/
interfaces.go
121 lines (102 loc) · 4.4 KB
/
interfaces.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
// Copyright 2019 Keybase Inc. All rights reserved.
// Use of this source code is governed by a BSD
// license that can be found in the LICENSE file.
package libkey
import (
"context"
"github.com/adamwalz/keybase-client/go/kbfs/idutil"
"github.com/adamwalz/keybase-client/go/kbfs/kbfscodec"
"github.com/adamwalz/keybase-client/go/kbfs/kbfscrypto"
"github.com/adamwalz/keybase-client/go/kbfs/kbfsmd"
"github.com/adamwalz/keybase-client/go/kbfs/tlf"
"github.com/adamwalz/keybase-client/go/kbfs/tlfhandle"
"github.com/adamwalz/keybase-client/go/protocol/keybase1"
)
// KeyOps fetches server-side key halves from the key server.
type KeyOps interface {
// GetTLFCryptKeyServerHalf gets a server-side key half for a
// device given the key half ID.
GetTLFCryptKeyServerHalf(ctx context.Context,
serverHalfID kbfscrypto.TLFCryptKeyServerHalfID,
cryptPublicKey kbfscrypto.CryptPublicKey) (
kbfscrypto.TLFCryptKeyServerHalf, error)
// PutTLFCryptKeyServerHalves stores a server-side key halves for a
// set of users and devices.
PutTLFCryptKeyServerHalves(ctx context.Context,
keyServerHalves kbfsmd.UserDeviceKeyServerHalves) error
// DeleteTLFCryptKeyServerHalf deletes a server-side key half for a
// device given the key half ID.
DeleteTLFCryptKeyServerHalf(ctx context.Context,
uid keybase1.UID, key kbfscrypto.CryptPublicKey,
serverHalfID kbfscrypto.TLFCryptKeyServerHalfID) error
}
// KeyServer fetches/writes server-side key halves from/to the key server.
type KeyServer interface {
// GetTLFCryptKeyServerHalf gets a server-side key half for a
// device given the key half ID.
GetTLFCryptKeyServerHalf(ctx context.Context,
serverHalfID kbfscrypto.TLFCryptKeyServerHalfID,
cryptPublicKey kbfscrypto.CryptPublicKey) (
kbfscrypto.TLFCryptKeyServerHalf, error)
// PutTLFCryptKeyServerHalves stores a server-side key halves for a
// set of users and devices.
PutTLFCryptKeyServerHalves(ctx context.Context,
keyServerHalves kbfsmd.UserDeviceKeyServerHalves) error
// DeleteTLFCryptKeyServerHalf deletes a server-side key half for a
// device given the key half ID.
DeleteTLFCryptKeyServerHalf(ctx context.Context,
uid keybase1.UID, key kbfscrypto.CryptPublicKey,
serverHalfID kbfscrypto.TLFCryptKeyServerHalfID) error
// Shutdown is called to free any KeyServer resources.
Shutdown()
}
// KeyMetadata is an interface for something that holds key
// information. This is usually implemented by RootMetadata.
type KeyMetadata interface {
// TlfID returns the ID of the TLF for which this object holds
// key info.
TlfID() tlf.ID
// TypeForKeying returns the keying type for this MD.
TypeForKeying() tlf.KeyingType
// LatestKeyGeneration returns the most recent key generation
// with key data in this object, or PublicKeyGen if this TLF
// is public.
LatestKeyGeneration() kbfsmd.KeyGen
// GetTlfHandle returns the handle for the TLF. It must not
// return nil.
//
// TODO: Remove the need for this function in this interface,
// so that kbfsmd.RootMetadata can implement this interface
// fully.
GetTlfHandle() *tlfhandle.Handle
// IsWriter checks that the given user is a valid writer of the TLF
// right now.
IsWriter(
ctx context.Context, checker kbfsmd.TeamMembershipChecker,
osg idutil.OfflineStatusGetter, uid keybase1.UID,
verifyingKey kbfscrypto.VerifyingKey) (bool, error)
// HasKeyForUser returns whether or not the given user has
// keys for at least one device. Returns an error if the TLF
// is public.
HasKeyForUser(user keybase1.UID) (bool, error)
// GetTLFCryptKeyParams returns all the necessary info to
// construct the TLF crypt key for the given key generation,
// user, and device (identified by its crypt public key), or
// false if not found. This returns an error if the TLF is
// public.
GetTLFCryptKeyParams(
keyGen kbfsmd.KeyGen, user keybase1.UID,
key kbfscrypto.CryptPublicKey) (
kbfscrypto.TLFEphemeralPublicKey,
kbfscrypto.EncryptedTLFCryptKeyClientHalf,
kbfscrypto.TLFCryptKeyServerHalfID, bool, error)
// StoresHistoricTLFCryptKeys returns whether or not history keys are
// symmetrically encrypted; if not, they're encrypted per-device.
StoresHistoricTLFCryptKeys() bool
// GetHistoricTLFCryptKey attempts to symmetrically decrypt the
// key at the given generation using the current generation's
// TLFCryptKey.
GetHistoricTLFCryptKey(codec kbfscodec.Codec, keyGen kbfsmd.KeyGen,
currentKey kbfscrypto.TLFCryptKey) (
kbfscrypto.TLFCryptKey, error)
}