46

func ProcessSeitanV2(ikey SeitanIKeyV2, uv keybase1.UserVersion, kbtime keybase1.Time) (sig string,
	inviteID SCTeamInviteID, err error)

func (SCTeamInviteID) Eq added in v1.0.39

func (SCTeamInviteID) TeamInviteID

func (i SCTeamInviteID) TeamInviteID() (keybase1.TeamInviteID, error)

type SCTeamInvites

type SCTeamInvites struct {
	Owners  *[]SCTeamInvite   `json:"owner,omitempty"`
	Admins  *[]SCTeamInvite   `json:"admin,omitempty"`
	Writers *[]SCTeamInvite   `json:"writer,omitempty"`
	Readers *[]SCTeamInvite   `json:"reader,omitempty"`
	Cancel  *[]SCTeamInviteID `json:"cancel,omitempty"`
}

type SCTeamKBFS added in v1.0.39

type SCTeamKBFS struct {
	TLF    *SCTeamKBFSTLF           `json:"tlf,omitempty"`
	Keyset *SCTeamKBFSLegacyUpgrade `json:"legacy_tlf_upgrade,omitempty"`
}

type SCTeamKBFSLegacyUpgrade added in v1.0.41

type SCTeamKBFSLegacyUpgrade struct {
	AppType          keybase1.TeamApplication             `json:"app_type"`
	TeamGeneration   keybase1.PerTeamKeyGeneration        `json:"team_generation"`
	LegacyGeneration int                                  `json:"legacy_generation"`
	KeysetHash       keybase1.TeamEncryptedKBFSKeysetHash `json:"encrypted_keyset_hash"`
}

type SCTeamKBFSTLF added in v1.0.39

type SCTeamKBFSTLF struct {
	ID keybase1.TLFID `json:"id"`
}

type SCTeamMember

type SCTeamMember keybase1.UserVersion

A (username, seqno) pair. The username is adorned with "%n" at the end where n is the seqno IF the seqno is not 1.

func (*SCTeamMember) MarshalJSON

func (s *SCTeamMember) MarshalJSON() (b []byte, err error)

func (*SCTeamMember) UnmarshalJSON

func (s *SCTeamMember) UnmarshalJSON(b []byte) (err error)

type SCTeamMembers

type SCTeamMembers struct {
	Owners  *[]SCTeamMember `json:"owner,omitempty"`
	Admins  *[]SCTeamMember `json:"admin,omitempty"`
	Writers *[]SCTeamMember `json:"writer,omitempty"`
	Readers *[]SCTeamMember `json:"reader,omitempty"`
	None    *[]SCTeamMember `json:"none,omitempty"`
}

type SCTeamName

type SCTeamName string

func (SCTeamName) LastPart

func (n SCTeamName) LastPart() (string, error)

type SCTeamParent

type SCTeamParent struct {
	ID      SCTeamID         `json:"id"`
	Seqno   keybase1.Seqno   `json:"seqno"`
	SeqType keybase1.SeqType `json:"seq_type"`
}

type SCTeamSection

type SCTeamSection struct {
	ID               SCTeamID          `json:"id"`
	Name             *SCTeamName       `json:"name,omitempty"`
	Members          *SCTeamMembers    `json:"members,omitempty"`
	Parent           *SCTeamParent     `json:"parent,omitempty"`
	Subteam          *SCSubteam        `json:"subteam,omitempty"`
	PerTeamKey       *SCPerTeamKey     `json:"per_team_key,omitempty"`
	Admin            *SCTeamAdmin      `json:"admin,omitempty"`
	Invites          *SCTeamInvites    `json:"invites,omitempty"`
	CompletedInvites SCMapInviteIDToUV `json:"completed_invites,omitempty"`
	Implicit         bool              `json:"is_implicit,omitempty"`
	Public           bool              `json:"is_public,omitempty"`
	Entropy          SCTeamEntropy     `json:"entropy,omitempty"`
	Settings         *SCTeamSettings   `json:"settings,omitempty"`
	KBFS             *SCTeamKBFS       `json:"kbfs,omitempty"`
}

type SCTeamSettings added in v1.0.33

type SCTeamSettings struct {
	Open *SCTeamSettingsOpen `json:"open,omitempty"`
}

func CreateTeamSettings added in v1.0.33

func CreateTeamSettings(open bool, joinAs keybase1.TeamRole) (SCTeamSettings, error)

type SCTeamSettingsOpen added in v1.0.33

type SCTeamSettingsOpen struct {
	Enabled bool                       `json:"enabled"`
	Options *SCTeamSettingsOpenOptions `json:"options,omitempty"`
}

type SCTeamSettingsOpenOptions added in v1.0.33

type SCTeamSettingsOpenOptions struct {
	JoinAs string `json:"join_as"`
}

type SeitanAKey added in v1.0.34

type SeitanAKey []byte

"Acceptance Key"

type SeitanIKey added in v1.0.34

type SeitanIKey string

"Invite Key"

func GenerateIKey added in v1.0.34

func GenerateIKey() (ikey SeitanIKey, err error)

func ParseIKeyFromString added in v1.0.42

func ParseIKeyFromString(token string) (ikey SeitanIKey, err error)

ParseIKeyFromString safely creates SeitanIKey value from plaintext string. Only format is checked - any 18-character token with '+' character at position 5 can be "Invite Key". Alphabet is not checked, as it is only a hint for token generation and it can change over time, but we assume that token length stays the same.

func (SeitanIKey) GeneratePackedEncryptedKey added in v1.0.42

func (ikey SeitanIKey) GeneratePackedEncryptedKey(ctx context.Context, team *Team, label keybase1.SeitanKeyLabel) (pkey SeitanPKey, encoded string, err error)

func (SeitanIKey) GenerateSIKey added in v1.0.34

func (ikey SeitanIKey) GenerateSIKey() (sikey SeitanSIKey, err error)

func (SeitanIKey) String added in v1.0.34

func (ikey SeitanIKey) String() string

type SeitanIKeyV2 added in v1.0.42

type SeitanIKeyV2 string

"Invite Key Version 2"

func GenerateIKeyV2 added in v1.0.42

func GenerateIKeyV2() (ikey SeitanIKeyV2, err error)

func ParseIKeyV2FromString added in v1.0.42

func ParseIKeyV2FromString(token string) (ikey SeitanIKeyV2, err error)

ParseIKeyV2FromString safely creates SeitanIKey value from plaintext string. Only format is checked - any 18-character token with '+' character at position 6 can be "Invite Key". Alphabet is not checked, as it is only a hint for token generation and it can change over time, but we assume that token length stays the same.

func (SeitanIKeyV2) GenerateSIKey added in v1.0.42

func (ikey SeitanIKeyV2) GenerateSIKey() (sikey SeitanSIKeyV2, err error)

func (SeitanIKeyV2) String added in v1.0.42

func (ikey SeitanIKeyV2) String() string

type SeitanPKey added in v1.0.42

type SeitanPKey struct {
	Version              SeitanVersion
	TeamKeyGeneration    keybase1.PerTeamKeyGeneration
	RandomNonce          keybase1.BoxNonce
	EncryptedKeyAndLabel []byte // keybase1.SeitanKeyAndLabel MsgPacked and encrypted
	// contains filtered or unexported fields
}

"Seitan Packed Encrypted Key" All following 3 structs should be considered one. When any changes, version has to be bumped up.

func SeitanDecodePKey added in v1.0.42

func SeitanDecodePKey(base64Buffer string) (pkey SeitanPKey, err error)

func (SeitanPKey) DecryptKeyAndLabel added in v1.0.42

func (pkey SeitanPKey) DecryptKeyAndLabel(ctx context.Context, team *Team) (ret keybase1.SeitanKeyAndLabel, err error)

type SeitanPubKey added in v1.0.42

type SeitanPubKey kbcrypto.NaclSigningKeyPublic

func ImportSeitanPubKey added in v1.0.42

func ImportSeitanPubKey(keyString keybase1.SeitanPubKey) (pubKey SeitanPubKey, err error)

type SeitanSIKey added in v1.0.34

type SeitanSIKey [SeitanScryptKeylen]byte

"Stretched Invite Key"

func (SeitanSIKey) GenerateAcceptanceKey added in v1.0.34

func (sikey SeitanSIKey) GenerateAcceptanceKey(uid keybase1.UID, eldestSeqno keybase1.Seqno, unixTime int64) (akey SeitanAKey, encoded string, err error)

func (SeitanSIKey) GenerateTeamInviteID added in v1.0.34

func (sikey SeitanSIKey) GenerateTeamInviteID() (id SCTeamInviteID, err error)

type SeitanSIKeyV2 added in v1.0.42

type SeitanSIKeyV2 [SeitanScryptKeylen]byte

"Stretched Invite Key"

func (SeitanSIKeyV2) GeneratePackedEncryptedKey added in v1.0.42

func (sikey SeitanSIKeyV2) GeneratePackedEncryptedKey(ctx context.Context, team *Team, label keybase1.SeitanKeyLabel) (pkey SeitanPKey, encoded string, err error)

func (SeitanSIKeyV2) GenerateSignature added in v1.0.42

func (sikey SeitanSIKeyV2) GenerateSignature(uid keybase1.UID, eldestSeqno keybase1.Seqno, inviteID SCTeamInviteID, time keybase1.Time) (sig SeitanSig, encoded string, err error)

func (SeitanSIKeyV2) GenerateTeamInviteID added in v1.0.42

func (sikey SeitanSIKeyV2) GenerateTeamInviteID() (id SCTeamInviteID, err error)

type SeitanSig added in v1.0.42

type SeitanSig kbcrypto.NaclSignature

"Signature"

type SeitanVersion added in v1.0.42

type SeitanVersion uint
const (
	SeitanVersion1 SeitanVersion = 1
	SeitanVersion2 SeitanVersion = 2
)

func ParseSeitanVersion added in v1.0.42

func ParseSeitanVersion(s string) (version SeitanVersion, err error)

type SignerX

type SignerX struct {
	// contains filtered or unexported fields
}

func NewSignerX

func NewSignerX(signer keybase1.UserVersion, implicitAdmin bool) SignerX

type Storage

type Storage struct {
	// contains filtered or unexported fields
}

Storage stores TeamData's on memory and disk. Threadsafe. For the standard loader, which does a complete but slower load. Compare to FTLStorage which stores the Fast-loaded team state.

func NewStorage

func NewStorage(g *libkb.GlobalContext) *Storage

func (Storage) Delete added in v1.0.33

func (s Storage) Delete(mctx libkb.MetaContext, teamID keybase1.TeamID, public bool) error

func (*Storage) Get

func (s *Storage) Get(mctx libkb.MetaContext, teamID keybase1.TeamID, public bool) *keybase1.TeamData

Can return nil.

func (*Storage) Put

func (s *Storage) Put(mctx libkb.MetaContext, state *keybase1.TeamData)

type StubbedError

type StubbedError struct {
	// contains filtered or unexported fields
}

func NewStubbedError

func NewStubbedError(l *ChainLinkUnpacked) StubbedError

func NewStubbedErrorWithNote

func NewStubbedErrorWithNote(l *ChainLinkUnpacked, note string) StubbedError

func (StubbedError) Error

func (e StubbedError) Error() string

type SubteamOwnersError added in v1.0.34

type SubteamOwnersError struct{}

func (SubteamOwnersError) Error added in v1.0.34

func (e SubteamOwnersError) Error() string

type Team

type Team struct {
	libkb.Contextified

	ID   keybase1.TeamID
	Data *keybase1.TeamData
	// contains filtered or unexported fields
}

A snapshot of a team's state. Not threadsafe.

func GetForDisplayByStringName added in v1.0.48

func GetForDisplayByStringName(ctx context.Context, g *libkb.GlobalContext, name string) (*Team, error)

func GetForTeamManagementByStringName

func GetForTeamManagementByStringName(ctx context.Context, g *libkb.GlobalContext, name string, needAdmin bool) (*Team, error)

needAdmin must be set when interacting with links that have a possibility of being stubbed.

func GetForTeamManagementByTeamID added in v1.0.29

func GetForTeamManagementByTeamID(ctx context.Context, g *libkb.GlobalContext, id keybase1.TeamID, needAdmin bool) (*Team, error)

func GetMaybeAdminByStringName

func GetMaybeAdminByStringName(ctx context.Context, g *libkb.GlobalContext, name string, public bool) (*Team, error)

Get a team with no stubbed links if we are an admin. Use this instead of NeedAdmin when you don't know whether you are an admin. This always causes roundtrips. Doesn't work for implicit admins.

func GetTeamByNameForTest added in v1.0.34

func GetTeamByNameForTest(ctx context.Context, g *libkb.GlobalContext, name string, public bool, needAdmin bool) (*Team, error)

func Load

Load a Team from the TeamLoader. Can be called from inside the teams package.

func LookupImplicitTeam added in v1.0.29

func LookupImplicitTeam(ctx context.Context, g *libkb.GlobalContext, displayName string, public bool) (
	team *Team, teamName keybase1.TeamName, impTeamName keybase1.ImplicitTeamDisplayName, err error)

Lookup an implicit team by name like "alice,bob+bob@twitter (conflicted copy 2017-03-04 #1)" Resolves social assertions.

func LookupImplicitTeamAndConflicts added in v1.0.30

func LookupImplicitTeamAndConflicts(ctx context.Context, g *libkb.GlobalContext, displayName string, public bool) (
	team *Team, teamName keybase1.TeamName, impTeamName keybase1.ImplicitTeamDisplayName, conflicts []keybase1.ImplicitTeamConflictInfo, err error)

Lookup an implicit team by name like "alice,bob+bob@twitter (conflicted copy 2017-03-04 #1)" Resolves social assertions.

func LookupOrCreateImplicitTeam added in v1.0.29

func LookupOrCreateImplicitTeam(ctx context.Context, g *libkb.GlobalContext, displayName string, public bool) (res *Team, teamName keybase1.TeamName, impTeamName keybase1.ImplicitTeamDisplayName, err error)

LookupOrCreateImplicitTeam by name like "alice,bob+bob@twitter (conflicted copy 2017-03-04 #1)" Resolves social assertions.

func NewTeam

func NewTeam(ctx context.Context, g *libkb.GlobalContext, teamData *keybase1.TeamData) *Team

func (*Team) AllAdmins

func (t *Team) AllAdmins(ctx context.Context) ([]keybase1.UserVersion, error)

All admins, owners, and implicit admins of this team.

func (*Team) AllApplicationKeys

func (t *Team) AllApplicationKeys(ctx context.Context, application keybase1.TeamApplication) (res []keybase1.TeamApplicationKey, err error)

func (*Team) AllApplicationKeysWithKBFS

func (t *Team) AllApplicationKeysWithKBFS(ctx context.Context, application keybase1.TeamApplication) (res []keybase1.TeamApplicationKey, err error)

func (*Team) AllUserVersionsByUID added in v1.0.48

func (t *Team) AllUserVersionsByUID(ctx context.Context, uid keybase1.UID) []keybase1.UserVersion

func (*Team) ApplicationKey

func (t *Team) ApplicationKey(ctx context.Context, application keybase1.TeamApplication) (keybase1.TeamApplicationKey, error)

ApplicationKey returns the most recent key for an application.

func (*Team) ApplicationKeyAtGeneration

func (t *Team) ApplicationKeyAtGeneration(ctx context.Context,
	application keybase1.TeamApplication, generation keybase1.PerTeamKeyGeneration) (res keybase1.TeamApplicationKey, err error)

func (*Team) ApplicationKeyAtGenerationWithKBFS

func (t *Team) ApplicationKeyAtGenerationWithKBFS(ctx context.Context,
	application keybase1.TeamApplication, generation keybase1.PerTeamKeyGeneration) (res keybase1.TeamApplicationKey, err error)

func (*Team) AssociateWithTLFID added in v1.0.41

func (t *Team) AssociateWithTLFID(ctx context.Context, tlfID keybase1.TLFID) (err error)

func (*Team) AssociateWithTLFKeyset added in v1.0.41

func (t *Team) AssociateWithTLFKeyset(ctx context.Context, tlfID keybase1.TLFID,
	cryptKeys []keybase1.CryptKey, appType keybase1.TeamApplication) (err error)

func (*Team) CanSkipKeyRotation added in v1.0.48

func (t *Team) CanSkipKeyRotation() bool

func (*Team) ChangeMembership

func (t *Team) ChangeMembership(ctx context.Context, req keybase1.TeamChangeReq) error

func (*Team) ChangeMembershipWithOptions added in v1.0.48

func (t *Team) ChangeMembershipWithOptions(ctx context.Context, req keybase1.TeamChangeReq, opts ChangeMembershipOptions) (err error)

func (*Team) ChatKey

func (t *Team) ChatKey(ctx context.Context) (keybase1.TeamApplicationKey, error)

func (*Team) CurrentSeqno

func (t *Team) CurrentSeqno() keybase1.Seqno

func (*Team) EncryptionKey added in v1.0.46

func (t *Team) EncryptionKey(ctx context.Context) (key libkb.NaclDHKeyPair, err error)

func (*Team) ExportToTeamPlusApplicationKeys

func (t *Team) ExportToTeamPlusApplicationKeys(ctx context.Context, idTime keybase1.Time,
	application keybase1.TeamApplication, includeKBFSKeys bool) (ret keybase1.TeamPlusApplicationKeys, err error)

func (*Team) FindActiveKeybaseInvite added in v1.0.46

func (t *Team) FindActiveKeybaseInvite(uid keybase1.UID) (keybase1.TeamInvite, keybase1.UserVersion, bool)

func (*Team) ForceMerkleRootUpdate

func (t *Team) ForceMerkleRootUpdate(ctx context.Context) error

ForceMerkleRootUpdate will call LookupTeam on MerkleClient to update cached merkle root to include latest team sigs. Needed if client wants to create a signature that refers to an adminship, signature's merkle_root has to be more fresh than adminship's.

func (*Team) Generation

func (t *Team) Generation() keybase1.PerTeamKeyGeneration

func (*Team) GetActiveAndObsoleteInvites added in v1.0.40

func (t *Team) GetActiveAndObsoleteInvites() (ret map[keybase1.TeamInviteID]keybase1.TeamInvite)

func (*Team) GitMetadataKey added in v1.0.30

func (t *Team) GitMetadataKey(ctx context.Context) (keybase1.TeamApplicationKey, error)

func (*Team) HasActiveInvite

func (t *Team) HasActiveInvite(name keybase1.TeamInviteName, typ string) (bool, error)

func (*Team) ImplicitTeamDisplayName added in v1.0.29

func (t *Team) ImplicitTeamDisplayName(ctx context.Context) (res keybase1.ImplicitTeamDisplayName, err error)

func (*Team) ImplicitTeamDisplayNameString added in v1.0.29

func (t *Team) ImplicitTeamDisplayNameString(ctx context.Context) (string, error)

func (*Team) InviteEmailMember

func (t *Team) InviteEmailMember(ctx context.Context, email string, role keybase1.TeamRole) error

func (*Team) InviteMember

func (t *Team) InviteMember(ctx context.Context, username string, role keybase1.TeamRole, resolvedUsername libkb.NormalizedUsername, uv keybase1.UserVersion) (keybase1.TeamAddMemberResult, error)

If uv.Uid is set, then username is ignored. Otherwise resolvedUsername and uv are ignored.

func (*Team) InviteSeitan added in v1.0.34

func (t *Team) InviteSeitan(ctx context.Context, role keybase1.TeamRole, label keybase1.SeitanKeyLabel) (ikey SeitanIKey, err error)

func (*Team) InviteSeitanV2 added in v1.0.42

func (t *Team) InviteSeitanV2(ctx context.Context, role keybase1.TeamRole, label keybase1.SeitanKeyLabel) (ikey SeitanIKeyV2, err error)

func (*Team) IsImplicit added in v1.0.30

func (t *Team) IsImplicit() bool

func (*Team) IsMember

func (t *Team) IsMember(ctx context.Context, uv keybase1.UserVersion) bool

func (*Team) IsOpen added in v1.0.33

func (t *Team) IsOpen() bool

func (*Team) IsPublic added in v1.0.29

func (t *Team) IsPublic() bool

func (*Team) IsSubteam added in v1.0.34

func (t *Team) IsSubteam() bool

func (*Team) KBFSCryptKeys added in v1.0.41

func (t *Team) KBFSCryptKeys(ctx context.Context, appType keybase1.TeamApplication) []keybase1.CryptKey

func (*Team) KBFSKey

func (t *Team) KBFSKey(ctx context.Context) (keybase1.TeamApplicationKey, error)

func (*Team) KBFSTLFIDs

func (t *Team) KBFSTLFIDs() []keybase1.TLFID

func (*Team) LatestKBFSTLFID

func (t *Team) LatestKBFSTLFID() (res keybase1.TLFID)

func (*Team) Leave

func (t *Team) Leave(ctx context.Context, permanent bool) error

func (*Team) MemberRole

func (t *Team) MemberRole(ctx context.Context, uv keybase1.UserVersion) (keybase1.TeamRole, error)

func (*Team) Members

func (t *Team) Members() (keybase1.TeamMembers, error)

func (*Team) Name

func (t *Team) Name() keybase1.TeamName

func (*Team) NextSeqno

func (t *Team) NextSeqno() keybase1.Seqno

func (*Team) NumActiveInvites added in v1.0.29

func (t *Team) NumActiveInvites() int

func (*Team) OpenTeamJoinAs added in v1.0.34

func (t *Team) OpenTeamJoinAs() keybase1.TeamRole

func (*Team) PostTeamSettings added in v1.0.33

func (t *Team) PostTeamSettings(ctx context.Context, settings keybase1.TeamSettings) error

func (*Team) Rotate

func (t *Team) Rotate(ctx context.Context) (err error)

func (*Team) SaltpackEncryptionKeyAtGeneration

func (t *Team) SaltpackEncryptionKeyAtGeneration(ctx context.Context, generation keybase1.PerTeamKeyGeneration) (keybase1.TeamApplicationKey, error)

func (*Team) SaltpackEncryptionKeyLatest

func (t *Team) SaltpackEncryptionKeyLatest(ctx context.Context) (keybase1.TeamApplicationKey, error)

func (*Team) SeitanInviteTokenKeyAtGeneration added in v1.0.39

func (t *Team) SeitanInviteTokenKeyAtGeneration(ctx context.Context, generation keybase1.PerTeamKeyGeneration) (keybase1.TeamApplicationKey, error)

func (*Team) SeitanInviteTokenKeyLatest added in v1.0.39

func (t *Team) SeitanInviteTokenKeyLatest(ctx context.Context) (keybase1.TeamApplicationKey, error)

func (*Team) SharedSecret

func (t *Team) SharedSecret(ctx context.Context) (ret keybase1.PerTeamKeySeed, err error)

func (*Team) SigningKey added in v1.0.46

func (t *Team) SigningKey(ctx context.Context) (key libkb.NaclSigningKeyPair, err error)

func (*Team) UserVersionByUID added in v1.0.29

func (t *Team) UserVersionByUID(ctx context.Context, uid keybase1.UID) (keybase1.UserVersion, error)

func (*Team) UsersWithRole

func (t *Team) UsersWithRole(role keybase1.TeamRole) ([]keybase1.UserVersion, error)

func (*Team) UsersWithRoleOrAbove added in v1.0.30

func (t *Team) UsersWithRoleOrAbove(role keybase1.TeamRole) ([]keybase1.UserVersion, error)

type TeamBox

type TeamBox struct {
	Nonce           string
	SenderKID       keybase1.KID `json:"sender_kid"`
	Generation      keybase1.PerTeamKeyGeneration
	Ctext           string
	PerUserKeySeqno keybase1.Seqno `json:"per_user_key_seqno"`
}

TeamBox comes from api server team/get endpoint.

func (*TeamBox) Open

Open decrypts Ctext using encKey.

type TeamDeletedError added in v1.0.34

type TeamDeletedError struct{}

func (TeamDeletedError) Error added in v1.0.34

func (e TeamDeletedError) Error() string

type TeamDoesNotExistError

type TeamDoesNotExistError struct {
	// contains filtered or unexported fields
}

func (TeamDoesNotExistError) Error

func (e TeamDoesNotExistError) Error() string

type TeamKeyManager

type TeamKeyManager struct {
	// contains filtered or unexported fields
}

func NewTeamKeyManager

func NewTeamKeyManager(g *libkb.GlobalContext) (*TeamKeyManager, error)

func NewTeamKeyManagerWithSecret

func NewTeamKeyManagerWithSecret(secret keybase1.PerTeamKeySeed, generation keybase1.PerTeamKeyGeneration) (*TeamKeyManager, error)

func (*TeamKeyManager) EncryptionKey

func (t *TeamKeyManager) EncryptionKey() (libkb.NaclDHKeyPair, error)

EncryptionKey returns the derived NaclDHKeyPair from the team's shared secret.

func (*TeamKeyManager) RotateSharedSecretBoxes

func (t *TeamKeyManager) RotateSharedSecretBoxes(mctx libkb.MetaContext, senderKey libkb.GenericKey, recipients map[keybase1.UserVersion]keybase1.PerUserKey) (boxes *PerTeamSharedSecretBoxes, keySection *SCPerTeamKey, err error)

RotateSharedSecretBoxes creates a new shared secret for the team and the required PerTeamKey section.

func (*TeamKeyManager) SharedSecret

func (t *TeamKeyManager) SharedSecret() keybase1.PerTeamKeySeed

SharedSecret returns the team's shared secret.

func (*TeamKeyManager) SharedSecretBoxes

func (t *TeamKeyManager) SharedSecretBoxes(mctx libkb.MetaContext, senderKey libkb.GenericKey, recipients map[keybase1.UserVersion]keybase1.PerUserKey) (boxes *PerTeamSharedSecretBoxes, err error)

SharedSecretBoxes creates the PerTeamSharedSecretBoxes for recipients with the existing team shared secret.

func (*TeamKeyManager) SigningKey

func (t *TeamKeyManager) SigningKey() (libkb.NaclSigningKeyPair, error)

EncryptionKey returns the derived NaclSigningKeyPair from the team's shared secret.

type TeamLoader

type TeamLoader struct {
	libkb.Contextified
	// contains filtered or unexported fields
}

Loader of keybase1.TeamData objects. Handles caching. Because there is one of this global object and it is attached to G, its Load interface must return a keybase1.TeamData not a teams.Team. To load a teams.Team use the package-level function Load. Threadsafe.

func NewTeamLoader

func NewTeamLoader(g *libkb.GlobalContext, world LoaderContext, storage *Storage) *TeamLoader

func NewTeamLoaderAndInstall

func NewTeamLoaderAndInstall(g *libkb.GlobalContext) *TeamLoader

NewTeamLoaderAndInstall creates a new loader and installs it into G.

func (*TeamLoader) ClearMem added in v1.0.34

func (l *TeamLoader) ClearMem()

Clear the in-memory cache.

func (*TeamLoader) Delete added in v1.0.33

func (l *TeamLoader) Delete(ctx context.Context, teamID keybase1.TeamID) (err error)

func (*TeamLoader) ForceRepollUntil

func (l *TeamLoader) ForceRepollUntil(ctx context.Context, dtime gregor.TimeOrOffset) error

func (*TeamLoader) HintLatestSeqno added in v1.0.39

func (l *TeamLoader) HintLatestSeqno(ctx context.Context, teamID keybase1.TeamID, seqno keybase1.Seqno) error

func (*TeamLoader) ImplicitAdmins

func (l *TeamLoader) ImplicitAdmins(ctx context.Context, teamID keybase1.TeamID) (impAdmins []keybase1.UserVersion, err error)

List all the admins of ancestor teams. Includes admins of the specified team only if they are also admins of ancestor teams. The specified team must be a subteam, or an error is returned. Always sends a flurry of RPCs to get the most up to date info.

func (*TeamLoader) InForceRepollMode

func (l *TeamLoader) InForceRepollMode(ctx context.Context) bool

func (*TeamLoader) Load

func (l *TeamLoader) Load(ctx context.Context, lArg keybase1.LoadTeamArg) (res *keybase1.TeamData, err error)

func (*TeamLoader) NotifyTeamRename

func (l *TeamLoader) NotifyTeamRename(ctx context.Context, id keybase1.TeamID, newName string) error

func (*TeamLoader) OnLogout

func (l *TeamLoader) OnLogout()

func (*TeamLoader) ResolveNameToIDUntrusted added in v1.0.48

func (l *TeamLoader) ResolveNameToIDUntrusted(ctx context.Context, teamName keybase1.TeamName, public bool, allowCache bool) (id keybase1.TeamID, err error)

Resolve a team name to a team ID. Will always hit the server for subteams. The server can lie in this return value.

func (*TeamLoader) VerifyTeamName

func (l *TeamLoader) VerifyTeamName(ctx context.Context, id keybase1.TeamID, name keybase1.TeamName) error

type TeamSigChainState

type TeamSigChainState struct {
	// contains filtered or unexported fields
}

Accessor wrapper for keybase1.TeamSigChainState

func AppendChainLink(ctx context.Context, g *libkb.GlobalContext, reader keybase1.UserVersion, state *TeamSigChainState,
	link *ChainLinkUnpacked, signer *SignerX) (res TeamSigChainState, err error)

AppendChainLink process a chain link. It must have already been partially verified by TeamLoader. `reader` is the user who is processing the chain. `state` is moved into this function. There must exist no live references into it from now on. If `state` is nil this is the first link of the chain. `signer` may be nil iff link is stubbed.

func InflateLink(ctx context.Context, g *libkb.GlobalContext, reader keybase1.UserVersion, state TeamSigChainState,
	link *ChainLinkUnpacked, signer SignerX) (res TeamSigChainState, err error)

InflateLink adds the full inner link for a link that has already been added in stubbed form. `state` is moved into this function. There must exist no live references into it from now on.

func (TeamSigChainState) AssertWasAdminAt

func (t TeamSigChainState) AssertWasAdminAt(uv keybase1.UserVersion, scl keybase1.SigChainLocation) (err error)

func (TeamSigChainState) AssertWasReaderAt

func (t TeamSigChainState) AssertWasReaderAt(uv keybase1.UserVersion, scl keybase1.SigChainLocation) (err error)

func (TeamSigChainState) AssertWasRoleOrAboveAt added in v1.0.41

func (t TeamSigChainState) AssertWasRoleOrAboveAt(uv keybase1.UserVersion,
	role keybase1.TeamRole, scl keybase1.SigChainLocation) (err error)

AssertWasRoleOrAboveAt asserts that user `uv` had `role` or above on the team just after the given SigChainLocation `scl`. We start at the point given, go backwards until we find a promotion, then go forwards to make sure there wasn't a demotion before the specified time. If there was, return a PermissionError. If no adminship was found at all, return a PermissionError.

func (TeamSigChainState) AssertWasWriterAt added in v1.0.41

func (t TeamSigChainState) AssertWasWriterAt(uv keybase1.UserVersion, scl keybase1.SigChainLocation) (err error)

func (TeamSigChainState) DeepCopy

func (t TeamSigChainState) DeepCopy() TeamSigChainState

func (TeamSigChainState) DeepCopyToPtr

func (t TeamSigChainState) DeepCopyToPtr() *TeamSigChainState

func (*TeamSigChainState) FindActiveInvite

func (*TeamSigChainState) FindActiveInviteByID

func (t *TeamSigChainState) FindActiveInviteByID(id keybase1.TeamInviteID) (keybase1.TeamInvite, bool)

func (*TeamSigChainState) FindActiveKeybaseInvite added in v1.0.46

func (t *TeamSigChainState) FindActiveKeybaseInvite(uid keybase1.UID) (keybase1.TeamInvite, keybase1.UserVersion, bool)

FindActiveKeybaseInvite finds and returns *first* Keybase-type invite for given UID. Ordering here is not guaranteed, caller shouldn't assume that returned invite will be the oldest/newest one for the UID.

func (TeamSigChainState) GetAdminUserLogPoint

func (t TeamSigChainState) GetAdminUserLogPoint(user keybase1.UserVersion) *keybase1.UserLogPoint

func (TeamSigChainState) GetAllUVsWithUID added in v1.0.48

func (t TeamSigChainState) GetAllUVsWithUID(uid keybase1.UID) (res []keybase1.UserVersion)

func (TeamSigChainState) GetID

func (t TeamSigChainState) GetID() keybase1.TeamID

func (TeamSigChainState) GetLatestGeneration

func (t TeamSigChainState) GetLatestGeneration() keybase1.PerTeamKeyGeneration

func (TeamSigChainState) GetLatestHighLinkID

func (t TeamSigChainState) GetLatestHighLinkID() keybase1.LinkID

func (TeamSigChainState) GetLatestHighSeqno

func (t TeamSigChainState) GetLatestHighSeqno() keybase1.Seqno

func (TeamSigChainState) GetLatestKBFSGeneration added in v1.0.41

func (t TeamSigChainState) GetLatestKBFSGeneration(appType keybase1.TeamApplication) (int, error)

func (TeamSigChainState) GetLatestLibkbLinkID

func (t TeamSigChainState) GetLatestLibkbLinkID() (libkb.LinkID, error)

func (TeamSigChainState) GetLatestLinkID

func (t TeamSigChainState) GetLatestLinkID() keybase1.LinkID

func (TeamSigChainState) GetLatestPerTeamKey

func (t TeamSigChainState) GetLatestPerTeamKey() (keybase1.PerTeamKey, error)

func (*TeamSigChainState) GetLatestPerTeamKeyCTime added in v1.0.48

func (t *TeamSigChainState) GetLatestPerTeamKeyCTime() keybase1.UnixTime

func (TeamSigChainState) GetLatestSeqno

func (t TeamSigChainState) GetLatestSeqno() keybase1.Seqno

func (TeamSigChainState) GetLatestUVWithUID added in v1.0.29

func (t TeamSigChainState) GetLatestUVWithUID(uid keybase1.UID) (res keybase1.UserVersion, err error)

func (TeamSigChainState) GetLibkbLinkIDBySeqno

func (t TeamSigChainState) GetLibkbLinkIDBySeqno(seqno keybase1.Seqno) (l2 libkb.LinkID, err error)

func (TeamSigChainState) GetLinkIDBySeqno

func (t TeamSigChainState) GetLinkIDBySeqno(seqno keybase1.Seqno) (keybase1.LinkID, error)

func (TeamSigChainState) GetParentID

func (t TeamSigChainState) GetParentID() *keybase1.TeamID

Only non-nil if this is a subteam.

func (TeamSigChainState) GetPerTeamKeyAtGeneration

func (t TeamSigChainState) GetPerTeamKeyAtGeneration(gen keybase1.PerTeamKeyGeneration) (keybase1.PerTeamKey, error)

func (TeamSigChainState) GetSubteamName

func (t TeamSigChainState) GetSubteamName(id keybase1.TeamID) (*keybase1.TeamName, error)

func (TeamSigChainState) GetUserLogPoint

func (t TeamSigChainState) GetUserLogPoint(user keybase1.UserVersion) *keybase1.UserLogPoint

func (TeamSigChainState) GetUserRole

func (TeamSigChainState) GetUserRoleAtSeqno added in v1.0.40

func (t TeamSigChainState) GetUserRoleAtSeqno(user keybase1.UserVersion, seqno keybase1.Seqno) (keybase1.TeamRole, error)

Get the user's role right after link at seqno was processed.

func (TeamSigChainState) GetUsersWithRole

func (t TeamSigChainState) GetUsersWithRole(role keybase1.TeamRole) (res []keybase1.UserVersion, err error)

func (TeamSigChainState) GetUsersWithRoleOrAbove added in v1.0.30

func (t TeamSigChainState) GetUsersWithRoleOrAbove(role keybase1.TeamRole) (res []keybase1.UserVersion, err error)

func (*TeamSigChainState) HasActiveInvite

func (t *TeamSigChainState) HasActiveInvite(name keybase1.TeamInviteName, typ keybase1.TeamInviteType) (bool, error)
func (t TeamSigChainState) HasAnyStubbedLinks() bool

func (TeamSigChainState) HasStubbedSeqno

func (t TeamSigChainState) HasStubbedSeqno(seqno keybase1.Seqno) bool

func (TeamSigChainState) IsImplicit added in v1.0.29

func (t TeamSigChainState) IsImplicit() bool

func (*TeamSigChainState) IsInviteObsolete added in v1.0.40

func (t *TeamSigChainState) IsInviteObsolete(id keybase1.TeamInviteID) bool

func (TeamSigChainState) IsLinkFilled added in v1.0.34

func (t TeamSigChainState) IsLinkFilled(seqno keybase1.Seqno) bool

Whether the link has been processed and is not stubbed.

func (TeamSigChainState) IsOpen added in v1.0.33

func (t TeamSigChainState) IsOpen() bool

func (TeamSigChainState) IsPublic added in v1.0.29

func (t TeamSigChainState) IsPublic() bool

func (TeamSigChainState) IsSubteam

func (t TeamSigChainState) IsSubteam() bool

func (TeamSigChainState) LatestLastNamePart

func (t TeamSigChainState) LatestLastNamePart() keybase1.TeamNamePart

func (*TeamSigChainState) ListSubteams

func (t *TeamSigChainState) ListSubteams() (res []keybase1.TeamIDAndName)

Only call this on a Team that has been loaded with NeedAdmin. Otherwise, you might get incoherent answers due to links that were stubbed over the life of the cached object.

For subteams that you were removed from, this list may still include them because your removal was stubbed. The list will not contain duplicate names. Since this should only be called when you are an admin, none of that should really come up, but it's here just to be less fragile.

func (*TeamSigChainState) NumActiveInvites added in v1.0.29

func (t *TeamSigChainState) NumActiveInvites() int

func (*TeamSigChainState) SubteamRenameOccurred

func (t *TeamSigChainState) SubteamRenameOccurred(
	subteamID keybase1.TeamID, newName keybase1.TeamName, seqno keybase1.Seqno) error

Check that a subteam rename occurred just so. That the subteam `subteamID` got a new name `newName` at exactly `seqno` in this, the parent, chain. Note this only checks against the last part of `newName` because mid-team renames are such a pain. This is currently linear in the number of times that subteam has been renamed. It should be easy to add an index if need be.

type Tristate added in v1.0.46

type Tristate int
const (
	TristateDisallow Tristate = 0 // default
	TristateRequire  Tristate = 1
	TristateOptional Tristate = 2
)

type UnexpectedSeqnoError

type UnexpectedSeqnoError struct {
	// contains filtered or unexported fields
}

func NewUnexpectedSeqnoError

func NewUnexpectedSeqnoError(expected, actual keybase1.Seqno) UnexpectedSeqnoError

func (UnexpectedSeqnoError) Error

func (e UnexpectedSeqnoError) Error() string

type UnsupportedLinkTypeError added in v1.0.34

type UnsupportedLinkTypeError struct {
	// contains filtered or unexported fields
}

func (UnsupportedLinkTypeError) Error added in v1.0.34

func (e UnsupportedLinkTypeError) Error() string

type Upgrader

type Upgrader struct{}

func NewUpgrader

func NewUpgrader() *Upgrader

func (*Upgrader) Run

func (u *Upgrader) Run(m libkb.MetaContext)

type UserHasNotResetError

type UserHasNotResetError struct{ Msg string }

func (UserHasNotResetError) Error

func (e UserHasNotResetError) Error() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL