-
Notifications
You must be signed in to change notification settings - Fork 390
/
encryption.go
72 lines (63 loc) · 2.3 KB
/
encryption.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
// Copyright (C) 2019 Storj Labs, Inc.
// See LICENSE for copying information.
package mobile
import (
libuplink "storj.io/storj/lib/uplink"
"storj.io/storj/pkg/paths"
"storj.io/storj/pkg/storj"
)
// EncryptionAccess holds data about encryption keys for a bucket.
type EncryptionAccess struct {
lib *libuplink.EncryptionAccess
}
// NewEncryptionAccess constructs an empty encryption context.
func NewEncryptionAccess() *EncryptionAccess {
return &EncryptionAccess{lib: libuplink.NewEncryptionAccess()}
}
// NewEncryptionAccessWithRoot constructs an encryption access with a key rooted at the provided path inside of a bucket.
func NewEncryptionAccessWithRoot(bucket, unencryptedPath, encryptedPath string, keyData []byte) (*EncryptionAccess, error) {
key, err := storj.NewKey(keyData)
if err != nil {
return nil, safeError(err)
}
encAccess := libuplink.NewEncryptionAccess()
err = encAccess.Store().Add(bucket, paths.NewUnencrypted(unencryptedPath), paths.NewEncrypted(encryptedPath), *key)
if err != nil {
return nil, safeError(err)
}
return &EncryptionAccess{lib: encAccess}, nil
}
// SetDefaultKey sets the default key to use when no matching keys are found
// for the encryption context.
func (e *EncryptionAccess) SetDefaultKey(keyData []byte) error {
key, err := storj.NewKey(keyData)
if err != nil {
return safeError(err)
}
e.lib.SetDefaultKey(*key)
return nil
}
// Serialize returns a base58-serialized encryption access for use with later
// parsing.
func (e *EncryptionAccess) Serialize() (b58data string, err error) {
return e.lib.Serialize()
}
// ParseEncryptionAccess parses the base58 encoded encryption context data and
// returns the resulting context.
func ParseEncryptionAccess(b58data string) (*EncryptionAccess, error) {
access, err := libuplink.ParseEncryptionAccess(b58data)
if err != nil {
return nil, safeError(err)
}
return &EncryptionAccess{lib: access}, nil
}
// NewEncryptionAccessWithDefaultKey creates an encryption access context with
// a default key set.
// Use Project.SaltedKeyFromPassphrase to generate a default key
func NewEncryptionAccessWithDefaultKey(defaultKey []byte) (_ *EncryptionAccess, err error) {
key, err := storj.NewKey(defaultKey)
if err != nil {
return nil, err
}
return &EncryptionAccess{lib: libuplink.NewEncryptionAccessWithDefaultKey(*key)}, nil
}