filesystem

package

v0.0.0-...-982e07a Latest Latest Go to latest Published: Dec 19, 2023 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cossacklabs/acra

Links

Open Source Insights

Documentation ¶

Overview ¶

Package filesystem provides a common filesystem-based implementation of KeyStore.

Index ¶

Variables
func CustomKeyStore(backend backend.Backend, cryptosuite *crypto.KeyStoreSuite) (api.MutableKeyStore, error)
func IsKeyDirectory(keyDirPath string, extractor *args.ServiceExtractor) bool
func NewInMemory(cryptosuite *crypto.KeyStoreSuite) (api.MutableKeyStore, error)
func OpenDirectory(rootDir string, cryptosuite *crypto.KeyStoreSuite) (api.KeyStore, error)
func OpenDirectoryRW(rootDir string, cryptosuite *crypto.KeyStoreSuite) (api.MutableKeyStore, error)
type KeyRing
type KeyStore

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrKeyRingExists = errors.New("imported key ring already exists")
	ErrNoPublicData  = errors.New("key has no public data")
)

Errors returned by export/import routines.

View Source

var (
	ErrNotImplemented = errors.New("not implemented")
)

Errors returned by basic keystore.

Functions ¶

func CustomKeyStore ¶

func CustomKeyStore(backend backend.Backend, cryptosuite *crypto.KeyStoreSuite) (api.MutableKeyStore, error)

CustomKeyStore returns a configurable filesystem-based keystore. This constructor is useful if you want to provide a custom filesystem backend.

The backend will be closed when this keystore is closed, so a backend instance generally cannot be shared between keystores.

func IsKeyDirectory ¶

func IsKeyDirectory(keyDirPath string, extractor *args.ServiceExtractor) bool

IsKeyDirectory checks if the directory contains a keystore version 2. This is a conservative check. That is, positive return value does not mean that the directory contains *a valid* keystore. However, false value means that the directory is definitely not a valid keystore. In particular, false is returned if the directory does not exists or cannot be opened.

func NewInMemory ¶

func NewInMemory(cryptosuite *crypto.KeyStoreSuite) (api.MutableKeyStore, error)

NewInMemory returns a new, empty in-memory keystore. This is mostly useful for testing.

func OpenDirectory ¶

func OpenDirectory(rootDir string, cryptosuite *crypto.KeyStoreSuite) (api.KeyStore, error)

OpenDirectory opens a read-only keystore located in given directory.

func OpenDirectoryRW ¶

func OpenDirectoryRW(rootDir string, cryptosuite *crypto.KeyStoreSuite) (api.MutableKeyStore, error)

OpenDirectoryRW opens a keystore located in given directory. If the directory does not exist it will be created.

Types ¶

type KeyRing ¶

type KeyRing struct {
	// contains filtered or unexported fields
}

KeyRing is a KeyRing provided by KeyStore. It provides a snapshot of data which might be outdated.

func (*KeyRing) AddKey ¶

func (r *KeyRing) AddKey(key api.KeyDescription) (int, error)

AddKey appends a key to the key ring based on its description. Newly added key is returned if you wish to inspect or modify its state. Current key is not changed when a new key is added.

func (*KeyRing) AllKeys ¶

func (r *KeyRing) AllKeys() ([]int, error)

AllKeys returns all keys of this key ring, from newest to oldest.

func (*KeyRing) CurrentKey ¶

func (r *KeyRing) CurrentKey() (int, error)

CurrentKey returns current key of this key ring, if available.

func (*KeyRing) DestroyKey ¶

func (r *KeyRing) DestroyKey(seqnum int) error

DestroyKey erases key data (but keeps the key in the key ring).

func (*KeyRing) Formats ¶

func (r *KeyRing) Formats(seqnum int) ([]api.KeyFormat, error)

Formats available for this key.

func (*KeyRing) PrivateKey ¶

func (r *KeyRing) PrivateKey(seqnum int, format api.KeyFormat) ([]byte, error)

PrivateKey data in given format, if available.

func (*KeyRing) PublicKey ¶

func (r *KeyRing) PublicKey(seqnum int, format api.KeyFormat) ([]byte, error)

PublicKey data in given format, if available.

func (*KeyRing) SetCurrent ¶

func (r *KeyRing) SetCurrent(seqnum int) error

SetCurrent makes this key current in its key ring.

func (*KeyRing) SetState ¶

func (r *KeyRing) SetState(seqnum int, newState api.KeyState) error

SetState changes key State to the given one, if allowed.

func (*KeyRing) State ¶

func (r *KeyRing) State(seqnum int) (api.KeyState, error)

State of the key right now.

func (*KeyRing) SymmetricKey ¶

func (r *KeyRing) SymmetricKey(seqnum int, format api.KeyFormat) ([]byte, error)

SymmetricKey data in given format, if available.

func (*KeyRing) ValidSince ¶

func (r *KeyRing) ValidSince(seqnum int) (time.Time, error)

ValidSince returns the time before which the key cannot be used.

func (*KeyRing) ValidUntil ¶

func (r *KeyRing) ValidUntil(seqnum int) (time.Time, error)

ValidUntil returns the time since which the key should not be used.

type KeyStore ¶

type KeyStore struct {
	// contains filtered or unexported fields
}

KeyStore is a filesystem-like keystore which keeps key rings in files.

What exactly is the underlying filesystem is somewhat flexible and controlled by filesystem.Backend. Normally this is an actual filesystem but there are alternative implementations.

func (*KeyStore) Close ¶

func (s *KeyStore) Close() error

Close this keystore, releasing associated resources.

func (*KeyStore) DescribeKeyRing ¶

func (s *KeyStore) DescribeKeyRing(path string) (*keystoreV1.KeyDescription, error)

DescribeKeyRing describes key ring by its purpose path.

func (*KeyStore) DescribeRotatedKeyRing ¶

func (s *KeyStore) DescribeRotatedKeyRing(path string) ([]keystoreV1.KeyDescription, error)

DescribeRotatedKeyRing return KeyDescription list of rotated keys

func (*KeyStore) ExportKeyRings ¶

func (s *KeyStore) ExportKeyRings(paths []string, cryptosuite *crypto.KeyStoreSuite, mode keystoreV1.ExportMode) ([]byte, error)

ExportKeyRings packages specified key rings for export. Key ring data is encrypted and signed using given cryptosuite. Resulting container can be imported into existing or different keystore with ImportKeyRings().

func (*KeyStore) ImportKeyRings ¶

func (s *KeyStore) ImportKeyRings(exportData []byte, cryptosuite *crypto.KeyStoreSuite, delegate api.KeyRingImportDelegate) ([]string, error)

ImportKeyRings unpacks key rings packaged by ExportKeyRings. The provided cryptosuite is used to verify the signature on the container and decrypt key ring data. Optional delegate can be used to control various aspects of the import process, such as conflict resolution. Returns a list of processed key rings.

func (*KeyStore) ListKeyRings ¶

func (s *KeyStore) ListKeyRings() (rings []string, err error)

ListKeyRings enumerates all key rings present in this keystore.

func (*KeyStore) OpenKeyRing ¶

func (s *KeyStore) OpenKeyRing(path string) (api.KeyRing, error)

OpenKeyRing opens an existing key ring at given path.

func (*KeyStore) OpenKeyRingRW ¶

func (s *KeyStore) OpenKeyRingRW(path string) (api.MutableKeyRing, error)

OpenKeyRingRW opens a modifiable key ring at given path.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
backend Package backend provides a common filesystem Backend interface for filesystem.KeyStore as well as some basic implementations of it.	Package backend provides a common filesystem Backend interface for filesystem.KeyStore as well as some basic implementations of it.
api Package api defines abstract backend interface.	Package api defines abstract backend interface.
api/tests Package tests provides conformity test suite for KeyStore Backend API.	Package tests provides conformity test suite for KeyStore Backend API.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL