cryptor

package

v0.0.0-...-9cf4858 Latest Latest Go to latest Published: May 10, 2016 License: BSD-2-Clause Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/apty/redoctober

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type AccessStructure
type Cryptor
- func New(records *passvault.Records, cache *keycache.Cache) Cryptor
type EncryptedData
type MultiWrappedKey
type SingleWrappedKey
type UserDatabase

Constants ¶

View Source

const (
	DEFAULT_VERSION = 1
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AccessStructure ¶

type AccessStructure struct {
	Minimum int
	Names   []string

	LeftNames  []string
	RightNames []string

	Predicate string
}

AccessStructure represents different possible access structures for encrypted data. If len(Names) > 0, then at least 2 of the users in the list must be delegated to decrypt. If len(LeftNames) > 0 & len(RightNames) > 0, then at least one from each list must be delegated (if the same user is in both, then he can decrypt it alone). If a predicate is present, it must be satisfied to decrypt.

type Cryptor ¶

type Cryptor struct {
	// contains filtered or unexported fields
}

func New ¶

func New(records *passvault.Records, cache *keycache.Cache) Cryptor

func (*Cryptor) Decrypt ¶

func (c *Cryptor) Decrypt(in []byte, user string) (resp []byte, labels, names []string, secure bool, err error)

Decrypt decrypts a file using the keys in the key cache.

func (*Cryptor) Encrypt ¶

func (c *Cryptor) Encrypt(in []byte, labels []string, access AccessStructure) (resp []byte, err error)

Encrypt encrypts data with the keys associated with names. This requires a minimum of min keys to decrypt. NOTE: as currently implemented, the maximum value for min is 2.

func (*Cryptor) GetOwners ¶

func (c *Cryptor) GetOwners(in []byte) (names []string, predicate string, err error)

GetOwners returns the list of users that can delegate their passwords to decrypt the given encrypted secret.

type EncryptedData ¶

type EncryptedData struct {
	Version   int
	VaultId   int                         `json:",omitempty"`
	Labels    []string                    `json:",omitempty"`
	Predicate string                      `json:",omitempty"`
	KeySet    []MultiWrappedKey           `json:",omitempty"`
	KeySetRSA map[string]SingleWrappedKey `json:",omitempty"`
	ShareSet  map[string][][]byte         `json:",omitempty"`
	IV        []byte                      `json:",omitempty"`
	Data      []byte
	Signature []byte
}

EncryptedData is the format for encrypted data containing all the keys necessary to decrypt it when delegated.

type MultiWrappedKey ¶

type MultiWrappedKey struct {
	Name []string
	Key  []byte
}

MultiWrappedKey is a structure containing a 16-byte key encrypted once for each of the keys corresponding to the names of the users in Name in order.

type SingleWrappedKey ¶

type SingleWrappedKey struct {
	Key []byte
	// contains filtered or unexported fields
}

SingleWrappedKey is a structure containing a 16-byte key encrypted by an RSA or EC key.

type UserDatabase ¶

type UserDatabase struct {
	// contains filtered or unexported fields
}

Implements msp.UserDatabase

func (UserDatabase) CanGetShare ¶

func (u UserDatabase) CanGetShare(name string) bool

func (UserDatabase) GetShare ¶

func (u UserDatabase) GetShare(name string) ([][]byte, error)

func (UserDatabase) ValidUser ¶

func (u UserDatabase) ValidUser(name string) bool

Source Files ¶

View all Source files

cryptor.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL