command

package
v0.1.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2022 License: Apache-2.0 Imports: 23 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	ActionCreateDID       = "createDID"
	ActionCreateKeyStore  = "createKeyStore"
	ActionCreateKey       = "createKey"
	ActionImportKey       = "importKey"
	ActionExportKey       = "exportKey"
	ActionRotateKey       = "rotateKey"
	ActionSign            = "sign"
	ActionVerify          = "verify"
	ActionEncrypt         = "encrypt"
	ActionDecrypt         = "decrypt"
	ActionComputeMac      = "computeMAC"
	ActionVerifyMAC       = "verifyMAC"
	ActionSignMulti       = "signMulti"
	ActionVerifyMulti     = "verifyMulti"
	ActionDeriveProof     = "deriveProof"
	ActionVerifyProof     = "verifyProof"
	ActionEasy            = "easy"
	ActionEasyOpen        = "easyOpen"
	ActionSealOpen        = "sealOpen"
	ActionWrap            = "wrap"
	ActionUnwrap          = "unwrap"
	ActionStoreCapability = "updateEDVCapability"
)

List of actions supported by KMS.

Variables

This section is empty.

Functions

This section is empty.

Types

type CmdHandler 

type CmdHandler struct {
	// contains filtered or unexported fields
}

CmdHandler contains command handling details which can be used to build controller commands.

func NewCmdHandler 

func NewCmdHandler(method string, exec Exec) *CmdHandler

NewCmdHandler returns instance of CmdHandler which can be used handle controller commands.

func (*CmdHandler) Handle 

func (c *CmdHandler) Handle() Exec

Handle returns execute function of the command handler.

func (*CmdHandler) Method 

func (c *CmdHandler) Method() string

Method name of the command.

type Command 

type Command struct {
	// contains filtered or unexported fields
}

Command is a controller for commands.

func New 

func New(c *Config) (*Command, error)

New returns a new instance of Command.

func (*Command) ComputeMAC 

func (c *Command) ComputeMAC(w io.Writer, r io.Reader) error

ComputeMAC computes message authentication code for data.

func (*Command) CreateDID 

func (c *Command) CreateDID(w io.Writer, _ io.Reader) error

CreateDID creates a new DID.

func (*Command) CreateKey 

func (c *Command) CreateKey(w io.Writer, r io.Reader) error

CreateKey creates a new key.

func (*Command) CreateKeyStore 

func (c *Command) CreateKeyStore(w io.Writer, r io.Reader) error

CreateKeyStore creates a new key store.

func (*Command) Decrypt 

func (c *Command) Decrypt(w io.Writer, r io.Reader) error

Decrypt decrypts a ciphertext.

func (*Command) DeriveProof 

func (c *Command) DeriveProof(w io.Writer, r io.Reader) error

DeriveProof creates a BBS+ signature proof for a list of revealed messages.

func (*Command) Easy 

func (c *Command) Easy(w io.Writer, r io.Reader) error

Easy seals a payload.

func (*Command) EasyOpen 

func (c *Command) EasyOpen(w io.Writer, r io.Reader) error

EasyOpen unseals a ciphertext sealed with Easy.

func (*Command) Encrypt 

func (c *Command) Encrypt(w io.Writer, r io.Reader) error

Encrypt encrypts a message.

func (*Command) ExportKey 

func (c *Command) ExportKey(w io.Writer, r io.Reader) error

ExportKey exports a key.

func (*Command) ImportKey 

func (c *Command) ImportKey(w io.Writer, r io.Reader) error

ImportKey imports a key.

func (*Command) RotateKey 

func (c *Command) RotateKey(w io.Writer, r io.Reader) error

RotateKey rotate key.

func (*Command) SealOpen 

func (c *Command) SealOpen(w io.Writer, r io.Reader) error

SealOpen decrypts a ciphertext encrypted with Seal.

func (*Command) Sign 

func (c *Command) Sign(w io.Writer, r io.Reader) error

Sign signs a message.

func (*Command) SignMulti 

func (c *Command) SignMulti(w io.Writer, r io.Reader) error

SignMulti creates a BBS+ signature of messages.

func (*Command) UnwrapKey 

func (c *Command) UnwrapKey(w io.Writer, r io.Reader) error

UnwrapKey unwraps a wrapped key.

func (*Command) Verify 

func (c *Command) Verify(_ io.Writer, r io.Reader) error

Verify verifies a signature.

func (*Command) VerifyMAC 

func (c *Command) VerifyMAC(_ io.Writer, r io.Reader) error

VerifyMAC verifies message authentication code for data.

func (*Command) VerifyMulti 

func (c *Command) VerifyMulti(_ io.Writer, r io.Reader) error

VerifyMulti verifies a signature of messages (BBS+).

func (*Command) VerifyProof 

func (c *Command) VerifyProof(_ io.Writer, r io.Reader) error

VerifyProof verifies a BBS+ signature proof for revealed messages.

func (*Command) WrapKey 

func (c *Command) WrapKey(w io.Writer, r io.Reader) error

WrapKey wraps a key.

type ComputeMACRequest 

type ComputeMACRequest struct {
	Data []byte `json:"data"`
}

ComputeMACRequest is a request to compute MAC for data.

type ComputeMACResponse 

type ComputeMACResponse struct {
	MAC []byte `json:"mac"`
}

ComputeMACResponse is a response for ComputeMAC request.

type Config 

type Config struct {
	StorageProvider         storage.Provider
	KeyStorageProvider      storage.Provider // storage provider for users' key stores
	KMS                     kms.KeyManager
	Crypto                  crypto.Crypto
	VDRResolver             zcapld.VDRResolver
	DocumentLoader          ld.DocumentLoader
	KeyStoreCreator         keyStoreCreator
	ShamirSecretLockCreator shamirSecretLockCreator
	CryptBoxCreator         cryptoBoxCreator
	ZCAPService             zcapService
	EnableZCAPs             bool
	HeaderSigner            headerSigner
	TLSConfig               *tls.Config
	BaseKeyStoreURL         string
	ShamirProvider          shamirProvider
	MainKeyType             kms.KeyType
	EDVRecipientKeyType     kms.KeyType
	EDVMACKeyType           kms.KeyType
	MetricsProvider         metricsProvider
	CacheProvider           cacheProvider
	KeyStoreCacheTTL        time.Duration
}

Config is a configuration for Command.

type CreateDIDResponse 

type CreateDIDResponse struct {
	DID string `json:"did"`
}

CreateDIDResponse is a response for CreateDID request.

type CreateKeyRequest 

type CreateKeyRequest struct {
	KeyType kms.KeyType `json:"key_type"`
}

CreateKeyRequest is a request to create a key.

type CreateKeyResponse 

type CreateKeyResponse struct {
	KeyURL    string `json:"key_url"`
	PublicKey []byte `json:"public_key"`
}

CreateKeyResponse is a response for CreateKey request.

type CreateKeyStoreRequest 

type CreateKeyStoreRequest struct {
	Controller string      `json:"controller"`
	EDV        *EDVOptions `json:"edv"`
}

CreateKeyStoreRequest is a request to create user's key store.

func (*CreateKeyStoreRequest) Validate 

func (r *CreateKeyStoreRequest) Validate() error

Validate validates CreateKeyStore request.

type CreateKeyStoreResponse 

type CreateKeyStoreResponse struct {
	KeyStoreURL string `json:"key_store_url"`
	Capability  []byte `json:"capability,omitempty"`
}

CreateKeyStoreResponse is a response for CreateKeyStore request.

type CryptoBox 

type CryptoBox interface {
	Easy(payload, nonce, theirPub []byte, myKID string) ([]byte, error)
	EasyOpen(ciphertext, nonce, theirPub, myPub []byte) ([]byte, error)
	SealOpen(ciphertext, myPub []byte) ([]byte, error)
}

CryptoBox represents crypto box API.

type DecryptRequest 

type DecryptRequest struct {
	Ciphertext     []byte `json:"ciphertext"`
	AssociatedData []byte `json:"associated_data,omitempty"`
	Nonce          []byte `json:"nonce"`
}

DecryptRequest is a request to decrypt a ciphertext.

type DecryptResponse 

type DecryptResponse struct {
	Plaintext []byte `json:"plaintext"`
}

DecryptResponse is a response for Decrypt request.

type DeriveProofRequest 

type DeriveProofRequest struct {
	Messages        [][]byte `json:"messages"`
	Signature       []byte   `json:"signature"`
	Nonce           []byte   `json:"nonce"`
	RevealedIndexes []int    `json:"revealed_indexes"`
}

DeriveProofRequest is a request to create a BBS+ signature proof for a list of revealed messages.

type DeriveProofResponse 

type DeriveProofResponse struct {
	Proof []byte `json:"proof"`
}

DeriveProofResponse is a response for DeriveProof request.

type EDVOptions 

type EDVOptions struct {
	VaultURL   string `json:"vault_url"`
	Capability []byte `json:"capability"`
}

EDVOptions represents options for creating data vault on EDV.

type EasyOpenRequest 

type EasyOpenRequest struct {
	Ciphertext []byte `json:"ciphertext"`
	Nonce      []byte `json:"nonce"`
	TheirPub   []byte `json:"their_pub"`
	MyPub      []byte `json:"my_pub"`
}

EasyOpenRequest is a request to unseal a ciphertext sealed with Easy.

type EasyOpenResponse 

type EasyOpenResponse struct {
	Plaintext []byte `json:"plaintext"`
}

EasyOpenResponse is a response for EasyOpen request.

type EasyRequest 

type EasyRequest struct {
	Payload  []byte `json:"payload"`
	Nonce    []byte `json:"nonce"`
	TheirPub []byte `json:"their_pub"`
}

EasyRequest is a request to seal payload with a provided nonce.

type EasyResponse 

type EasyResponse struct {
	Ciphertext []byte `json:"ciphertext"`
}

EasyResponse is a response for Easy request.

type EncryptRequest 

type EncryptRequest struct {
	Message        []byte `json:"message"`
	AssociatedData []byte `json:"associated_data,omitempty"`
}

EncryptRequest is a request to encrypt a message with associated data.

type EncryptResponse 

type EncryptResponse struct {
	Ciphertext []byte `json:"ciphertext"`
	Nonce      []byte `json:"nonce"`
}

EncryptResponse is a response for Encrypt request.

type Exec 

type Exec func(rw io.Writer, req io.Reader) error

Exec is a command execution function type.

type ExportKeyResponse 

type ExportKeyResponse struct {
	PublicKey []byte `json:"public_key"`
	KeyType   string `json:"key_type"`
}

ExportKeyResponse is a response for ExportKey request.

type Handler 

type Handler interface {
	// Method returns a name of the command.
	Method() string
	// Handle executes function of the command.
	Handle() Exec
}

Handler for each controller command.

type ImportKeyRequest 

type ImportKeyRequest struct {
	Key     []byte      `json:"key"`
	KeyType kms.KeyType `json:"key_type"`
	KeyID   string      `json:"key_id,omitempty"`
}

ImportKeyRequest is a request to import a key.

type ImportKeyResponse 

type ImportKeyResponse struct {
	KeyURL string `json:"key_url"`
}

ImportKeyResponse is a response for ImportKey request.

type RotateKeyRequest 

type RotateKeyRequest struct {
	KeyType kms.KeyType `json:"key_type"`
}

RotateKeyRequest is a request to rotate a key.

type RotateKeyResponse 

type RotateKeyResponse struct {
	KeyURL string `json:"key_url"`
}

RotateKeyResponse is a response for RotateKeyRequest request.

type SealOpenRequest 

type SealOpenRequest struct {
	Ciphertext []byte `json:"ciphertext"`
	MyPub      []byte `json:"my_pub"`
}

SealOpenRequest is a request to decrypt a ciphertext encrypted with Seal.

type SealOpenResponse 

type SealOpenResponse struct {
	Plaintext []byte `json:"plaintext"`
}

SealOpenResponse is a response for SealOpen request.

type SignMultiRequest 

type SignMultiRequest struct {
	Messages [][]byte `json:"messages"`
}

SignMultiRequest is a request to create a BBS+ signature of messages.

type SignMultiResponse 

type SignMultiResponse struct {
	Signature []byte `json:"signature"`
}

SignMultiResponse is a response for SignMulti request.

type SignRequest 

type SignRequest struct {
	Message []byte `json:"message"`
}

SignRequest is a request to sign a message.

type SignResponse 

type SignResponse struct {
	Signature []byte `json:"signature"`
}

SignResponse is a response for Sign request.

type UnwrapKeyRequest 

type UnwrapKeyRequest struct {
	WrappedKey   crypto.RecipientWrappedKey `json:"wrapped_key"`
	SenderPubKey *crypto.PublicKey          `json:"sender_pub_key,omitempty"`
	Tag          []byte                     `json:"tag,omitempty"`
}

UnwrapKeyRequest is a request to unwrap a wrapped key.

type UnwrapKeyResponse 

type UnwrapKeyResponse struct {
	Key []byte `json:"key"`
}

UnwrapKeyResponse is a response for UnwrapKey request.

type VerifyMACRequest 

type VerifyMACRequest struct {
	MAC  []byte `json:"mac"`
	Data []byte `json:"data"`
}

VerifyMACRequest is a request to verify MAC for data.

type VerifyMultiRequest 

type VerifyMultiRequest struct {
	Signature []byte   `json:"signature"`
	Messages  [][]byte `json:"messages"`
}

VerifyMultiRequest is a request to verify a signature of messages (BBS+).

type VerifyProofRequest 

type VerifyProofRequest struct {
	Proof    []byte   `json:"proof"`
	Messages [][]byte `json:"messages"`
	Nonce    []byte   `json:"nonce"`
}

VerifyProofRequest is a request to verify a BBS+ signature proof for revealed messages.

type VerifyRequest 

type VerifyRequest struct {
	Signature []byte `json:"signature"`
	Message   []byte `json:"message"`
}

VerifyRequest is a request to verify a signature.

type WrapKeyRequest 

type WrapKeyRequest struct {
	CEK             []byte            `json:"cek"`
	APU             []byte            `json:"apu"`
	APV             []byte            `json:"apv"`
	RecipientPubKey *crypto.PublicKey `json:"recipient_pub_key"`
	Tag             []byte            `json:"tag,omitempty"`
}

WrapKeyRequest is a request to wrap CEK.

type WrapKeyResponse 

type WrapKeyResponse struct {
	crypto.RecipientWrappedKey
}

WrapKeyResponse is a response for WrapKey request.

type WrappedRequest 

type WrappedRequest struct {
	KeyStoreID  string `json:"key_store_id"`
	KeyID       string `json:"key_id"`
	User        string `json:"user"`
	SecretShare []byte `json:"secret_share"`
	Request     []byte `json:"request"`
}

WrappedRequest is a command request with a wrapped original request from user.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.