edv

package

v0.1.6-0...-5c25bcb Latest Latest Go to latest Published: Feb 1, 2021 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Universal-Health-Chain/aries-framework-go

Links

Open Source Insights

Documentation ¶

Index ¶

type EncryptedFormatter
- func NewEncryptedFormatter(jweEncrypter jose.Encrypter, jweDecrypter jose.Decrypter, macCrypto *MACCrypto) *EncryptedFormatter
type MACCrypto
- func NewMACCrypto(kh interface{}, macDigester MACDigester) *MACCrypto
- func (m *MACCrypto) ComputeMAC(data string) (string, error)
type MACDigester
type Option
type RESTProvider
- func NewRESTProvider(edvServerURL, vaultID string, macCrypto *MACCrypto, options ...Option) (*RESTProvider, error)
type RESTStore

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type EncryptedFormatter ¶

type EncryptedFormatter struct {
	// contains filtered or unexported fields
}

EncryptedFormatter uses Aries crypto to encrypt and decrypt between Structured Documents and Encrypted Documents.

func NewEncryptedFormatter ¶

func NewEncryptedFormatter(jweEncrypter jose.Encrypter, jweDecrypter jose.Decrypter,
	macCrypto *MACCrypto) *EncryptedFormatter

NewEncryptedFormatter returns a new instance of an EncryptedFormatter.

func (*EncryptedFormatter) FormatPair ¶

func (f *EncryptedFormatter) FormatPair(k string, v []byte) ([]byte, error)

FormatPair encrypts k and v into encrypted document format.

func (*EncryptedFormatter) GenerateEDVDocumentID ¶

func (f *EncryptedFormatter) GenerateEDVDocumentID(k string) (string, error)

GenerateEDVDocumentID generates the EDV document ID based on k and the MAC crypto key. TODO (#2376) Revisit how we're generating EDV document IDs, since it's technically not 100% in line with the spec.

(Spec requires randomly generated IDs)

func (*EncryptedFormatter) ParsePair ¶

func (f *EncryptedFormatter) ParsePair(encryptedDocumentBytes []byte) (string, []byte, error)

ParsePair decrypts encryptedDocumentBytes and returns the original key and the decrypted data.

type MACCrypto ¶

type MACCrypto struct {
	// contains filtered or unexported fields
}

MACCrypto is used for computing MACs.

func NewMACCrypto ¶

func NewMACCrypto(kh interface{}, macDigester MACDigester) *MACCrypto

NewMACCrypto returns a new instance of a MACCrypto.

func (*MACCrypto) ComputeMAC ¶

func (m *MACCrypto) ComputeMAC(data string) (string, error)

ComputeMAC computes a MAC for data using a matching MAC primitive in kh.

type MACDigester ¶

type MACDigester interface {
	ComputeMAC(data []byte, kh interface{}) ([]byte, error)
}

MACDigester represents a type that can compute MACs.

type Option ¶

type Option func(opts *RESTProvider)

Option configures the EDV REST provider.

func WithFullDocumentsReturnedFromQueries ¶

func WithFullDocumentsReturnedFromQueries() Option

WithFullDocumentsReturnedFromQueries option is a performance optimization that can be used only if the EDV server that this RESTProvider connects to supports returning full documents in query results instead of only the document locations.

func WithHeaders ¶

func WithHeaders(addHeadersFunc addHeaders) Option

WithHeaders option is for setting additional http request headers (since it's a function, it can call a remote authorization server to fetch the necessary info needed in these headers).

func WithTLSConfig ¶

func WithTLSConfig(tlsConfig *tls.Config) Option

WithTLSConfig option is for definition of secured HTTP transport using a tls.Config instance.

type RESTProvider ¶

type RESTProvider struct {
	// contains filtered or unexported fields
}

RESTProvider is a store provider that can be used to store data in a server supporting the data vault HTTPS API as defined in https://identity.foundation/secure-data-store/#data-vault-https-api.

func NewRESTProvider ¶

func NewRESTProvider(edvServerURL, vaultID string,
	macCrypto *MACCrypto, options ...Option) (*RESTProvider, error)

NewRESTProvider returns a new RESTProvider. edvServerURL is the base URL for the data vault HTTPS API. vaultID is the ID of the vault where this provider will store data. The vault must be created in advance, and since the EDV REST API does not provide a method to check if a vault with a given ID exists, any errors due to a non-existent vault will be deferred until calls are actually made to it in the RESTStore. macCrypto is used to create an encrypted indices, which allow for documents to be queries based on a key without leaking that key to the EDV server.

func (*RESTProvider) Batch ¶

func (r *RESTProvider) Batch(batch *models.Batch) error

Batch performs a batch of operations within the RESTProvider. The EDV server must support the "Batch" extension. TODO (#2315) Refactor storage interface to properly accommodate this method

(For FormatProvider to use this, it must do a cast)

func (*RESTProvider) Close ¶

func (r *RESTProvider) Close() error

Close always returns success, since EDV REST stores have no concept of "closing".

func (*RESTProvider) CloseStore ¶

func (r *RESTProvider) CloseStore(string) error

CloseStore always returns success, since EDV REST stores have no concept of "closing".

func (*RESTProvider) OpenStore ¶

func (r *RESTProvider) OpenStore(name string) (storage.Store, error)

OpenStore opens a new RESTStore, using name as the namespace.

type RESTStore ¶

type RESTStore struct {
	// contains filtered or unexported fields
}

RESTStore is a store for storing EDV documents via the REST API. TODO (#2315) RESTStore shouldn't be exported - it was exported to allow for batch operations. When refactoring the storage interface, fix this.

func (*RESTStore) AddEncryptedIndexTagForStoreName ¶

func (r *RESTStore) AddEncryptedIndexTagForStoreName(encryptedDocumentBytes []byte) (*models.EncryptedDocument, error)

AddEncryptedIndexTagForStoreName takes encryptedDocumentBytes and adds an encrypted index tag so that we can later identify the document as belonging to the store r.name. TODO (#2315) AddEncryptedIndices shouldn't be exported - it was exported to allow for batch operations. When refactoring the storage interface, fix this.

func (*RESTStore) Delete ¶

func (r *RESTStore) Delete(k string) error

Delete deletes the encrypted document in the EDV server that is tagged with the key k.

func (*RESTStore) Get ¶

func (r *RESTStore) Get(k string) ([]byte, error)

Get retrieves the encrypted document from the EDV server saved under key k.

func (*RESTStore) Iterator ¶

func (r *RESTStore) Iterator(_, _ string) storage.StoreIterator

Iterator returns all documents within the store. It does not support start and end key filtering.

func (*RESTStore) Put ¶

func (r *RESTStore) Put(k string, v []byte) error

Put stores the marshalled EncryptedDocument v into the EDV server. An encrypted index will be added to v so that we are able to identify which documents in the vault belong to the store r.name.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
models

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL