Documentation
¶
Overview ¶
Package keychain seals and retrieves the user's X25519 private key using the OS-native secret store (Keychain on macOS, Secret Service on Linux).
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrAlreadyExists = errors.New("key already exists for this id (delete it first to regenerate)")
ErrAlreadyExists is returned by Seal when a key already exists for the given id.
var ErrBadPassphrase = errors.New("incorrect passphrase or corrupted key blob")
ErrBadPassphrase is returned when the supplied passphrase fails to decrypt the stored key (wrong passphrase or tampered/corrupted blob). It is intentionally distinct from ErrNotFound so callers can tell "no key" from "wrong passphrase".
var ErrNotAvailable = errors.New("no keychain backend available on this system")
ErrNotAvailable is returned when no keychain backend is present on this system.
var ErrNotFound = errors.New("key not found in keychain")
ErrNotFound is returned when no key exists for the given id.
var ErrUnsupportedKeyVersion = errors.New("private key was written by a newer envault version — upgrade envault to use it")
ErrUnsupportedKeyVersion is returned when the keychain holds a key envelope written by a NEWER envault than this binary understands (e.g. a future v3 format), or a blob in no recognized format. Forward-compatibility guard: we fail loudly and actionably rather than silently misreading the bytes as a key.
Functions ¶
This section is empty.
Types ¶
type PassphraseFunc ¶
PassphraseFunc obtains the passphrase used to wrap/unwrap the private key. prompt is a human-readable hint describing why the passphrase is needed.
type Store ¶
type Store interface {
Seal(id string, privateKey []byte) error
Unseal(id string) ([]byte, error)
Delete(id string) error
}
Store seals and retrieves private key material in the OS-native secret store.
func NewProtected ¶
func NewProtected(inner Store, ask PassphraseFunc) Store
NewProtected wraps inner so that every Seal encrypts the private key under a passphrase-derived key (Argon2id → AES-256-GCM) and every Unseal decrypts it. Legacy unprotected blobs (raw 32-byte keys from older versions) are still readable, but new writes always use the protected format.