yubikey

package
v0.0.0-...-950c6a0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 8, 2023 License: BSD-3-Clause Imports: 23 Imported by: 0

Documentation

Overview

Implements yubikey based encryption without calling an external plugin

Index

Constants

View Source 
const (
	IDENTITY_PREFIX  = "AGE-PLUGIN-YUBIEMBED-"
	RECIPIENT_PREFIX = "age1yubiembed"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type ClientUI 

type ClientUI struct {
	// DisplayMessage displays the message, which is expected to have lowercase
	// initials and no final period.
	DisplayMessage func(name, message string) error

	// RequestValue requests a secret or public input, with the provided prompt.
	RequestValue func(name, prompt string, secret bool) (string, error)

	// Confirm requests a confirmation with the provided prompt. The yes and no
	// value are the choices provided to the user. no may be empty. The return
	// value indicates whether the user selected the yes or no option.
	Confirm func(name, prompt, yes, no string) (choseYes bool, err error)

	// WaitTimer is invoked once (Un)Wrap has been waiting for 5 seconds on the
	// plugin, for example because the plugin is waiting for an external event
	// (e.g. a hardware token touch). Unlike the other callbacks, WaitTimer runs
	// in a separate goroutine, and if missing it's simply ignored.
	WaitTimer func(name string)
}

ClientUI holds callbacks that will be invoked by (Un)Wrap if the plugin wishes to interact with the user. If any of them is nil or returns an error, failure will be reported to the plugin, but note that the error is otherwise discarded. Implementations are encouraged to display errors to the user before returning them.

type Identity 

type Identity struct {
	// contains filtered or unexported fields
}

func NewIdentity 

func NewIdentity(s string) (*Identity, error)

func (*Identity) Name 

func (i *Identity) Name() string

Name returns the plugin name, which is used in the recipient ("age1name1...") and identity ("AGE-PLUGIN-NAME-1...") encodings, as well as in the plugin binary name ("age-plugin-name").

func (*Identity) Tag 

func (i *Identity) Tag() string

Tag returns the identity tag, which should be unique

func (*Identity) Unwrap 

func (i *Identity) Unwrap(stanzas []*age.Stanza) (fileKey []byte, err error)

type ReaderFunc 

type ReaderFunc func(p []byte) (n int, err error)

func (ReaderFunc) Read 

func (f ReaderFunc) Read(p []byte) (n int, err error)

type Recipient 

type Recipient struct {
	// contains filtered or unexported fields
}

func NewRecipient 

func NewRecipient(s string) (*Recipient, error)

NewRecipient returns a new Recipient instance includes the data extracted from the recipient string necessary to wrap (encrypt) the encryption file key

func (*Recipient) Name 

func (r *Recipient) Name() string

Name returns the plugin name, which is used in the recipient ("age1name1...") and identity ("AGE-PLUGIN-NAME-1...") encodings, as well as in the plugin binary name ("age-plugin-name").

func (*Recipient) Wrap 

func (r *Recipient) Wrap(fileKey []byte) (stanzas []*age.Stanza, err error)

Wrap encrypts the file key for the current recipient This function is called once per recipient parsed by the caller

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.