forked from keybase/client
/
secretkeys.go
101 lines (84 loc) · 2.31 KB
/
secretkeys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
// Copyright 2015 Keybase, Inc. All rights reserved. Use of
// this source code is governed by the included BSD license.
package engine
import (
"fmt"
"github.com/keybase/client/go/libkb"
keybase1 "github.com/keybase/client/go/protocol"
)
type SecretKeysEngine struct {
libkb.Contextified
result keybase1.SecretKeys
}
func NewSecretKeysEngine(g *libkb.GlobalContext) *SecretKeysEngine {
return &SecretKeysEngine{
Contextified: libkb.NewContextified(g),
}
}
func (e *SecretKeysEngine) Name() string {
return "SecretKey"
}
func (e *SecretKeysEngine) Prereqs() Prereqs {
return Prereqs{
Device: true,
}
}
func (e *SecretKeysEngine) RequiredUIs() []libkb.UIKind {
return []libkb.UIKind{
libkb.LogUIKind,
libkb.SecretUIKind,
}
}
func (e *SecretKeysEngine) SubConsumers() []libkb.UIConsumer {
return []libkb.UIConsumer{}
}
func (e *SecretKeysEngine) Run(ctx *Context) (err error) {
e.G().Log.Debug("+ SecretKeysEngine Run")
me, err := libkb.LoadMe(libkb.NewLoadUserArg(e.G()))
if err != nil {
return err
}
// Clear out all the cached secret key state. This forces a password prompt
// below.
e.G().LoginState().Account(func(a *libkb.Account) {
a.ClearStreamCache()
a.ClearCachedSecretKeys()
a.ClearKeyring()
}, "clear stream cache")
sigKey, err := e.G().Keyrings.GetSecretKeyWithPrompt(ctx.LoginContext, libkb.SecretKeyArg{
Me: me,
KeyType: libkb.DeviceSigningKeyType,
}, ctx.SecretUI, "to revoke another key")
if err != nil {
return err
}
if err = sigKey.CheckSecretKey(); err != nil {
return err
}
sigNaclKey, ok := sigKey.(libkb.NaclSigningKeyPair)
if !ok {
return fmt.Errorf("Expected a NaCl signing key.")
}
e.G().Log.Debug("| got signing key")
encKey, err := e.G().Keyrings.GetSecretKeyWithPrompt(ctx.LoginContext, libkb.SecretKeyArg{
Me: me,
KeyType: libkb.DeviceEncryptionKeyType,
}, ctx.SecretUI, "to revoke another key")
if err != nil {
return err
}
if err = encKey.CheckSecretKey(); err != nil {
return err
}
encNaclKey, ok := encKey.(libkb.NaclDHKeyPair)
if !ok {
return fmt.Errorf("Expected a NaCl encryption key.")
}
e.G().Log.Debug("| got encryption key")
e.result.Signing = [64]byte(*sigNaclKey.Private)
e.result.Encryption = [32]byte(*encNaclKey.Private)
return nil
}
func (e *SecretKeysEngine) Result() keybase1.SecretKeys {
return e.result
}