Documentation ¶
Index ¶
- Variables
- func SetLogger(l Logger) func()
- type Change
- type Config
- func (c Config) Bytes(k string) ([]byte, error)
- func (c Config) KID(k string) (keys.ID, error)
- func (c Config) Set(k string, v string) error
- func (c Config) SetBytes(k string, v []byte) error
- func (c Config) SetKID(k string, v keys.ID) error
- func (c Config) SetString(k string, v string) error
- func (c Config) String(k string) (string, error)
- type Event
- type Events
- type Keyring
- func (k *Keyring) Find(ctx context.Context, kid keys.ID) (*api.Key, error)
- func (k *Keyring) Get(kid keys.ID) (*api.Key, error)
- func (k *Keyring) Key(kid keys.ID) (*api.Key, error)
- func (k *Keyring) KeyWithLabel(label string) (*api.Key, error)
- func (k *Keyring) Keys() ([]*api.Key, error)
- func (k *Keyring) KeysWithLabel(label string) ([]*api.Key, error)
- func (k *Keyring) KeysWithType(typ string) ([]*api.Key, error)
- func (k *Keyring) Remove(kid keys.ID) error
- func (k *Keyring) Save(key *api.Key) error
- func (k *Keyring) Set(key *api.Key) error
- func (k *Keyring) Sync(ctx context.Context) error
- func (k *Keyring) Vaults() ([]*client.Vault, error)
- type LogLevel
- type Logger
- type Option
- type Options
- type Status
- type Vault
- func (v *Vault) Add(key *keys.EdX25519Key, b []byte, cipher syncer.Cipher) error
- func (v *Vault) Auth() *auth.DB
- func (v *Vault) Changes(ctx context.Context) ([]*Change, error)
- func (v *Vault) Client() *client.Client
- func (v *Vault) ClientKey() (*api.Key, error)
- func (v *Vault) Config() Config
- func (v *Vault) DB() *sqlx.DB
- func (v *Vault) FIDO2Devices(ctx context.Context) ([]*fido2.Device, error)
- func (v *Vault) FIDO2Plugin() fido2.FIDO2Server
- func (v *Vault) GenerateFIDO2HMACSecret(ctx context.Context, pin string, device string, appName string) (*auth.FIDO2HMACSecret, error)
- func (v *Vault) Keyring() *Keyring
- func (v *Vault) Lock() error
- func (v *Vault) Register(ctx context.Context, key *keys.EdX25519Key, account *keys.EdX25519Key) (*api.Key, error)
- func (v *Vault) RegisterFIDO2HMACSecret(ctx context.Context, mk *[32]byte, hs *auth.FIDO2HMACSecret, pin string) (*auth.Auth, error)
- func (v *Vault) RegisterPaperKey(mk *[32]byte, paperKey string) (*auth.Auth, error)
- func (v *Vault) RegisterPassword(mk *[32]byte, password string) (*auth.Auth, error)
- func (v *Vault) Reset() error
- func (v *Vault) SetClientKey(ck *api.Key) error
- func (v *Vault) SetFIDO2Plugin(fido2Plugin fido2.FIDO2Server)
- func (v *Vault) Setup(mk *[32]byte) error
- func (v *Vault) SetupFIDO2HMACSecret(ctx context.Context, hs *auth.FIDO2HMACSecret, pin string) (*[32]byte, error)
- func (v *Vault) SetupPaperKey(paperKey string) (*[32]byte, error)
- func (v *Vault) SetupPassword(password string) (*[32]byte, error)
- func (v *Vault) Status() Status
- func (v *Vault) Sync(ctx context.Context, vid keys.ID, receiver syncer.Receiver) error
- func (v *Vault) Unlock(mk *[32]byte) error
- func (v *Vault) UnlockWithFIDO2HMACSecret(ctx context.Context, pin string) (*[32]byte, error)
- func (v *Vault) UnlockWithPaperKey(paperKey string) (*[32]byte, error)
- func (v *Vault) UnlockWithPassword(password string) (*[32]byte, error)
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidAuth = auth.ErrInvalidAuth
ErrInvalidAuth if auth is invalid.
var ErrLocked = errors.New("vault is locked")
ErrLocked if locked.
var ErrSetupNeeded = errors.New("setup needed")
ErrSetupNeeded if setup if needed.
Functions ¶
Types ¶
type Keyring ¶
type Keyring struct {
// contains filtered or unexported fields
}
Keyring ...
func (*Keyring) KeyWithLabel ¶
KeyWithLabel in vault.
func (*Keyring) KeysWithLabel ¶
KeysWithLabel in vault.
func (*Keyring) KeysWithType ¶
KeysWithType in vault.
type Logger ¶
type Logger interface { Debugf(format string, args ...interface{}) Infof(format string, args ...interface{}) Warningf(format string, args ...interface{}) Errorf(format string, args ...interface{}) Fatalf(format string, args ...interface{}) }
Logger interface used in this package.
type Vault ¶
type Vault struct {
// contains filtered or unexported fields
}
Vault syncs secrets.
func (*Vault) Add ¶
Add to vault. The `vid` is a vault identifier. You can create a vault using Create. Requires Unlock.
func (*Vault) Changes ¶
Changes for any keys in the keyring. If the keyring isn't synced this may not return all changes for those keyring keys, so you should usually sync the keyring first.
func (*Vault) FIDO2Devices ¶
FIDO2Devices lists FIDO2 devices.
func (*Vault) GenerateFIDO2HMACSecret ¶
func (v *Vault) GenerateFIDO2HMACSecret(ctx context.Context, pin string, device string, appName string) (*auth.FIDO2HMACSecret, error)
GenerateFIDO2HMACSecret ...
func (*Vault) Register ¶
func (v *Vault) Register(ctx context.Context, key *keys.EdX25519Key, account *keys.EdX25519Key) (*api.Key, error)
Register a vault. You can register a key that already exists. Registering also sync's the keyring. Requires Unlock.
func (*Vault) RegisterFIDO2HMACSecret ¶
func (v *Vault) RegisterFIDO2HMACSecret(ctx context.Context, mk *[32]byte, hs *auth.FIDO2HMACSecret, pin string) (*auth.Auth, error)
RegisterFIDO2HMACSecret adds vault with a FIDO2 hmac-secret. Requires recent Unlock.
func (*Vault) RegisterPaperKey ¶
RegisterPaperKey adds a paper key.
func (*Vault) RegisterPassword ¶
RegisterPassword adds a password.
func (*Vault) SetFIDO2Plugin ¶
func (v *Vault) SetFIDO2Plugin(fido2Plugin fido2.FIDO2Server)
SetFIDO2Plugin sets the plugin.
func (*Vault) SetupFIDO2HMACSecret ¶
func (v *Vault) SetupFIDO2HMACSecret(ctx context.Context, hs *auth.FIDO2HMACSecret, pin string) (*[32]byte, error)
SetupFIDO2HMACSecret sets up vault with a FIDO2 hmac-secret.
func (*Vault) SetupPaperKey ¶
SetupPaperKey setup vault with a paper key.
func (*Vault) SetupPassword ¶
SetupPassword setup vault with a password.
func (*Vault) UnlockWithFIDO2HMACSecret ¶
UnlockWithFIDO2HMACSecret opens vault with a FIDO2 hmac-secret.
func (*Vault) UnlockWithPaperKey ¶
UnlockWithPaperKey opens vault with a paper key.