command

package
v1.0.0-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 10, 2023 License: Apache-2.0 Imports: 20 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	ActionCreateKeyStore   = "createKeyStore"
	ActionCreateKey        = "createKey"
	ActionImportKey        = "importKey"
	ActionExportKey        = "exportKey"
	ActionRotateKey        = "rotateKey"
	ActionSign             = "sign"
	ActionVerify           = "verify"
	ActionEncrypt          = "encrypt"
	ActionDecrypt          = "decrypt"
	ActionComputeMac       = "computeMAC"
	ActionVerifyMAC        = "verifyMAC"
	ActionSignMulti        = "signMulti"
	ActionVerifyMulti      = "verifyMulti"
	ActionDeriveProof      = "deriveProof"
	ActionVerifyProof      = "verifyProof"
	ActionEasy             = "easy"
	ActionEasyOpen         = "easyOpen"
	ActionSealOpen         = "sealOpen"
	ActionWrap             = "wrap"
	ActionUnwrap           = "unwrap"
	ActionBlind            = "blind"
	ActionCorrectnessProof = "correctnessProof"
	ActionSignWithSecrets  = "signWithSecrets"
)

List of actions supported by KMS.

Variables

This section is empty.

Functions

This section is empty.

Types

type BlindRequest 

type BlindRequest struct {
	Values []map[string]interface{} `json:"values,omitempty"`
}

BlindRequest is a serializable Blind request.

type BlindResponse 

type BlindResponse struct {
	Blinded [][]byte `json:"blinded"`
}

BlindResponse is a serializable Blind response.

type CmdHandler 

type CmdHandler struct {
	// contains filtered or unexported fields
}

CmdHandler contains command handling details which can be used to build controller commands.

func NewCmdHandler 

func NewCmdHandler(method string, exec Exec) *CmdHandler

NewCmdHandler returns instance of CmdHandler which can be used handle controller commands.

func (*CmdHandler) Handle 

func (c *CmdHandler) Handle() Exec

Handle returns execute function of the command handler.

func (*CmdHandler) Method 

func (c *CmdHandler) Method() string

Method name of the command.

type Command 

type Command struct {
	// contains filtered or unexported fields
}

Command is a controller for commands.

func New 

func New(c *Config) (*Command, error)

New returns a new instance of Command.

func (*Command) Blind 

func (c *Command) Blind(w io.Writer, r io.Reader) error

Blind blinds values with CL MasterSecret key.

func (*Command) ComputeMAC 

func (c *Command) ComputeMAC(w io.Writer, r io.Reader) error

ComputeMAC computes message authentication code for data.

func (*Command) CreateKey 

func (c *Command) CreateKey(w io.Writer, r io.Reader) error

CreateKey creates a new key.

func (*Command) CreateKeyStore 

func (c *Command) CreateKeyStore(w io.Writer, r io.Reader) error

CreateKeyStore creates a new key store.

func (*Command) Decrypt 

func (c *Command) Decrypt(w io.Writer, r io.Reader) error

Decrypt decrypts a ciphertext.

func (*Command) DeriveProof 

func (c *Command) DeriveProof(w io.Writer, r io.Reader) error

DeriveProof creates a BBS+ signature proof for a list of revealed messages.

func (*Command) Encrypt 

func (c *Command) Encrypt(w io.Writer, r io.Reader) error

Encrypt encrypts a message.

func (*Command) ExportKey 

func (c *Command) ExportKey(w io.Writer, r io.Reader) error

ExportKey exports a key.

func (*Command) GetCorrectnessProof 

func (c *Command) GetCorrectnessProof(w io.Writer, r io.Reader) error

GetCorrectnessProof return correctness proof for a CL CredDef key.

func (*Command) ImportKey 

func (c *Command) ImportKey(w io.Writer, r io.Reader) error

ImportKey imports a key.

func (*Command) RotateKey 

func (c *Command) RotateKey(w io.Writer, r io.Reader) error

RotateKey rotate key.

func (*Command) Sign 

func (c *Command) Sign(w io.Writer, r io.Reader) error

Sign signs a message.

func (*Command) SignMulti 

func (c *Command) SignMulti(w io.Writer, r io.Reader) error

SignMulti creates a BBS+ signature of messages.

func (*Command) SignWithSecrets 

func (c *Command) SignWithSecrets(w io.Writer, r io.Reader) error

SignWithSecrets will generate a signature and a correctness proof for provided secrets and other values using a CL CredDef key.

func (*Command) UnwrapKey 

func (c *Command) UnwrapKey(w io.Writer, r io.Reader) error

UnwrapKey unwraps a wrapped key.

func (*Command) Verify 

func (c *Command) Verify(_ io.Writer, r io.Reader) error

Verify verifies a signature.

func (*Command) VerifyMAC 

func (c *Command) VerifyMAC(_ io.Writer, r io.Reader) error

VerifyMAC verifies message authentication code for data.

func (*Command) VerifyMulti 

func (c *Command) VerifyMulti(_ io.Writer, r io.Reader) error

VerifyMulti verifies a signature of messages (BBS+).

func (*Command) VerifyProof 

func (c *Command) VerifyProof(_ io.Writer, r io.Reader) error

VerifyProof verifies a BBS+ signature proof for revealed messages.

func (*Command) WrapKey 

func (c *Command) WrapKey(w io.Writer, r io.Reader) error

WrapKey wraps a key.

type ComputeMACRequest 

type ComputeMACRequest struct {
	Data []byte `json:"data"`
}

ComputeMACRequest is a request to compute MAC for data.

type ComputeMACResponse 

type ComputeMACResponse struct {
	MAC []byte `json:"mac"`
}

ComputeMACResponse is a response for ComputeMAC request.

type Config 

type Config struct {
	StorageProvider         storage.Provider
	KeyStorageProvider      storage.Provider // storage provider for users' key stores
	KMS                     kms.KeyManager
	Crypto                  crypto.Crypto
	VDRResolver             zcapld.VDRResolver
	DocumentLoader          ld.DocumentLoader
	KeyStoreCreator         keyStoreCreator
	ShamirSecretLockCreator shamirSecretLockCreator
	CryptBoxCreator         cryptoBoxCreator
	ZCAPService             zcapService
	EnableZCAPs             bool
	HeaderSigner            headerSigner
	TLSConfig               *tls.Config
	BaseKeyStoreURL         string
	ShamirProvider          shamirProvider
	MainKeyType             kms.KeyType
	MetricsProvider         metricsProvider
	CacheProvider           cacheProvider
	KeyStoreCacheTTL        time.Duration
}

Config is a configuration for Command.

type CorrectnessProofResponse 

type CorrectnessProofResponse struct {
	CorrectnessProof []byte `json:"correctness_proof"`
}

CorrectnessProofResponse is a serializable GetCorrectnessProof response.

type CreateKeyRequest 

type CreateKeyRequest struct {
	KeyType kms.KeyType `json:"key_type"`
	Attrs   []string    `json:"attrs,omitempty"`
}

CreateKeyRequest is a request to create a key.

type CreateKeyResponse 

type CreateKeyResponse struct {
	KeyURL    string `json:"key_url"`
	PublicKey []byte `json:"public_key"`
}

CreateKeyResponse is a response for CreateKey request.

type CreateKeyStoreRequest 

type CreateKeyStoreRequest struct {
	Controller string `json:"controller"`
}

CreateKeyStoreRequest is a request to create user's key store.

func (*CreateKeyStoreRequest) Validate 

func (r *CreateKeyStoreRequest) Validate() error

Validate validates CreateKeyStore request.

type CreateKeyStoreResponse 

type CreateKeyStoreResponse struct {
	KeyStoreURL string `json:"key_store_url"`
	Capability  []byte `json:"capability,omitempty"`
}

CreateKeyStoreResponse is a response for CreateKeyStore request.

type CryptoBox 

type CryptoBox interface {
	Easy(payload, nonce, theirPub []byte, myKID string) ([]byte, error)
	EasyOpen(ciphertext, nonce, theirPub, myPub []byte) ([]byte, error)
	SealOpen(ciphertext, myPub []byte) ([]byte, error)
}

CryptoBox represents crypto box API.

type DecryptRequest 

type DecryptRequest struct {
	Ciphertext     []byte `json:"ciphertext"`
	AssociatedData []byte `json:"associated_data,omitempty"`
	Nonce          []byte `json:"nonce"`
}

DecryptRequest is a request to decrypt a ciphertext.

type DecryptResponse 

type DecryptResponse struct {
	Plaintext []byte `json:"plaintext"`
}

DecryptResponse is a response for Decrypt request.

type DeriveProofRequest 

type DeriveProofRequest struct {
	Messages        [][]byte `json:"messages"`
	Signature       []byte   `json:"signature"`
	Nonce           []byte   `json:"nonce"`
	RevealedIndexes []int    `json:"revealed_indexes"`
}

DeriveProofRequest is a request to create a BBS+ signature proof for a list of revealed messages.

type DeriveProofResponse 

type DeriveProofResponse struct {
	Proof []byte `json:"proof"`
}

DeriveProofResponse is a response for DeriveProof request.

type EasyOpenRequest 

type EasyOpenRequest struct {
	Ciphertext []byte `json:"ciphertext"`
	Nonce      []byte `json:"nonce"`
	TheirPub   []byte `json:"their_pub"`
	MyPub      []byte `json:"my_pub"`
}

EasyOpenRequest is a request to unseal a ciphertext sealed with Easy.

type EasyOpenResponse 

type EasyOpenResponse struct {
	Plaintext []byte `json:"plaintext"`
}

EasyOpenResponse is a response for EasyOpen request.

type EasyRequest 

type EasyRequest struct {
	Payload  []byte `json:"payload"`
	Nonce    []byte `json:"nonce"`
	TheirPub []byte `json:"their_pub"`
}

EasyRequest is a request to seal payload with a provided nonce.

type EasyResponse 

type EasyResponse struct {
	Ciphertext []byte `json:"ciphertext"`
}

EasyResponse is a response for Easy request.

type EncryptRequest 

type EncryptRequest struct {
	Message        []byte `json:"message"`
	AssociatedData []byte `json:"associated_data,omitempty"`
}

EncryptRequest is a request to encrypt a message with associated data.

type EncryptResponse 

type EncryptResponse struct {
	Ciphertext []byte `json:"ciphertext"`
	Nonce      []byte `json:"nonce"`
}

EncryptResponse is a response for Encrypt request.

type Exec 

type Exec func(rw io.Writer, req io.Reader) error

Exec is a command execution function type.

type ExportKeyResponse 

type ExportKeyResponse struct {
	PublicKey []byte `json:"public_key"`
	KeyType   string `json:"key_type"`
}

ExportKeyResponse is a response for ExportKey request.

type Handler 

type Handler interface {
	// Method returns a name of the command.
	Method() string
	// Handle executes function of the command.
	Handle() Exec
}

Handler for each controller command.

type ImportKeyRequest 

type ImportKeyRequest struct {
	Key     []byte      `json:"key"`
	KeyType kms.KeyType `json:"key_type"`
	KeyID   string      `json:"key_id,omitempty"`
}

ImportKeyRequest is a request to import a key.

type ImportKeyResponse 

type ImportKeyResponse struct {
	KeyURL string `json:"key_url"`
}

ImportKeyResponse is a response for ImportKey request.

type RotateKeyRequest 

type RotateKeyRequest struct {
	KeyType kms.KeyType `json:"key_type"`
	Attrs   []string    `json:"attrs,omitempty"`
}

RotateKeyRequest is a request to rotate a key.

type RotateKeyResponse 

type RotateKeyResponse struct {
	KeyURL string `json:"key_url"`
}

RotateKeyResponse is a response for RotateKeyRequest request.

type SealOpenRequest 

type SealOpenRequest struct {
	Ciphertext []byte `json:"ciphertext"`
	MyPub      []byte `json:"my_pub"`
}

SealOpenRequest is a request to decrypt a ciphertext encrypted with Seal.

type SealOpenResponse 

type SealOpenResponse struct {
	Plaintext []byte `json:"plaintext"`
}

SealOpenResponse is a response for SealOpen request.

type SignMultiRequest 

type SignMultiRequest struct {
	Messages [][]byte `json:"messages"`
}

SignMultiRequest is a request to create a BBS+ signature of messages.

type SignMultiResponse 

type SignMultiResponse struct {
	Signature []byte `json:"signature"`
}

SignMultiResponse is a response for SignMulti request.

type SignRequest 

type SignRequest struct {
	Message []byte `json:"message"`
}

SignRequest is a request to sign a message.

type SignResponse 

type SignResponse struct {
	Signature []byte `json:"signature"`
}

SignResponse is a response for Sign request.

type SignWithSecretsRequest 

type SignWithSecretsRequest struct {
	Values           map[string]interface{} `json:"values"`
	Secrets          []byte                 `json:"secrets"`
	CorrectnessProof []byte                 `json:"correctness_proof"`
	Nonces           [][]byte               `json:"nonces"`
	DID              string                 `json:"did"`
}

SignWithSecretsRequest is a serializable SignWithSecrets request.

type SignWithSecretsResponse 

type SignWithSecretsResponse struct {
	Signature        []byte `json:"signature"`
	CorrectnessProof []byte `json:"correctness_proof"`
}

SignWithSecretsResponse is a serializable SignWithSecrets response.

type UnwrapKeyRequest 

type UnwrapKeyRequest struct {
	WrappedKey   crypto.RecipientWrappedKey `json:"wrapped_key"`
	SenderPubKey *crypto.PublicKey          `json:"sender_pub_key,omitempty"`
	Tag          []byte                     `json:"tag,omitempty"`
}

UnwrapKeyRequest is a request to unwrap a wrapped key.

type UnwrapKeyResponse 

type UnwrapKeyResponse struct {
	Key []byte `json:"key"`
}

UnwrapKeyResponse is a response for UnwrapKey request.

type VerifyMACRequest 

type VerifyMACRequest struct {
	MAC  []byte `json:"mac"`
	Data []byte `json:"data"`
}

VerifyMACRequest is a request to verify MAC for data.

type VerifyMultiRequest 

type VerifyMultiRequest struct {
	Signature []byte   `json:"signature"`
	Messages  [][]byte `json:"messages"`
}

VerifyMultiRequest is a request to verify a signature of messages (BBS+).

type VerifyProofRequest 

type VerifyProofRequest struct {
	Proof    []byte   `json:"proof"`
	Messages [][]byte `json:"messages"`
	Nonce    []byte   `json:"nonce"`
}

VerifyProofRequest is a request to verify a BBS+ signature proof for revealed messages.

type VerifyRequest 

type VerifyRequest struct {
	Signature []byte `json:"signature"`
	Message   []byte `json:"message"`
}

VerifyRequest is a request to verify a signature.

type WrapKeyRequest 

type WrapKeyRequest struct {
	CEK             []byte            `json:"cek"`
	APU             []byte            `json:"apu"`
	APV             []byte            `json:"apv"`
	RecipientPubKey *crypto.PublicKey `json:"recipient_pub_key"`
	Tag             []byte            `json:"tag,omitempty"`
}

WrapKeyRequest is a request to wrap CEK.

type WrapKeyResponse 

type WrapKeyResponse struct {
	crypto.RecipientWrappedKey
}

WrapKeyResponse is a response for WrapKey request.

type WrappedRequest 

type WrappedRequest struct {
	KeyStoreID  string `json:"key_store_id"`
	KeyID       string `json:"key_id"`
	User        string `json:"user"`
	SecretShare []byte `json:"secret_share"`
	Request     []byte `json:"request"`
}

WrappedRequest is a command request with a wrapped original request from user.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.