shared

package
v0.0.0-...-91fa366 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 8, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrFileNotFound           = errors.New("file not found")
	ErrNoCardsSelected        = errors.New("no yubikeys found")
	ErrNotYetImplemented      = errors.New("not yet implemented")
	ErrPathIsCurrentDirectory = errors.New("path is [.]")
	ErrPathIsRootDirectory    = errors.New("path is [/]")
)

Functions

func Close 

func Close(ctx context.Context, logger LogI, yk *piv.YubiKey)

func CloseYubikey 

func CloseYubikey(logger LogI, yk *piv.YubiKey)

CloseYubikey closes a key and logs any errors. Deprecated: Use Close nolint:varnamelen

func Decrypt 

func Decrypt(yubikey *piv.GPGYubiKey, cipherTextBytes []byte) ([]byte, error)

func DecryptBase64 

func DecryptBase64(yubikey *piv.GPGYubiKey, base64Data string) ([]byte, error)

func FilePathExists 

func FilePathExists(ctx context.Context, logger LogI, filePath string) (bool, string, error)

func HasValidKeyType 

func HasValidKeyType(logger LogI, yubikey *piv.GPGYubiKey, keyType piv.KeyType) (bool, error)

HasValidKeyType will check if the yubikey has the expected key. This is used in the filtering to make sure we pick the first yubikey with a gpg key. FIXME: move to piv.

func IsValidFileArg 

func IsValidFileArg(logger LogI, name string, args []string) error

func LoadFile 

func LoadFile(ctx context.Context, logger LogI, filePath string) ([]byte, error)

func MakeJSONString 

func MakeJSONString(data interface{}) string

MakeJSONString dumps a struct to json as a helper.

func OpenFile 

func OpenFile(ctx context.Context, logger LogI, filePath string) (*os.File, string, error)

func ToFileNotFound 

func ToFileNotFound(err error) error

ToFileNotFound converts ENOENT to constants.ErrFileNotFound to make life simpler.

func ValidateFileFlag 

func ValidateFileFlag(ctx context.Context, logger LogI, commandName, fileName string) error

func ValidatePath 

func ValidatePath(ctx context.Context, logger LogI, path string) (string, error)

Types

type CardAccess 

type CardAccess interface {
	OpenGPG(card string) (*piv.GPGYubiKey, error)
	Cards() ([]string, error)
}

type CardSelection 

type CardSelection struct {
	*YubikeyData

	CardAccessor CardAccess
}

CardSelection is created to filter cards. Currently, it can only filter on serial.

func NewCardSelection 

func NewCardSelection() *CardSelection

func (*CardSelection) GetCards 

func (c *CardSelection) GetCards(ctx context.Context, logger LogI, cfg *Config) ([]*piv.GPGYubiKey, error)

GetCards returns an array of pointers to piv.GPGPYubikey that have been filtered based on serial. TODO: add fingerprint and other styles. nolint:funlen,cyclop

func (*CardSelection) WithYubikeyData 

func (c *CardSelection) WithYubikeyData(value *YubikeyData) *CardSelection

type Config 

type Config struct {
	*CardSelection

	// Debug toggles verbose logging in downstream commands.
	Debug bool

	// Verbose toggles verbose logging in downstream commands.
	Verbose bool

	// Debug toggles verbose logging in downstream commands.
	Trace bool

	// Quiet disables all output other than expected value outputs.
	Quiet bool

	ShowPublic bool

	Base64Encoded bool
}

func New 

func New(ctx context.Context, logger LogI) *Config

func (*Config) DecryptSetup 

func (c *Config) DecryptSetup(ctx context.Context, logger LogI) (*GPGYubiKeyImpl, error)

DecryptSetup will look for the specified yubikey and return it open. The caller *MUST* close the yubikey if err is nil. nolint:ireturn

func (*Config) DevEncryptDecryptSetup 

func (c *Config) DevEncryptDecryptSetup(ctx context.Context, logger LogI, commandName, fileName string) (*GPGYubiKeyImpl, []byte, error)

DevEncryptDecryptSetup will look for the specified yubikey and return it open. It will also load and base64 decode the file argument. The caller *MUST* close the yubikey if err is nil.

func (*Config) DisplayKey 

func (c *Config) DisplayKey(ctx context.Context, logger LogI, index int, yubikey *piv.GPGYubiKey, closeKey bool, showPublicKey bool) error

DisplayKey will display information about a yubikey. if closeKey is true, it will close the key. nolint:funlen,cyclop

func (*Config) DisplayKeys 

func (c *Config) DisplayKeys(ctx context.Context, logger LogI, yubikeys []*piv.GPGYubiKey, closeKey bool, showPublicKey bool) error

func (*Config) PGPCardSelection 

func (c *Config) PGPCardSelection() *CardSelection

func (*Config) SelectCards 

func (c *Config) SelectCards(ctx context.Context, logger LogI) ([]*piv.GPGYubiKey, error)

func (*Config) String 

func (c *Config) String() string

func (*Config) WithBase64Encoded 

func (c *Config) WithBase64Encoded(value bool) *Config

func (*Config) WithCardSelection 

func (c *Config) WithCardSelection(value *CardSelection) *Config

func (*Config) WithDebug 

func (c *Config) WithDebug(value bool) *Config

func (*Config) WithQuiet 

func (c *Config) WithQuiet(value bool) *Config

func (*Config) WithShowPublic 

func (c *Config) WithShowPublic(value bool) *Config

func (*Config) WithTrace 

func (c *Config) WithTrace(value bool) *Config

func (*Config) WithVerbose 

func (c *Config) WithVerbose(value bool) *Config

func (*Config) WithYubikeyData 

func (c *Config) WithYubikeyData(value *YubikeyData) *Config

type GPGWrapper 

type GPGWrapper interface {
	// SerialString returns the YubiKey's serial number.
	SerialString(ctx context.Context, logger LogI) (string, error)
	// Close closes the yubikey.
	Close(ctx context.Context, logger LogI)
	// ReadPasswordAndSendToYubikey reads the password from the terminal and sends it to the yubikey for verification.
	// This must be called before the Decrypt call will work.
	ReadPasswordAndSendToYubikey(ctx context.Context, logger LogI) error
	Decrypt(ctx context.Context, logger LogI, data []byte) ([]byte, error)
	Encrypt(ctx context.Context, logger LogI, data []byte) ([]byte, error)
	ReadPublicKey(ctx context.Context, logger LogI, keyType piv.AsymmetricKeyType) (*rsa.PublicKey, error)
	AuthPIN(ctx context.Context, logger LogI, pin []byte) error
	Fingerprint(ctx context.Context, logger LogI) (string, error)
	GetAttestationCert(ctx context.Context, logger LogI, keyType piv.KeyType) ([]byte, error)
}

type GPGYubiKeyImpl 

type GPGYubiKeyImpl struct {
	// contains filtered or unexported fields
}

func NewGPGYubiKeyImpl 

func NewGPGYubiKeyImpl(yubikey *piv.GPGYubiKey) *GPGYubiKeyImpl

func (*GPGYubiKeyImpl) AuthPIN 

func (g *GPGYubiKeyImpl) AuthPIN(ctx context.Context, logger LogI, pin []byte) error

func (*GPGYubiKeyImpl) Close 

func (g *GPGYubiKeyImpl) Close(ctx context.Context, logger LogI)

func (*GPGYubiKeyImpl) Decrypt 

func (g *GPGYubiKeyImpl) Decrypt(ctx context.Context, logger LogI, data []byte) ([]byte, error)

func (*GPGYubiKeyImpl) Encrypt 

func (g *GPGYubiKeyImpl) Encrypt(ctx context.Context, logger LogI, data []byte) ([]byte, error)

func (*GPGYubiKeyImpl) Fingerprint 

func (g *GPGYubiKeyImpl) Fingerprint(ctx context.Context, logger LogI) (string, error)

func (*GPGYubiKeyImpl) GetAttestationCert 

func (g *GPGYubiKeyImpl) GetAttestationCert(ctx context.Context, logger LogI, keyType piv.KeyType) ([]byte, error)

func (*GPGYubiKeyImpl) ReadPasswordAndSendToYubikey 

func (g *GPGYubiKeyImpl) ReadPasswordAndSendToYubikey(ctx context.Context, logger LogI) error

ReadPasswordAndSendToYubikey reads the password from the terminal and sends it to the yubikey for verification. This must be called before the Decrypt call will work. nolint:forbidigo

func (*GPGYubiKeyImpl) ReadPublicKey 

func (g *GPGYubiKeyImpl) ReadPublicKey(ctx context.Context, logger LogI, keyType piv.AsymmetricKeyType) (*rsa.PublicKey, error)

func (*GPGYubiKeyImpl) SerialString 

func (g *GPGYubiKeyImpl) SerialString(ctx context.Context, logger LogI) (string, error)

type LogI 

type LogI interface {
	VerboseMsg(message string)
	VerboseMsgf(format string, args ...interface{})
	// InfoMsgf will only log if quiet flag is NOT set.
	InfoMsg(message string)
	InfoMsgf(format string, args ...interface{})
	DebugMsgf(format string, args ...interface{})
	DebugMsg(message string)
	IsDebugEnabled() bool
	ErrorMsg(err error, message string)
	ErrorMsgf(err error, format string, args ...interface{})
}

LogI hides ZeroLogger from bits that don't need to care about it.

func Nop 

func Nop(l LogI) LogI

type NopLogger 

type NopLogger struct{}

func (*NopLogger) DebugMsg 

func (n *NopLogger) DebugMsg(string)

func (*NopLogger) DebugMsgf 

func (n *NopLogger) DebugMsgf(string, ...interface{})

func (*NopLogger) ErrorMsg 

func (n *NopLogger) ErrorMsg(error, string)

func (*NopLogger) ErrorMsgf 

func (n *NopLogger) ErrorMsgf(err error, format string, args ...interface{})

func (*NopLogger) InfoMsg 

func (n *NopLogger) InfoMsg(string)

func (*NopLogger) InfoMsgf 

func (n *NopLogger) InfoMsgf(string, ...interface{})

func (*NopLogger) IsDebugEnabled 

func (n *NopLogger) IsDebugEnabled() bool

func (*NopLogger) VerboseMsg 

func (n *NopLogger) VerboseMsg(string)

func (*NopLogger) VerboseMsgf 

func (n *NopLogger) VerboseMsgf(string, ...interface{})

type PGPCardAccess 

type PGPCardAccess struct{}

func (*PGPCardAccess) Cards 

func (p *PGPCardAccess) Cards() ([]string, error)

func (*PGPCardAccess) OpenGPG 

func (p *PGPCardAccess) OpenGPG(card string) (*piv.GPGYubiKey, error)

type YubikeyData 

type YubikeyData struct {
	// Yubikey fingerprint.
	Fingerprint string
	// Yubikey key ID.
	KeyID string
	// Yubikey Serial.
	Serial string
	// Yubikey Name.
	Name string
}

func NewYubikeyData 

func NewYubikeyData() *YubikeyData

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.