Documentation ¶
Index ¶
- func HomeDir() string
- func KeystoreDefaultDirectory() string
- func KeystorePath(name string) string
- func NamedKeystoreFile(location string) string
- type Error
- type Key
- type Keystore
- func (k *Keystore) AddPrivateKey(name string, key *rsa.PrivateKey)
- func (k *Keystore) AddPublicKey(name string, key *rsa.PublicKey)
- func (k *Keystore) FindPrivateKey(name string) (*rsa.PrivateKey, bool)
- func (k *Keystore) FindPublicKey(name string) (*rsa.PublicKey, bool)
- func (k *Keystore) RemoveKey(name string)
- func (k *Keystore) Save(file afero.File) error
- type Label
- type TapeReader
- type TapeWriter
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func KeystoreDefaultDirectory ¶
func KeystoreDefaultDirectory() string
KeystoreDefaultDirectory returns the default directory for named keystores. By default the default directory is in the user's home directory and the .repkey "hidden director". E.g. (/home/joeuser/.repkey on Unix.)
func KeystorePath ¶
KeystorePath returns the path to a keystore. If the path is an absolute path, that is returned. If the path is not an absolute path, then it is assumed to be a named keystore.
func NamedKeystoreFile ¶
NamedKeystoreFile returns a named keystore file from the user's default keystore directory.
Types ¶
type Error ¶
Error describes an error when reading, writing or creating repositories. It retains the original error and an error message to assist in debugging.
type Key ¶
type Key struct { Label Label PublicKey *rsa.PublicKey PrivateKey *rsa.PrivateKey }
Key is the key necessary to unlock a tape. A key contains the label (which contains the random AES key IV necessary to decipher the tape). When creating tapes, it contains the public key used to encrypt the label and the private key used to sign the label. When deciphering tapes, it contains the private key to unencrypt the label and the public to to veify the label signature.
type Keystore ¶
Keystore is the collection of private and public keys.
func CreateKeystore ¶
CreateKeystore creates a new key store in the given file system. If a keystore already exists, that is an error. Returns the keystore or nil if there was an error.
func OpenKeystore ¶
OpenKeystore opnes a keystore from a file. Returns a keystore or nil if there is an error.
func (*Keystore) AddPrivateKey ¶
func (k *Keystore) AddPrivateKey(name string, key *rsa.PrivateKey)
AddPrivateKey adds a private key to the key store with the given name.
func (*Keystore) AddPublicKey ¶
AddPublicKey to keystore with the given name.
func (*Keystore) FindPrivateKey ¶
func (k *Keystore) FindPrivateKey(name string) (*rsa.PrivateKey, bool)
FindPrivateKey finds a private key from the keystore with the given name. If no key is found, it returns nil and false for the second return value.
func (*Keystore) FindPublicKey ¶
FindPublicKey return the private or public key for a given nanem. If no key is found nil is returned and false for the second return value.
type Label ¶
type Label struct { AesKey []byte // contains filtered or unexported fields }
Label is a key and key signature to use to encrypt a tape.
func ReadLabel ¶
ReadLabel reads a label in from the source reader, using the private key to decrypt the label and the public key to check the signature. Returns an empty label and error if there is an error.
func (*Label) OpenReader ¶
OpenReader opens a decrypting reader encapsulating the given stream. The label's AES key and IV are used to set up the read stream.
func (*Label) OpenWriter ¶
OpenWriter opens an encrypting writer, wrapping the original file writer.
func (*Label) WriteLabel ¶
func (l *Label) WriteLabel(repoFile io.Writer, encKey *rsa.PublicKey, signKey *rsa.PrivateKey) error
WriteLabel creates a new label for an encrypted tape. It consists of the the header (the AES random key and initialization vector) and the signature of the header.
type TapeReader ¶
type TapeReader struct { Key Key // contains filtered or unexported fields }
TapeReader is used to read from and unpack an encrypted tape. It contains the key necessary to decipher the tape and the archive reader necessary to read data from the tape.
func OpenTape ¶
func OpenTape(privateKey *rsa.PrivateKey, publicKey *rsa.PublicKey, tape io.Reader) (*TapeReader, error)
OpenTape opens a tape for reading. It decrypts and verifies the label and then set up the arhicve reader to read from the tape.
func (*TapeReader) Contents ¶
func (r *TapeReader) Contents() ([]string, error)
Contents returns the contents of a tape. Each is an en
func (*TapeReader) ExtractFile ¶
func (r *TapeReader) ExtractFile(fs afero.Fs) error
ExtractFile reads a file out of the tape and writes it onto the disk. it uses metadata stored about the file to determine the file name and any other characterisitics to set on the created file.
TODO: Need to check for and create intermediate directories.
type TapeWriter ¶
type TapeWriter struct { Key Key // contains filtered or unexported fields }
TapeWriter is used to write data into a tape. It contains the Key used to set up encryption and the archive writer to write data into the tape.
func NewTapeWriter ¶
func NewTapeWriter(key Key, repoFile io.Writer) (*TapeWriter, error)
NewTapeWriter creates a new tape writer. It returns a writeable repository or nil and an error if there's an error. The repository is conceptually a tape with a label and then the tape contents. The label contains a random AES256 key and a random initialization vector for the AES algorithm. A SHA256 signature is generated for the two values. The two values are encrypted. The complete label is considered the encrypted key, initialization vector and the unencrypted signature.
func (*TapeWriter) AddDirectory ¶
func (r *TapeWriter) AddDirectory(fs afero.Fs, dirpath string) error
AddDirectory adds an entire directory and its contents at one time