openpgp

package
v0.0.0-...-0000000 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 14, 2014 License: AGPL-3.0 Imports: 49 Imported by: 0

Documentation

Overview

Package openpgp parses, merges, validates, stores and searches OpenPGP public key material in RFC4880 format. Workers handle HKP requests, process their contents, and produce HKP responses.

Public key material is stored in a PostgreSQL database.

Index

Constants

View Source 
const (
	PubkeyStateOk      = 0
	PubkeyStateInvalid = iota
)
View Source 
const (

	// Key material has been registered with Hockeypuck by the key owner,
	// who has signed a nonced challenge message with the associated private key.
	PacketStateRegistered = 1 << 0

	// Key material is cloaked. Hockeypuck will respond as if the key does not exist
	// unless the HKP request has proper authentication.
	PacketStateCloaked = 1 << 1

	// Signature has been checked and verified
	PacketStateSigOk = 1 << 2

	// Key material is banned from HKP results unconditionally. Could be signature
	// graphiti or other unwanted content.
	PacketStateSpam = 1 << 16

	// Key material is considered to be abandoned according to keyserver policy.
	PacketStateAbandoned = 1 << 17

	// Key material lacks a valid, non-expired self-signature
	PacketStateNoSelfSig = 1 << 18

	// Subkey material lacks a valid, non-expired binding-signature
	PacketStateNoBindingSig = 1 << 19

	// Public key is unsupported (unknown algorithm code, etc.)
	PacketStateUnsuppPubkey = 1 << 20
)
View Source 
const Cr_openpgp_pubkey = `` /* 1501-byte string literal not displayed */
View Source 
const Cr_openpgp_sig = `` /* 1249-byte string literal not displayed */
View Source 
const Cr_openpgp_subkey = `` /* 955-byte string literal not displayed */
View Source 
const Cr_openpgp_uat = `` /* 824-byte string literal not displayed */
View Source 
const Cr_openpgp_uid = `` /* 1046-byte string literal not displayed */
View Source 
const Cr_pks_stat = `` /* 824-byte string literal not displayed */
View Source 
const LOOKUP_RESULT_LIMIT = 100
View Source 
const MAX_DELAY = 60

Max delay backoff multiplier when smtp errors

View Source 
const RequestChunkSize = 100
View Source 
const UUID_LEN = 40

UUID_LEN is the size of unique primary keys generated for certain database records. The length is chosen to approximate 256 bits of security. When Ascii85 encoding is used, log(2**256, 85) = 39.9413926456896

Variables

View Source 
var Cr_openpgp_primary_constraints []string = []string{
	`ALTER TABLE openpgp_pubkey ADD CONSTRAINT openpgp_pubkey_primary_uid_fk
	FOREIGN KEY (primary_uid) REFERENCES openpgp_uid(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_pubkey ADD CONSTRAINT openpgp_pubkey_primary_uat_fk
	FOREIGN KEY (primary_uat) REFERENCES openpgp_uat(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
}
View Source 
var Cr_openpgp_pubkey_constraints []string = []string{
	`ALTER TABLE openpgp_pubkey ADD CONSTRAINT openpgp_pubkey_pk PRIMARY KEY (uuid);`,
	`ALTER TABLE openpgp_pubkey ADD CONSTRAINT openpgp_pubkey_md5 UNIQUE (md5);`,
	`ALTER TABLE openpgp_pubkey ADD CONSTRAINT openpgp_pubkey_sha256 UNIQUE (sha256);`,
}
View Source 
var Cr_openpgp_revsig_constraints []string = []string{
	`ALTER TABLE openpgp_pubkey ADD CONSTRAINT openpgp_pubkey_revsig_fk
	FOREIGN KEY (revsig_uuid) REFERENCES openpgp_sig(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_subkey ADD CONSTRAINT openpgp_subkey_revsig_fk
	FOREIGN KEY (revsig_uuid) REFERENCES openpgp_sig(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_uid ADD CONSTRAINT openpgp_uid_revsig_fk
	FOREIGN KEY (revsig_uuid) REFERENCES openpgp_sig(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_uat ADD CONSTRAINT openpgp_uat_revsig_fk
	FOREIGN KEY (revsig_uuid) REFERENCES openpgp_sig(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_sig ADD CONSTRAINT openpgp_sig_revsig_fk FOREIGN KEY (revsig_uuid)
	REFERENCES openpgp_sig(uuid) DEFERRABLE INITIALLY DEFERRED;`,
}
View Source 
var Cr_openpgp_sig_constraints []string = []string{
	`ALTER TABLE openpgp_sig ADD CONSTRAINT openpgp_sig_pk PRIMARY KEY (uuid);`,
	`ALTER TABLE openpgp_sig ADD CONSTRAINT openpgp_sig_signer_fk FOREIGN KEY (signer_uuid)
	REFERENCES openpgp_pubkey(uuid) DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_sig ADD CONSTRAINT openpgp_sig_pubkey_fk
	FOREIGN KEY (pubkey_uuid) REFERENCES openpgp_pubkey(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_sig ADD CONSTRAINT openpgp_sig_subkey_fk
	FOREIGN KEY (subkey_uuid) REFERENCES openpgp_subkey(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_sig ADD CONSTRAINT openpgp_sig_uid_fk
	FOREIGN KEY (uid_uuid) REFERENCES openpgp_uid(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_sig ADD CONSTRAINT openpgp_sig_uat_fk
	FOREIGN KEY (uat_uuid) REFERENCES openpgp_uat(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`ALTER TABLE openpgp_sig ADD CONSTRAINT openpgp_sig_sig_fk
	FOREIGN KEY (sig_uuid) REFERENCES openpgp_sig(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
}
View Source 
var Cr_openpgp_subkey_constraints []string = []string{
	`ALTER TABLE openpgp_subkey ADD CONSTRAINT openpgp_subkey_pk PRIMARY KEY (uuid);`,
	`ALTER TABLE openpgp_subkey ADD CONSTRAINT openpgp_subkey_pubkey_fk
	FOREIGN KEY (pubkey_uuid) REFERENCES openpgp_pubkey(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`CREATE INDEX openpgp_subkey_pubkey ON openpgp_subkey (pubkey_uuid);`,
}
View Source 
var Cr_openpgp_uat_constraints []string = []string{
	`ALTER TABLE openpgp_uat ADD CONSTRAINT openpgp_uat_pk PRIMARY KEY (uuid);`,
	`ALTER TABLE openpgp_uat ADD CONSTRAINT openpgp_uat_pubkey_fk
	FOREIGN KEY (pubkey_uuid) REFERENCES openpgp_pubkey(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`CREATE INDEX openpgp_uat_pubkey ON openpgp_uat (pubkey_uuid);`,
}
View Source 
var Cr_openpgp_uid_constraints []string = []string{
	`ALTER TABLE openpgp_uid ADD CONSTRAINT openpgp_uid_pk PRIMARY KEY (uuid);`,
	`ALTER TABLE openpgp_uid ADD CONSTRAINT openpgp_uid_pubkey_fk
	FOREIGN KEY (pubkey_uuid) REFERENCES openpgp_pubkey(uuid)
	DEFERRABLE INITIALLY DEFERRED;`,
	`CREATE INDEX openpgp_uid_pubkey ON openpgp_uid (pubkey_uuid);`,
	`CREATE INDEX openpgp_uid_fulltext_idx ON openpgp_uid USING gin(keywords_fulltext);`}
View Source 
var CreateConstraintsSql [][]string = [][]string{
	Cr_openpgp_pubkey_constraints,
	Cr_openpgp_subkey_constraints,
	Cr_openpgp_uid_constraints,
	Cr_openpgp_uat_constraints,
	Cr_openpgp_sig_constraints,
	Cr_openpgp_primary_constraints,
	Cr_openpgp_revsig_constraints,
}
View Source 
var CreateTablesSql []string = []string{
	Cr_openpgp_pubkey,
	Cr_openpgp_sig,
	Cr_openpgp_subkey,
	Cr_openpgp_uid,
	Cr_openpgp_uat,
	Cr_pks_stat,
}
View Source 
var DeleteDuplicatesSql []string
View Source 
var Dr_openpgp_primary_constraints []string = []string{
	`ALTER TABLE openpgp_pubkey DROP CONSTRAINT openpgp_pubkey_primary_uid_fk;`,
	`ALTER TABLE openpgp_pubkey DROP CONSTRAINT openpgp_pubkey_primary_uat_fk;`,
}
View Source 
var Dr_openpgp_pubkey_constraints []string = []string{
	`ALTER TABLE openpgp_pubkey DROP CONSTRAINT openpgp_pubkey_pk;`,
	`ALTER TABLE openpgp_pubkey DROP CONSTRAINT openpgp_pubkey_md5;`,
	`ALTER TABLE openpgp_pubkey DROP CONSTRAINT openpgp_pubkey_sha256;`,
}
View Source 
var Dr_openpgp_revsig_constraints []string = []string{
	`ALTER TABLE openpgp_pubkey DROP CONSTRAINT openpgp_pubkey_revsig_fk;`,
	`ALTER TABLE openpgp_subkey DROP CONSTRAINT openpgp_subkey_revsig_fk;`,
	`ALTER TABLE openpgp_uid DROP CONSTRAINT openpgp_uid_revsig_fk;`,
	`ALTER TABLE openpgp_uat DROP CONSTRAINT openpgp_uat_revsig_fk;`,
	`ALTER TABLE openpgp_sig DROP CONSTRAINT openpgp_sig_revsig_fk;`,
}
View Source 
var Dr_openpgp_sig_constraints []string = []string{
	`ALTER TABLE openpgp_sig DROP CONSTRAINT openpgp_sig_signer_fk;`,
	`ALTER TABLE openpgp_sig DROP CONSTRAINT openpgp_sig_pubkey_fk;`,
	`ALTER TABLE openpgp_sig DROP CONSTRAINT openpgp_sig_subkey_fk;`,
	`ALTER TABLE openpgp_sig DROP CONSTRAINT openpgp_sig_uid_fk;`,
	`ALTER TABLE openpgp_sig DROP CONSTRAINT openpgp_sig_uat_fk;`,
	`ALTER TABLE openpgp_sig DROP CONSTRAINT openpgp_sig_sig_fk;`,
	`ALTER TABLE openpgp_sig DROP CONSTRAINT openpgp_sig_pk;`,
}
View Source 
var Dr_openpgp_subkey_constraints []string = []string{
	`ALTER TABLE openpgp_subkey DROP CONSTRAINT openpgp_subkey_pk;`,
	`ALTER TABLE openpgp_subkey DROP CONSTRAINT openpgp_subkey_pubkey_fk;`,
	`DROP INDEX openpgp_subkey_pubkey;`,
}
View Source 
var Dr_openpgp_uat_constraints []string = []string{
	`ALTER TABLE openpgp_uat DROP CONSTRAINT openpgp_uat_pk;`,
	`ALTER TABLE openpgp_uat DROP CONSTRAINT openpgp_uat_pubkey_fk;`,
	`DROP INDEX openpgp_uat_pubkey;`,
}
View Source 
var Dr_openpgp_uid_constraints []string = []string{
	`ALTER TABLE openpgp_uid DROP CONSTRAINT openpgp_uid_pk;`,
	`ALTER TABLE openpgp_uid DROP CONSTRAINT openpgp_uid_pubkey_fk;`,
	`DROP INDEX openpgp_uid_pubkey;`,
	`DROP INDEX openpgp_uid_fulltext_idx;`,
}
View Source 
var DropConstraintsSql [][]string = [][]string{
	Dr_openpgp_revsig_constraints,
	Dr_openpgp_primary_constraints,
	Dr_openpgp_sig_constraints,
	Dr_openpgp_uat_constraints,
	Dr_openpgp_uid_constraints,
	Dr_openpgp_subkey_constraints,
	Dr_openpgp_pubkey_constraints,
}
View Source 
var ErrInternalKeyInvalid error = errors.New("Internal integrity error matching key")
View Source 
var ErrInvalidPacketType error = errors.New("Invalid packet type")
View Source 
var ErrMissingSignature = errors.New("Key material missing an expected signature")
View Source 
var ErrMissingUuid error = errors.New("Packet record missing content-unique identifier")
View Source 
var ErrPacketRecordState error = errors.New("Packet record state has not been properly initialized")
View Source 
var ErrSubKeyChanges error = errors.New("Worker already has a key change subscriber")

ErrSubKeyChanges is an error occurring when attempting to subscribe to KeyChange messages on a worker that already has a subscriber.

View Source 
var NeverExpires time.Time

Comparable time flag for "never expires"

Functions

func AlgorithmCode 

func AlgorithmCode(algorithm int) string

func Fingerprint 

func Fingerprint(pubkey *packet.PublicKey) string

Get the public key fingerprint as a hex string.

func FingerprintV3 

func FingerprintV3(pubkey *packet.PublicKeyV3) string

Get the public key fingerprint as a hex string.

func GetUuid 

func GetUuid(rec PacketRecord) string

func MergeKey 

func MergeKey(dstKey *Pubkey, srcKey *Pubkey)

Merge the contents of srcKey into dstKey, modifying in-place. Packets in src not found in dst are appended to the matching parent. Conflicting packets and unmatched parents are ignored.

func NewSksPTree 

func NewSksPTree(reconSettings *recon.Settings) (recon.PrefixTree, error)

func NewUuid 

func NewUuid() (string, error)

NewUuid creates a new randomly generated, secure unique identifier.

func Resolve 

func Resolve(pubkey *Pubkey)

Resolve resolves and connects relationship references between the different packet records in the key material.

func SksDigest 

func SksDigest(key *Pubkey, h hash.Hash) string

SksDigest calculates a cumulative message digest on all OpenPGP packets for a given primary public key, using the same ordering as SKS, the Synchronizing Key Server. Use MD5 for matching digest values with SKS.

func Sort 

func Sort(pubkey *Pubkey)

Sort reorders the key material

func WriteArmoredPackets 

func WriteArmoredPackets(w io.Writer, root PacketRecord) error

func WritePackets 

func WritePackets(w io.Writer, root PacketRecord) error

Types

type AddResponse 

type AddResponse struct {
	Changes []*KeyChange
	Errors  []*ReadKeyResult
}

func (*AddResponse) Error 

func (r *AddResponse) Error() error

func (*AddResponse) WriteTo 

func (r *AddResponse) WriteTo(w http.ResponseWriter) (err error)

type DB 

type DB struct {
	*sqlx.DB
}

func NewDB 

func NewDB() (db *DB, err error)

func (*DB) CreateConstraints 

func (db *DB) CreateConstraints() (err error)

func (*DB) CreateSchema 

func (db *DB) CreateSchema() (err error)

func (*DB) CreateTables 

func (db *DB) CreateTables() (err error)

func (*DB) DeleteDuplicates 

func (db *DB) DeleteDuplicates() (err error)

func (*DB) DropConstraints 

func (db *DB) DropConstraints() (err error)

type ErrorResponse 

type ErrorResponse struct {
	Err error
}

func (*ErrorResponse) Error 

func (r *ErrorResponse) Error() error

func (*ErrorResponse) WriteTo 

func (r *ErrorResponse) WriteTo(w http.ResponseWriter) error

type HashQueryResponse 

type HashQueryResponse struct {
	Keys []*Pubkey
}

func (*HashQueryResponse) Error 

func (hq *HashQueryResponse) Error() error

func (*HashQueryResponse) WriteTo 

func (hq *HashQueryResponse) WriteTo(w http.ResponseWriter) (err error)

type HkpStats 

type HkpStats struct {
	*Worker
	Timestamp      time.Time
	Hostname       string
	Port           int
	Version        string
	PksPeers       []PksStatus
	TotalKeys      int `db:"total_keys"`
	KeyStatsHourly []PksKeyStats
	KeyStatsDaily  []PksKeyStats
}

type IndexResponse 

type IndexResponse struct {
	Lookup  *hkp.Lookup
	Keys    []*Pubkey
	Verbose bool
	Err     error
}

func (*IndexResponse) Error 

func (r *IndexResponse) Error() error

func (*IndexResponse) WriteTo 

func (r *IndexResponse) WriteTo(w http.ResponseWriter) error

type KeyChange 

type KeyChange struct {
	// Fingerprint is the public key fingerprint
	Fingerprint string
	// CurrentMd5 contains the new digest of the key (SKS compatible).
	CurrentMd5 string
	// PreviousMd5 contains the digest of the key prior to update, if any (SKS compatible).
	PreviousMd5 string
	// CurrentSha256 contains the new digest of the key.
	CurrentSha256 string
	// PreviousSha256 contains the digest of the key prior to update, if any.
	PreviousSha256 string
	// Error captures the error that prevented the change from occurring, otherwise nil.
	Error error
	// Type indicates the type of key change that occurred, as indicated by KeyChangeType.
	Type KeyChangeType
}

KeyChange describes the change made to a public key resulting from a /pks/add HKP request.

func (*KeyChange) String 

func (kc *KeyChange) String() string

String represents the key change event as a string for diagnostic purposes.

type KeyChangeChan 

type KeyChangeChan chan *KeyChange

KeyChangeChan channels are used for sending and receiving key changes resulting from adding a new key or merging updates into an existing one.

type KeyChangeType 

type KeyChangeType int

KeyChangeType identifies the type of change that a worker has made to a public key. 

const (
	// KeyChangeInvalid indicates that the attempted key change information
	// does not describe an expected, valid event.
	KeyChangeInvalid KeyChangeType = iota
	// KeyNotChanged indicates that a request to update an existing public key
	// did not result in any change or addition of new key material.
	KeyNotChanged KeyChangeType = iota
	// KeyAdded indicates a new key was added to the database.
	KeyAdded KeyChangeType = iota
	// KeyModified indicates that an existing key was updated with new information.
	KeyModified KeyChangeType = iota
)

type KeyringResponse 

type KeyringResponse struct {
	Keys []*Pubkey
}

func (*KeyringResponse) Error 

func (k *KeyringResponse) Error() error

func (*KeyringResponse) WriteTo 

func (k *KeyringResponse) WriteTo(w http.ResponseWriter) error

type Loader 

type Loader struct {
	// contains filtered or unexported fields
}

func NewLoader 

func NewLoader(db *DB, bulk bool) *Loader

func (*Loader) Begin 

func (l *Loader) Begin() (_ *sqlx.Tx, err error)

func (*Loader) Commit 

func (l *Loader) Commit() (err error)

func (*Loader) InsertKey 

func (l *Loader) InsertKey(pubkey *Pubkey) (err error)

func (*Loader) Rollback 

func (l *Loader) Rollback() (err error)

type MessageResponse 

type MessageResponse struct {
	Content []byte
	Err     error
}

func (*MessageResponse) Error 

func (r *MessageResponse) Error() error

func (*MessageResponse) WriteTo 

func (r *MessageResponse) WriteTo(w http.ResponseWriter) error

type NotImplementedResponse 

type NotImplementedResponse struct {
}

func (*NotImplementedResponse) Error 

func (e *NotImplementedResponse) Error() error

func (*NotImplementedResponse) WriteTo 

func (e *NotImplementedResponse) WriteTo(w http.ResponseWriter) error

type OpaqueKeyring 

type OpaqueKeyring struct {
	Packets      []*packet.OpaquePacket
	RFingerprint string
	Md5          string
	Sha256       string
	Error        error
	Position     int64
}

func (*OpaqueKeyring) Parse 

func (ok *OpaqueKeyring) Parse() (*Pubkey, error)

type OpaqueKeyringChan 

type OpaqueKeyringChan chan *OpaqueKeyring

func ReadOpaqueKeyrings 

func ReadOpaqueKeyrings(r io.Reader) OpaqueKeyringChan

type PacketRecord 

type PacketRecord interface {
	GetOpaquePacket() (*packet.OpaquePacket, error)
	GetPacket() (packet.Packet, error)
	Read() error
	Serialize(w io.Writer) error

	Uuid() string
	Visit(PacketVisitor) error
	// contains filtered or unexported methods
}

type PacketRecordMap 

type PacketRecordMap map[string]PacketRecord

func MapKey 

func MapKey(pubkey *Pubkey) PacketRecordMap

Map a tree of packet objects by strong hash.

func (PacketRecordMap) Add 

func (m PacketRecordMap) Add(rec PacketRecord) error

type PacketState 

type PacketState int

PacketState indicates the validity of the public key material and special policies that may apply to it. The lower 16 bits are either neutral policy or positive validation indicators. The upper 16 bits indicate validation failure that the key material is either invalid, unverifiable or failed to meet some policy criteria.

type PacketVisitor 

type PacketVisitor func(PacketRecord) error

type PksKeyStats 

type PksKeyStats struct {
	Timestamp time.Time `db:"start"`
	Created   int       `db:"created"`
	Modified  int       `db:"modified"`
}

func (*PksKeyStats) Day 

func (s *PksKeyStats) Day() string

func (*PksKeyStats) Hour 

func (s *PksKeyStats) Hour() string

type PksStatus 

type PksStatus struct {
	// Email address of the PKS server.
	Addr string `db:"email_addr"`
	// Timestamp of the last sync to this server.
	LastSync time.Time `db:"last_sync"`
}

Status of PKS synchronization

type PksSync 

type PksSync struct {
	*Worker
	// Our PKS email address, which goes into the From: address outbound
	MailFrom string
	// Remote PKS servers we are sending updates to
	PksAddrs []string
	// SMTP host used to send email
	SmtpHost string
	// SMTP authentication
	SmtpAuth smtp.Auth
	// contains filtered or unexported fields
}

Basic implementation of outbound PKS synchronization

func NewPksSync 

func NewPksSync(w *Worker) (*PksSync, error)

Initialize from command line switches if fields not set.

func (*PksSync) SendKey 

func (ps *PksSync) SendKey(addr string, key *Pubkey) (err error)

Email an updated public key to a PKS server.

func (*PksSync) SendKeys 

func (ps *PksSync) SendKeys(status *PksStatus) (err error)

func (*PksSync) Start 

func (ps *PksSync) Start()

Start PKS synchronization

func (*PksSync) Stop 

func (ps *PksSync) Stop()

func (*PksSync) SyncStatus 

func (ps *PksSync) SyncStatus() (status []PksStatus, err error)

type Pubkey 

type Pubkey struct {
	RFingerprint string         `db:"uuid"`        // immutable
	Creation     time.Time      `db:"creation"`    // immutable
	Expiration   time.Time      `db:"expiration"`  // mutable
	State        int            `db:"state"`       // mutable
	Packet       []byte         `db:"packet"`      // immutable
	Ctime        time.Time      `db:"ctime"`       // immutable
	Mtime        time.Time      `db:"mtime"`       // mutable
	Md5          string         `db:"md5"`         // mutable
	Sha256       string         `db:"sha256"`      // mutable
	RevSigDigest sql.NullString `db:"revsig_uuid"` // mutable
	PrimaryUid   sql.NullString `db:"primary_uid"` // mutable
	PrimaryUat   sql.NullString `db:"primary_uat"` // mutable
	Algorithm    int            `db:"algorithm"`   // immutable
	BitLen       int            `db:"bit_len"`     // immutable
	Unsupported  []byte         `db:"unsupp"`      // mutable

	PublicKey   *packet.PublicKey
	PublicKeyV3 *packet.PublicKeyV3
	// contains filtered or unexported fields
}

Pubkey represents an OpenPGP public key packet. Searchable fields are extracted from the packet key material stored in Packet, for database indexing.

func NewPubkey 

func NewPubkey(op *packet.OpaquePacket) (pubkey *Pubkey, err error)

func (*Pubkey) AddSignature 

func (pubkey *Pubkey) AddSignature(sig *Signature)

func (*Pubkey) AppendUnsupported 

func (pubkey *Pubkey) AppendUnsupported(opkt *packet.OpaquePacket)

func (*Pubkey) Fingerprint 

func (pubkey *Pubkey) Fingerprint() string

func (*Pubkey) GetOpaquePacket 

func (pubkey *Pubkey) GetOpaquePacket() (*packet.OpaquePacket, error)

func (*Pubkey) GetPacket 

func (pubkey *Pubkey) GetPacket() (p packet.Packet, err error)

func (*Pubkey) KeyId 

func (pubkey *Pubkey) KeyId() string

func (*Pubkey) Read 

func (pubkey *Pubkey) Read() (err error)

func (*Pubkey) RemoveSignature 

func (pubkey *Pubkey) RemoveSignature(sig *Signature)

func (*Pubkey) Serialize 

func (pubkey *Pubkey) Serialize(w io.Writer) error

func (*Pubkey) ShortId 

func (pubkey *Pubkey) ShortId() string

func (*Pubkey) Subkeys 

func (pubkey *Pubkey) Subkeys() []*Subkey

func (*Pubkey) UnsupportedPackets 

func (pubkey *Pubkey) UnsupportedPackets() (result []*packet.OpaquePacket)

func (*Pubkey) UserIds 

func (pubkey *Pubkey) UserIds() []*UserId

func (*Pubkey) Uuid 

func (pubkey *Pubkey) Uuid() string

func (*Pubkey) Visit 

func (pubkey *Pubkey) Visit(visitor PacketVisitor) (err error)

type PubkeyChan 

type PubkeyChan chan *ReadKeyResult

func ReadKeys 

func ReadKeys(r io.Reader) PubkeyChan

type ReadKeyResult 

type ReadKeyResult struct {
	*Pubkey
	Error error
}

func ErrReadKeys 

func ErrReadKeys(msg string) *ReadKeyResult

type ReadKeyResults 

type ReadKeyResults []*ReadKeyResult

func (ReadKeyResults) GoodKeys 

func (r ReadKeyResults) GoodKeys() (result []*Pubkey)

type RecoverKey 

type RecoverKey struct {
	Keytext []byte
	Source  string
	// contains filtered or unexported fields
}

type RecoverKeyResponse 

type RecoverKeyResponse struct {
	Change *KeyChange
	Err    error
}

func (*RecoverKeyResponse) Error 

func (r *RecoverKeyResponse) Error() error

func (*RecoverKeyResponse) WriteTo 

func (r *RecoverKeyResponse) WriteTo(w http.ResponseWriter) error

type Settings 

type Settings struct {
	*hockeypuck.Settings
}

func Config 

func Config() *Settings

func (*Settings) DSN 

func (s *Settings) DSN() string

func (*Settings) Driver 

func (s *Settings) Driver() string

func (*Settings) NumWorkers 

func (s *Settings) NumWorkers() int

Number of workers to spawn

func (*Settings) PksFrom 

func (s *Settings) PksFrom() string

PKS mail from address

func (*Settings) PksTo 

func (s *Settings) PksTo() []string

Downstream PKS servers

func (*Settings) SmtpHost 

func (s *Settings) SmtpHost() string

SMTP settings

func (*Settings) SmtpId 

func (s *Settings) SmtpId() string

func (*Settings) SmtpPass 

func (s *Settings) SmtpPass() string

func (*Settings) SmtpUser 

func (s *Settings) SmtpUser() string

func (*Settings) VerifySigs 

func (s *Settings) VerifySigs() bool

type Signable 

type Signable interface {
	AddSignature(*Signature)
	RemoveSignature(*Signature)
}

type Signature 

type Signature struct {
	ScopedDigest       string         `db:"uuid"`        // immutable
	Creation           time.Time      `db:"creation"`    // immutable
	Expiration         time.Time      `db:"expiration"`  // immutable
	State              int            `db:"state"`       // mutable
	Packet             []byte         `db:"packet"`      // immutable
	SigType            int            `db:"sig_type"`    // immutable
	RIssuerKeyId       string         `db:"signer"`      // immutable
	RIssuerFingerprint sql.NullString `db:"signer_uuid"` // mutable
	RevSigDigest       sql.NullString `db:"revsig_uuid"` // mutable

	PubkeyUuid sql.NullString `db:"pubkey_uuid"`
	SubkeyUuid sql.NullString `db:"subkey_uuid"`
	UidUuid    sql.NullString `db:"uid_uuid"`
	UatUuid    sql.NullString `db:"uat_uuid"`
	SigUuid    sql.NullString `db:"sig_uuid"`

	Signature   *packet.Signature
	SignatureV3 *packet.SignatureV3
	// contains filtered or unexported fields
}

func NewSignature 

func NewSignature(op *packet.OpaquePacket) (sig *Signature, err error)

func (*Signature) GetOpaquePacket 

func (sig *Signature) GetOpaquePacket() (*packet.OpaquePacket, error)

func (*Signature) GetPacket 

func (sig *Signature) GetPacket() (p packet.Packet, err error)

func (*Signature) GetSignature 

func (sig *Signature) GetSignature() (packet.Packet, error)

func (*Signature) IsPrimary 

func (sig *Signature) IsPrimary() bool

func (*Signature) IssuerFingerprint 

func (sig *Signature) IssuerFingerprint() string

func (*Signature) IssuerKeyId 

func (sig *Signature) IssuerKeyId() string

func (*Signature) IssuerShortId 

func (sig *Signature) IssuerShortId() string

func (*Signature) Read 

func (sig *Signature) Read() (err error)

func (*Signature) Serialize 

func (sig *Signature) Serialize(w io.Writer) error

func (*Signature) Uuid 

func (sig *Signature) Uuid() string

func (*Signature) Visit 

func (sig *Signature) Visit(visitor PacketVisitor) (err error)

type SksPeer 

type SksPeer struct {
	*recon.Peer
	Service    *hkp.Service
	RecoverKey chan RecoverKey
	KeyChanges KeyChangeChan
}

func NewSksPeer 

func NewSksPeer(s *hkp.Service) (*SksPeer, error)

func (*SksPeer) HandleKeyUpdates 

func (r *SksPeer) HandleKeyUpdates()

func (*SksPeer) HandleRecovery 

func (r *SksPeer) HandleRecovery()

func (*SksPeer) Start 

func (r *SksPeer) Start()

func (*SksPeer) Stop 

func (r *SksPeer) Stop()

type StatsResponse 

type StatsResponse struct {
	Lookup *hkp.Lookup
	Stats  *HkpStats
	Err    error
}

func (*StatsResponse) Error 

func (r *StatsResponse) Error() error

func (*StatsResponse) WriteTo 

func (r *StatsResponse) WriteTo(w http.ResponseWriter) (err error)

type Subkey 

type Subkey struct {
	RFingerprint string         `db:"uuid"`        // immutable
	Creation     time.Time      `db:"creation"`    // immutable
	Expiration   time.Time      `db:"expiration"`  // mutable
	State        int            `db:"state"`       // mutable
	Packet       []byte         `db:"packet"`      // immutable
	PubkeyRFP    string         `db:"pubkey_uuid"` // immutable
	RevSigDigest sql.NullString `db:"revsig_uuid"` // mutable
	Algorithm    int            `db:"algorithm"`   // immutable
	BitLen       int            `db:"bit_len"`     // immutable

	PublicKey   *packet.PublicKey
	PublicKeyV3 *packet.PublicKeyV3
	// contains filtered or unexported fields
}

func NewSubkey 

func NewSubkey(op *packet.OpaquePacket) (subkey *Subkey, err error)

func (*Subkey) AddSignature 

func (subkey *Subkey) AddSignature(sig *Signature)

func (*Subkey) Fingerprint 

func (subkey *Subkey) Fingerprint() string

func (*Subkey) GetOpaquePacket 

func (subkey *Subkey) GetOpaquePacket() (*packet.OpaquePacket, error)

func (*Subkey) GetPacket 

func (subkey *Subkey) GetPacket() (p packet.Packet, err error)

func (*Subkey) KeyId 

func (subkey *Subkey) KeyId() string

func (*Subkey) Read 

func (subkey *Subkey) Read() (err error)

func (*Subkey) RemoveSignature 

func (subkey *Subkey) RemoveSignature(sig *Signature)

func (*Subkey) Serialize 

func (subkey *Subkey) Serialize(w io.Writer) error

func (*Subkey) ShortId 

func (subkey *Subkey) ShortId() string

func (*Subkey) Signatures 

func (subkey *Subkey) Signatures() []*Signature

func (*Subkey) Uuid 

func (subkey *Subkey) Uuid() string

func (*Subkey) Visit 

func (subkey *Subkey) Visit(visitor PacketVisitor) (err error)

type UserAttribute 

type UserAttribute struct {
	ScopedDigest string         `db:"uuid"`        // immutable
	Creation     time.Time      `db:"creation"`    // mutable (derived from latest sigs)
	Expiration   time.Time      `db:"expiration"`  // mutable
	State        int            `db:"state"`       // mutable
	Packet       []byte         `db:"packet"`      // immutable
	PubkeyRFP    string         `db:"pubkey_uuid"` // immutable
	RevSigDigest sql.NullString `db:"revsig_uuid"` // mutable

	UserAttribute *packet.UserAttribute
	// contains filtered or unexported fields
}

func NewUserAttribute 

func NewUserAttribute(op *packet.OpaquePacket) (uat *UserAttribute, err error)

func (*UserAttribute) AddSignature 

func (uat *UserAttribute) AddSignature(sig *Signature)

func (*UserAttribute) GetOpaquePacket 

func (uat *UserAttribute) GetOpaquePacket() (*packet.OpaquePacket, error)

func (*UserAttribute) GetPacket 

func (uat *UserAttribute) GetPacket() (packet.Packet, error)

func (*UserAttribute) Read 

func (uat *UserAttribute) Read() (err error)

func (*UserAttribute) RemoveSignature 

func (uat *UserAttribute) RemoveSignature(sig *Signature)

func (*UserAttribute) Serialize 

func (uat *UserAttribute) Serialize(w io.Writer) error

func (*UserAttribute) Uuid 

func (uat *UserAttribute) Uuid() string

func (*UserAttribute) Visit 

func (uat *UserAttribute) Visit(visitor PacketVisitor) (err error)

type UserId 

type UserId struct {
	ScopedDigest string         `db:"uuid"`        // immutable
	Creation     time.Time      `db:"creation"`    // mutable (derived from latest sigs)
	Expiration   time.Time      `db:"expiration"`  // mutable
	State        int            `db:"state"`       // mutable
	Packet       []byte         `db:"packet"`      // immutable
	PubkeyRFP    string         `db:"pubkey_uuid"` // immutable
	RevSigDigest sql.NullString `db:"revsig_uuid"` // mutable
	Keywords     string         `db:"keywords"`    // immutable

	UserId *packet.UserId
	// contains filtered or unexported fields
}

func NewUserId 

func NewUserId(op *packet.OpaquePacket) (uid *UserId, err error)

func (*UserId) AddSignature 

func (uid *UserId) AddSignature(sig *Signature)

func (*UserId) GetOpaquePacket 

func (uid *UserId) GetOpaquePacket() (*packet.OpaquePacket, error)

func (*UserId) GetPacket 

func (uid *UserId) GetPacket() (packet.Packet, error)

func (*UserId) Read 

func (uid *UserId) Read() (err error)

func (*UserId) RemoveSignature 

func (uid *UserId) RemoveSignature(sig *Signature)

func (*UserId) Serialize 

func (uid *UserId) Serialize(w io.Writer) error

func (*UserId) Signatures 

func (uid *UserId) Signatures() []*Signature

func (*UserId) Uuid 

func (uid *UserId) Uuid() string

func (*UserId) Visit 

func (uid *UserId) Visit(visitor PacketVisitor) (err error)

type Worker 

type Worker struct {
	*Loader
	Service *hkp.Service
	Peer    *SksPeer
	// contains filtered or unexported fields
}

func NewWorker 

func NewWorker(service *hkp.Service, peer *SksPeer) (w *Worker, err error)

func (*Worker) Add 

func (w *Worker) Add(a *hkp.Add)

Add responds to /pks/add HKP requests.

func (*Worker) HashQuery 

func (w *Worker) HashQuery(hq *hkp.HashQuery)

func (*Worker) Lookup 

func (w *Worker) Lookup(l *hkp.Lookup)

func (*Worker) LookupHash 

func (w *Worker) LookupHash(digest string) ([]*Pubkey, error)

func (*Worker) LookupKey 

func (w *Worker) LookupKey(keyid string) (pubkey *Pubkey, err error)

func (*Worker) LookupKeys 

func (w *Worker) LookupKeys(search string, limit int) (keys []*Pubkey, err error)

func (*Worker) Run 

func (w *Worker) Run()

func (*Worker) Stats 

func (w *Worker) Stats(l *hkp.Lookup)

func (*Worker) SubKeyChanges 

func (w *Worker) SubKeyChanges(keyChanges KeyChangeChan) error

SubKeyChanges subscribes a KeyChange channel to receive updates on any keys added or updated by this worker.

func (*Worker) UpdateKey 

func (w *Worker) UpdateKey(pubkey *Pubkey) (err error)

UpdateKey updates the database to the contents of the given public key.

func (*Worker) UpdateKeyRelations 

func (w *Worker) UpdateKeyRelations(pubkey *Pubkey) (err error)

UpdateKeyRelations updates the foreign-key relations between matching public key packet records to represent the state of the given public key.

func (*Worker) UpsertKey 

func (w *Worker) UpsertKey(key *Pubkey) (change *KeyChange)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.