github.com/keybase/client/go@v0.0.0-20240309051027-028f7c731f8b/libkb/constants.go (about) 1 // Copyright 2015 Keybase, Inc. All rights reserved. Use of 2 // this source code is governed by the included BSD license. 3 package libkb 4 5 import ( 6 "fmt" 7 "os" 8 "runtime" 9 "time" 10 11 "github.com/keybase/client/go/kbconst" 12 keybase1 "github.com/keybase/client/go/protocol/keybase1" 13 "github.com/keybase/saltpack" 14 ) 15 16 const ( 17 DevelServerURI = "http://localhost:3000" 18 StagingServerURI = "https://stage0.keybase.io" 19 ProductionServerURI = "https://api-1.core.keybaseapi.com" 20 TorServerURI = "http://keybase5wmilwokqirssclfnsqrjdsi7jdir5wy7y7iu3tanwmtp6oid.onion" 21 ) 22 23 const ( 24 DevelSiteURI = DevelServerURI 25 StagingSiteURI = StagingServerURI 26 ProductionSiteURI = "https://keybase.io" 27 ) 28 29 var TorProxy = "localhost:9050" 30 31 // TODO (CORE-6576): Remove these aliases once everything outside of 32 // this repo points to kbconst.RunMode. 33 34 type RunMode = kbconst.RunMode 35 36 const ( 37 DevelRunMode RunMode = kbconst.DevelRunMode 38 StagingRunMode RunMode = kbconst.StagingRunMode 39 ProductionRunMode RunMode = kbconst.ProductionRunMode 40 RunModeError RunMode = kbconst.RunModeError 41 NoRunMode RunMode = kbconst.NoRunMode 42 ) 43 44 var SiteURILookup = map[RunMode]string{ 45 DevelRunMode: DevelSiteURI, 46 StagingRunMode: StagingSiteURI, 47 ProductionRunMode: ProductionSiteURI, 48 } 49 50 const ( 51 DevelGregorServerURI = "fmprpc://localhost:9911" 52 StagingGregorServerURI = "fmprpc+tls://gregord.dev.keybase.io:4443" 53 ProductionGregorServerURI = "fmprpc+tls://chat-0.core.keybaseapi.com:443" 54 ) 55 56 const ( 57 DevelMpackAPIServerURI = "fmprpc://localhost:9914" 58 StagingMpackAPIServerURI = "fmprpc+tls://api.dev.keybase.io:4443" 59 ProductionMpackAPIServerURI = "fmprpc+tls://mpack-0.core.keybaseapi.com:443" 60 ) 61 62 var GregorServerLookup = map[RunMode]string{ 63 DevelRunMode: DevelGregorServerURI, 64 StagingRunMode: StagingGregorServerURI, 65 ProductionRunMode: ProductionGregorServerURI, 66 } 67 68 var MpackAPIServerLookup = map[RunMode]string{ 69 DevelRunMode: DevelMpackAPIServerURI, 70 StagingRunMode: StagingMpackAPIServerURI, 71 ProductionRunMode: ProductionMpackAPIServerURI, 72 } 73 74 const ( 75 ConfigFile = "config.json" 76 SessionFile = "session.json" 77 UpdaterConfigFile = "updater.json" 78 GUIConfigFile = "gui_config.json" 79 DeviceCloneStateFile = "device_clone.json" 80 DBFile = "keybase.leveldb" 81 ChatDBFile = "keybase.chat.leveldb" 82 SocketFile = "keybased.sock" 83 PIDFile = "keybased.pid" 84 85 SecretKeyringTemplate = "secretkeys.%u.mpack" 86 87 APIVersion = "1.0" 88 APIURIPathPrefix = "/_/api/" + APIVersion 89 DaemonPort = 40933 90 GoClientID = "keybase.io go client" 91 KeybaseSaltpackBrand = "KEYBASE" 92 ) 93 94 // Right now reddit is the only site that seems to have any requirements for 95 // our User-Agent string. (See https://github.com/reddit/reddit/wiki/API.) If 96 // something else comes up, we'll want to make this more configurable. 97 var UserAgent = runtime.GOOS + ":" + "Keybase CLI (" + runtime.Version() + "):" + Version 98 99 // Returns a simplified UserAgent that's used as the kb_ua GET param. 100 func ProofUserAgent() string { 101 os := runtime.GOOS 102 if os == "darwin" { 103 // Pre go1.16, 'darwin' could mean macOS or iOS. Use this string to preserve behavior prior to this. 104 os = "mac" 105 } 106 return fmt.Sprintf("%s:%s", os, Version) 107 } 108 109 const ( 110 PermFile os.FileMode = 0600 111 PermDir os.FileMode = 0700 112 UmaskablePermFile os.FileMode = 0666 113 ) 114 115 const ( 116 UserCacheMaxAge = 5 * time.Minute 117 PGPFingerprintHexLen = 40 118 119 ProofCacheSize = 0x1000 120 ProofCacheLongDur = 48 * time.Hour 121 ProofCacheMediumDur = 6 * time.Hour 122 ProofCacheShortDur = 30 * time.Minute 123 124 // How old the merkle root must be to ask for a refresh. 125 // Measures time since the root was fetched, not time since published. 126 MerkleStoreShouldRefresh time.Duration = 1 * time.Hour 127 // An older merkle root than this is too old to use. All identifies will fail. 128 MerkleStoreRequireRefresh time.Duration = 24 * time.Hour 129 130 Identify2CacheLongTimeout = 6 * time.Hour 131 Identify2CacheBrokenTimeout = 1 * time.Hour 132 Identify2CacheShortTimeout = 1 * time.Minute 133 134 // How long we'll go without rerequesting hints/merkle seqno. This is used in both 135 // CachedUPAKLoader and FullSelfCacher. Note that this timeout has to exceed the 136 // dtime value for Gregor IBMs that deal with user and key family changed notifications. 137 // Because if the client is offline for more than that amount of time, then our cache 138 // could be stale. 139 CachedUserTimeout = 10 * time.Minute 140 141 LinkCacheSize = 4000 142 LinkCacheCleanDur = 1 * time.Minute 143 144 UPAKCacheSize = 2000 145 UIDMapFullNameCacheSize = 100000 146 ImplicitTeamConflictInfoCacheSize = 10000 147 ImplicitTeamCacheSize = 10000 148 149 PayloadCacheSize = 1000 150 151 SigShortIDBytes = 27 152 LocalTrackMaxAge = 48 * time.Hour 153 154 CriticalClockSkewLimit = time.Hour 155 156 ChatBoxerMerkleFreshness = 10 * time.Minute 157 TeamMerkleFreshnessForAdmin = 30 * time.Second 158 EphemeralKeyMerkleFreshness = 30 * time.Second 159 160 // By default, only 48 files can be opened. 161 LevelDBNumFiles = 48 162 LevelDBWriteBufferMB = 12 163 LevelDBWriteBufferMBMobile = 8 164 165 HomeCacheTimeout = (time.Hour - time.Minute) 166 HomePeopleCacheTimeout = 10 * time.Minute 167 ) 168 169 const RemoteIdentifyUITimeout = 5 * time.Second 170 171 var MerkleProdKIDs = []string{ 172 "010159baae6c7d43c66adf8fb7bb2b8b4cbe408c062cfc369e693ccb18f85631dbcd0a", 173 "01209ec31411b9b287f62630c2486005af27548ba62a59bbc802e656b888991a20230a", 174 } 175 var MerkleTestKIDs = []string{ 176 "0101be58b6c82db64f6ccabb05088db443c69f87d5d48857d709ed6f73948dabe67d0a", 177 "0120328031cf9d2a6108036408aeb3646b8985f7f8ff1a8e635e829d248a48b1014d0a", 178 } 179 var MerkleStagingKIDs = []string{ 180 "0101bed85ce72cc315828367c28b41af585b6b7d95646a62ca829691d70f49184fa70a", 181 "01202e045e19e8d68ddd3d1582113bfd397f244f0529025ad8ccad7f0397e13d69c60a", 182 } 183 184 var CodeSigningProdKIDs = []string{ 185 "01209092ae4e790763dc7343851b977930f35b16cf43ab0ad900a2af3d3ad5cea1a10a", // keybot (device) 186 "012045891a45f03cec001196ad05207f3f80045b2b9f0ca38288a85f8120ac74db960a", // max (tiber - 2019-01) 187 "012065ae849d1949a8b0021b165b0edaf722e2a7a9036e07817e056e2d721bddcc0e0a", // max (cry glass) 188 "01202a70fa31596ae2afabbbea827c7d1efb205c4b02b2b98b8f8c75915be433ccb50a", // mike (demise sort) 189 "0120f2f55c76151b3eaf91d20dfb673d8591d8b49fd5cb210a10f6e0dd8724bf34f30a", // mike (lisa-5k-redux) 190 "0120deaa8ae7d06ea9aa49cc678ec49f2b1e1dddb63683e384db539a8649c47925f90a", // winbot (device) 191 } 192 var CodeSigningTestKIDs = []string{} 193 var CodeSigningStagingKIDs = []string{} 194 195 // SigVersion describes how the signature is computed. In signatures v1, the payload is a JSON 196 // blob. In Signature V2, it's a Msgpack wrapper that points via SHA256 to the V1 blob. 197 // V2 sigs allow for bandwidth-saving eliding of signature bodies that aren't relevant to clients. 198 type SigVersion int 199 200 const ( 201 KeybaseNullSigVersion SigVersion = 0 202 KeybaseSignatureV1 SigVersion = 1 203 KeybaseSignatureV2 SigVersion = 2 204 KeybaseSignatureV3 SigVersion = 3 205 ) 206 207 const ( 208 OneYearInSeconds = 24 * 60 * 60 * 365 209 210 SigExpireIn = OneYearInSeconds * 16 // 16 years 211 NaclEdDSAExpireIn = OneYearInSeconds * 16 // 16 years 212 NaclDHExpireIn = OneYearInSeconds * 16 // 16 years 213 NaclPerUserKeyExpireIn = OneYearInSeconds * 16 // 16 years 214 KeyExpireIn = OneYearInSeconds * 16 // 16 years 215 SubkeyExpireIn = OneYearInSeconds * 16 // 16 years 216 AuthExpireIn = OneYearInSeconds // 1 year 217 218 ProvisioningKeyMemoryTimeout = time.Hour 219 ) 220 221 // Status codes. This list should match keybase/lib/status_codes.iced. 222 const ( 223 SCOk = int(keybase1.StatusCode_SCOk) 224 SCInputError = int(keybase1.StatusCode_SCInputError) 225 SCAssertionParseError = int(keybase1.StatusCode_SCAssertionParseError) 226 SCLoginRequired = int(keybase1.StatusCode_SCLoginRequired) 227 SCBadSession = int(keybase1.StatusCode_SCBadSession) 228 SCNoSession = int(keybase1.StatusCode_SCNoSession) 229 SCBadLoginUserNotFound = int(keybase1.StatusCode_SCBadLoginUserNotFound) 230 SCBadLoginPassword = int(keybase1.StatusCode_SCBadLoginPassword) 231 SCNotFound = int(keybase1.StatusCode_SCNotFound) 232 SCDeleted = int(keybase1.StatusCode_SCDeleted) 233 SCThrottleControl = int(keybase1.StatusCode_SCThrottleControl) 234 SCGeneric = int(keybase1.StatusCode_SCGeneric) 235 SCAlreadyLoggedIn = int(keybase1.StatusCode_SCAlreadyLoggedIn) 236 SCCanceled = int(keybase1.StatusCode_SCCanceled) 237 SCInputCanceled = int(keybase1.StatusCode_SCInputCanceled) 238 SCBadUsername = int(keybase1.StatusCode_SCBadUsername) 239 SCOffline = int(keybase1.StatusCode_SCOffline) 240 SCExists = int(keybase1.StatusCode_SCExists) 241 SCInvalidAddress = int(keybase1.StatusCode_SCInvalidAddress) 242 SCReloginRequired = int(keybase1.StatusCode_SCReloginRequired) 243 SCResolutionFailed = int(keybase1.StatusCode_SCResolutionFailed) 244 SCProfileNotPublic = int(keybase1.StatusCode_SCProfileNotPublic) 245 SCRateLimit = int(keybase1.StatusCode_SCRateLimit) 246 SCBadSignupUsernameTaken = int(keybase1.StatusCode_SCBadSignupUsernameTaken) 247 SCBadSignupUsernameReserved = int(keybase1.StatusCode_SCBadSignupUsernameReserved) 248 SCBadInvitationCode = int(keybase1.StatusCode_SCBadInvitationCode) 249 SCBadSignupTeamName = int(keybase1.StatusCode_SCBadSignupTeamName) 250 SCFeatureFlag = int(keybase1.StatusCode_SCFeatureFlag) 251 SCEmailTaken = int(keybase1.StatusCode_SCEmailTaken) 252 SCEmailAlreadyAdded = int(keybase1.StatusCode_SCEmailAlreadyAdded) 253 SCEmailLimitExceeded = int(keybase1.StatusCode_SCEmailLimitExceeded) 254 SCEmailCannotDeletePrimary = int(keybase1.StatusCode_SCEmailCannotDeletePrimary) 255 SCEmailUnknown = int(keybase1.StatusCode_SCEmailUnknown) 256 SCNoUpdate = int(keybase1.StatusCode_SCNoUpdate) 257 SCMissingResult = int(keybase1.StatusCode_SCMissingResult) 258 SCKeyNotFound = int(keybase1.StatusCode_SCKeyNotFound) 259 SCKeyCorrupted = int(keybase1.StatusCode_SCKeyCorrupted) 260 SCKeyInUse = int(keybase1.StatusCode_SCKeyInUse) 261 SCKeyBadGen = int(keybase1.StatusCode_SCKeyBadGen) 262 SCKeyNoSecret = int(keybase1.StatusCode_SCKeyNoSecret) 263 SCKeyBadUIDs = int(keybase1.StatusCode_SCKeyBadUIDs) 264 SCKeyNoActive = int(keybase1.StatusCode_SCKeyNoActive) 265 SCKeyNoSig = int(keybase1.StatusCode_SCKeyNoSig) 266 SCKeyBadSig = int(keybase1.StatusCode_SCKeyBadSig) 267 SCKeyBadEldest = int(keybase1.StatusCode_SCKeyBadEldest) 268 SCKeyNoEldest = int(keybase1.StatusCode_SCKeyNoEldest) 269 SCKeyDuplicateUpdate = int(keybase1.StatusCode_SCKeyDuplicateUpdate) 270 SCKeySyncedPGPNotFound = int(keybase1.StatusCode_SCKeySyncedPGPNotFound) 271 SCKeyNoMatchingGPG = int(keybase1.StatusCode_SCKeyNoMatchingGPG) 272 SCKeyRevoked = int(keybase1.StatusCode_SCKeyRevoked) 273 SCSigCannotVerify = int(keybase1.StatusCode_SCSigCannotVerify) 274 SCSibkeyAlreadyExists = int(keybase1.StatusCode_SCSibkeyAlreadyExists) 275 SCSigCreationDisallowed = int(keybase1.StatusCode_SCSigCreationDisallowed) 276 SCDecryptionKeyNotFound = int(keybase1.StatusCode_SCDecryptionKeyNotFound) 277 SCVerificationKeyNotFound = int(keybase1.StatusCode_SCVerificationKeyNotFound) 278 SCBadTrackSession = int(keybase1.StatusCode_SCBadTrackSession) 279 SCDeviceBadName = int(keybase1.StatusCode_SCDeviceBadName) 280 SCDeviceBadStatus = int(keybase1.StatusCode_SCDeviceBadStatus) 281 SCDeviceNameInUse = int(keybase1.StatusCode_SCDeviceNameInUse) 282 SCDeviceNotFound = int(keybase1.StatusCode_SCDeviceNotFound) 283 SCDeviceMismatch = int(keybase1.StatusCode_SCDeviceMismatch) 284 SCDeviceRequired = int(keybase1.StatusCode_SCDeviceRequired) 285 SCDevicePrevProvisioned = int(keybase1.StatusCode_SCDevicePrevProvisioned) 286 SCDeviceProvisionViaDevice = int(keybase1.StatusCode_SCDeviceProvisionViaDevice) 287 SCDeviceNoProvision = int(keybase1.StatusCode_SCDeviceNoProvision) 288 SCDeviceProvisionOffline = int(keybase1.StatusCode_SCDeviceProvisionOffline) 289 SCStreamExists = int(keybase1.StatusCode_SCStreamExists) 290 SCStreamNotFound = int(keybase1.StatusCode_SCStreamNotFound) 291 SCStreamWrongKind = int(keybase1.StatusCode_SCStreamWrongKind) 292 SCStreamUnknown = int(keybase1.StatusCode_SCStreamUnknown) 293 SCStreamEOF = int(keybase1.StatusCode_SCStreamEOF) 294 SCGenericAPIError = int(keybase1.StatusCode_SCGenericAPIError) 295 SCAPINetworkError = int(keybase1.StatusCode_SCAPINetworkError) 296 SCTimeout = int(keybase1.StatusCode_SCTimeout) 297 SCProofError = int(keybase1.StatusCode_SCProofError) 298 SCIdentificationExpired = int(keybase1.StatusCode_SCIdentificationExpired) 299 SCSelfNotFound = int(keybase1.StatusCode_SCSelfNotFound) 300 SCBadKexPhrase = int(keybase1.StatusCode_SCBadKexPhrase) 301 SCNoUI = int(keybase1.StatusCode_SCNoUI) 302 SCNoUIDelegation = int(keybase1.StatusCode_SCNoUIDelegation) 303 SCIdentifyFailed = int(keybase1.StatusCode_SCIdentifyFailed) 304 SCTrackingBroke = int(keybase1.StatusCode_SCTrackingBroke) 305 SCKeyNoPGPEncryption = int(keybase1.StatusCode_SCKeyNoPGPEncryption) 306 SCKeyNoNaClEncryption = int(keybase1.StatusCode_SCKeyNoNaClEncryption) 307 SCWrongCryptoFormat = int(keybase1.StatusCode_SCWrongCryptoFormat) 308 SCGPGUnavailable = int(keybase1.StatusCode_SCGPGUnavailable) 309 SCDecryptionError = int(keybase1.StatusCode_SCDecryptionError) 310 SCWrongCryptoMsgType = int(keybase1.StatusCode_SCWrongCryptoMsgType) 311 SCChatInternal = int(keybase1.StatusCode_SCChatInternal) 312 SCChatRateLimit = int(keybase1.StatusCode_SCChatRateLimit) 313 SCChatConvExists = int(keybase1.StatusCode_SCChatConvExists) 314 SCChatUnknownTLFID = int(keybase1.StatusCode_SCChatUnknownTLFID) 315 SCChatNotInConv = int(keybase1.StatusCode_SCChatNotInConv) 316 SCChatNotInTeam = int(keybase1.StatusCode_SCChatNotInTeam) 317 SCChatBadMsg = int(keybase1.StatusCode_SCChatBadMsg) 318 SCChatBroadcast = int(keybase1.StatusCode_SCChatBroadcast) 319 SCChatAlreadySuperseded = int(keybase1.StatusCode_SCChatAlreadySuperseded) 320 SCChatAlreadyDeleted = int(keybase1.StatusCode_SCChatAlreadyDeleted) 321 SCChatTLFFinalized = int(keybase1.StatusCode_SCChatTLFFinalized) 322 SCChatCollision = int(keybase1.StatusCode_SCChatCollision) 323 SCChatStalePreviousState = int(keybase1.StatusCode_SCChatStalePreviousState) 324 SCChatEphemeralRetentionPolicyViolatedError = int(keybase1.StatusCode_SCChatEphemeralRetentionPolicyViolatedError) 325 SCMerkleClientError = int(keybase1.StatusCode_SCMerkleClientError) 326 SCMerkleUpdateRoot = int(keybase1.StatusCode_SCMerkleUpdateRoot) 327 SCBadEmail = int(keybase1.StatusCode_SCBadEmail) 328 SCIdentifySummaryError = int(keybase1.StatusCode_SCIdentifySummaryError) 329 SCNeedSelfRekey = int(keybase1.StatusCode_SCNeedSelfRekey) 330 SCNeedOtherRekey = int(keybase1.StatusCode_SCNeedOtherRekey) 331 SCChatMessageCollision = int(keybase1.StatusCode_SCChatMessageCollision) 332 SCChatDuplicateMessage = int(keybase1.StatusCode_SCChatDuplicateMessage) 333 SCChatClientError = int(keybase1.StatusCode_SCChatClientError) 334 SCChatUsersAlreadyInConversationError = int(keybase1.StatusCode_SCChatUsersAlreadyInConversationError) 335 SCChatBadConversationError = int(keybase1.StatusCode_SCChatBadConversationError) 336 SCAccountReset = int(keybase1.StatusCode_SCAccountReset) 337 SCIdentifiesFailed = int(keybase1.StatusCode_SCIdentifiesFailed) 338 SCTeamReadError = int(keybase1.StatusCode_SCTeamReadError) 339 SCTeamWritePermDenied = int(keybase1.StatusCode_SCTeamWritePermDenied) 340 SCNoOp = int(keybase1.StatusCode_SCNoOp) 341 SCTeamBadGeneration = int(keybase1.StatusCode_SCTeamBadGeneration) 342 SCTeamNotFound = int(keybase1.StatusCode_SCTeamNotFound) 343 SCTeamTarDuplicate = int(keybase1.StatusCode_SCTeamTarDuplicate) 344 SCTeamTarNotFound = int(keybase1.StatusCode_SCTeamTarNotFound) 345 SCTeamMemberExists = int(keybase1.StatusCode_SCTeamMemberExists) 346 SCTeamFTLOutdated = int(keybase1.StatusCode_SCTeamFTLOutdated) 347 SCTeamContactSettingsBlock = int(keybase1.StatusCode_SCTeamContactSettingsBlock) 348 SCLoginStateTimeout = int(keybase1.StatusCode_SCLoginStateTimeout) 349 SCRevokeCurrentDevice = int(keybase1.StatusCode_SCRevokeCurrentDevice) 350 SCRevokeLastDevice = int(keybase1.StatusCode_SCRevokeLastDevice) 351 SCRevokeLastDevicePGP = int(keybase1.StatusCode_SCRevokeLastDevicePGP) 352 SCTeamKeyMaskNotFound = int(keybase1.StatusCode_SCTeamKeyMaskNotFound) 353 SCGitInternal = int(keybase1.StatusCode_SCGitInternal) 354 SCGitRepoAlreadyExists = int(keybase1.StatusCode_SCGitRepoAlreadyExists) 355 SCGitInvalidRepoName = int(keybase1.StatusCode_SCGitInvalidRepoName) 356 SCGitCannotDelete = int(keybase1.StatusCode_SCGitCannotDelete) 357 SCGitRepoDoesntExist = int(keybase1.StatusCode_SCGitRepoDoesntExist) 358 SCTeamBanned = int(keybase1.StatusCode_SCTeamBanned) 359 SCTeamInvalidBan = int(keybase1.StatusCode_SCTeamInvalidBan) 360 SCNoSpaceOnDevice = int(keybase1.StatusCode_SCNoSpaceOnDevice) 361 SCTeamInviteBadToken = int(keybase1.StatusCode_SCTeamInviteBadToken) 362 SCTeamInviteTokenReused = int(keybase1.StatusCode_SCTeamInviteTokenReused) 363 SCTeamBadMembership = int(keybase1.StatusCode_SCTeamBadMembership) 364 SCTeamProvisionalCanKey = int(keybase1.StatusCode_SCTeamProvisionalCanKey) 365 SCTeamProvisionalCannotKey = int(keybase1.StatusCode_SCTeamProvisionalCannotKey) 366 SCBadSignupUsernameDeleted = int(keybase1.StatusCode_SCBadSignupUsernameDeleted) 367 SCEphemeralPairwiseMACsMissingUIDs = int(keybase1.StatusCode_SCEphemeralPairwiseMACsMissingUIDs) 368 SCEphemeralDeviceAfterEK = int(keybase1.StatusCode_SCEphemeralDeviceAfterEK) 369 SCEphemeralMemberAfterEK = int(keybase1.StatusCode_SCEphemeralMemberAfterEK) 370 SCEphemeralDeviceStale = int(keybase1.StatusCode_SCEphemeralDeviceStale) 371 SCEphemeralUserStale = int(keybase1.StatusCode_SCEphemeralUserStale) 372 SCStellarNeedDisclaimer = int(keybase1.StatusCode_SCStellarNeedDisclaimer) 373 SCStellarDeviceNotMobile = int(keybase1.StatusCode_SCStellarDeviceNotMobile) 374 SCStellarMobileOnlyPurgatory = int(keybase1.StatusCode_SCStellarMobileOnlyPurgatory) 375 SCStellarIncompatibleVersion = int(keybase1.StatusCode_SCStellarIncompatibleVersion) 376 SCStellarMissingAccount = int(keybase1.StatusCode_SCStellarMissingAccount) 377 SCPhoneNumberUnknown = int(keybase1.StatusCode_SCPhoneNumberUnknown) 378 SCPhoneNumberAlreadyVerified = int(keybase1.StatusCode_SCPhoneNumberAlreadyVerified) 379 SCPhoneNumberVerificationCodeExpired = int(keybase1.StatusCode_SCPhoneNumberVerificationCodeExpired) 380 SCPhoneNumberWrongVerificationCode = int(keybase1.StatusCode_SCPhoneNumberWrongVerificationCode) 381 SCPhoneNumberLimitExceeded = int(keybase1.StatusCode_SCPhoneNumberLimitExceeded) 382 SCNoPaperKeys = int(keybase1.StatusCode_SCNoPaperKeys) 383 SCTeambotKeyGenerationExists = int(keybase1.StatusCode_SCTeambotKeyGenerationExists) 384 SCTeamStorageWrongRevision = int(keybase1.StatusCode_SCTeamStorageWrongRevision) 385 SCTeamStorageBadGeneration = int(keybase1.StatusCode_SCTeamStorageBadGeneration) 386 SCTeamStorageNotFound = int(keybase1.StatusCode_SCTeamStorageNotFound) 387 ) 388 389 const ( 390 MerkleTreeNode = 1 391 MerkleTreeLeaf = 2 392 ) 393 394 type LinkType string 395 type DelegationType LinkType 396 397 const ( 398 LinkTypeAuthentication LinkType = "auth" 399 LinkTypeCryptocurrency LinkType = "cryptocurrency" 400 LinkTypeRevoke LinkType = "revoke" 401 LinkTypeTrack LinkType = "track" 402 LinkTypeUntrack LinkType = "untrack" 403 LinkTypeUpdatePassphrase LinkType = "update_passphrase_hash" 404 LinkTypeUpdateSettings LinkType = "update_settings" 405 LinkTypeWebServiceBinding LinkType = "web_service_binding" 406 LinkTypePerUserKey LinkType = "per_user_key" 407 LinkTypeWalletStellar LinkType = "wallet.stellar" 408 LinkTypeWotVouch LinkType = "wot.vouch" 409 LinkTypeWotReact LinkType = "wot.react" 410 411 // team links 412 LinkTypeTeamRoot LinkType = "team.root" 413 LinkTypeNewSubteam LinkType = "team.new_subteam" 414 LinkTypeChangeMembership LinkType = "team.change_membership" 415 LinkTypeRotateKey LinkType = "team.rotate_key" 416 LinkTypeLeave LinkType = "team.leave" 417 LinkTypeSubteamHead LinkType = "team.subteam_head" 418 LinkTypeRenameSubteam LinkType = "team.rename_subteam" 419 LinkTypeInvite LinkType = "team.invite" 420 LinkTypeRenameUpPointer LinkType = "team.rename_up_pointer" 421 LinkTypeDeleteRoot LinkType = "team.delete_root" 422 LinkTypeDeleteSubteam LinkType = "team.delete_subteam" 423 LinkTypeDeleteUpPointer LinkType = "team.delete_up_pointer" 424 LinkTypeKBFSSettings LinkType = "team.kbfs" 425 LinkTypeSettings LinkType = "team.settings" 426 LinkTypeTeamBotSettings LinkType = "team.bot_settings" 427 428 DelegationTypeEldest DelegationType = "eldest" 429 DelegationTypePGPUpdate DelegationType = "pgp_update" 430 DelegationTypeSibkey DelegationType = "sibkey" 431 DelegationTypeSubkey DelegationType = "subkey" 432 ) 433 434 const ( 435 SigTypeNone = 0 436 SigTypeSelfSig = 1 437 SigTypeRemoteProof = 2 438 SigTypeTrack = 3 439 SigTypeUntrack = 4 440 SigTypeRevoke = 5 441 SigTypeCryptocurrency = 6 442 SigTypeAnnouncement = 7 443 ) 444 445 type KeyType int 446 447 const ( 448 KeyTypeNone KeyType = 0 449 KeyTypeOpenPGPPublic KeyType = 1 450 KeyTypeP3skbPrivate KeyType = 2 451 KeyTypeKbNaclEddsa KeyType = 3 452 KeyTypeKbNaclDH KeyType = 4 453 KeyTypeKbNaclEddsaServerHalf KeyType = 5 454 KeyTypeKbNaclDHServerHalf KeyType = 6 455 ) 456 457 const ( 458 DeviceStatusNone = 0 459 DeviceStatusActive = 1 460 DeviceStatusDefunct = 2 461 ) 462 463 const DownloadURL = "https://keybase.io/download" 464 465 var PGPVersion = "Keybase Go " + Version + " (" + runtime.GOOS + ")" 466 467 var PGPArmorHeaders = map[string]string{ 468 "Version": PGPVersion, 469 "Comment": DownloadURL, 470 } 471 472 const GenericSocialWebServiceBinding = "web_service_binding.generic_social" 473 474 var RemoteServiceTypes = map[string]keybase1.ProofType{ 475 "keybase": keybase1.ProofType_KEYBASE, 476 "twitter": keybase1.ProofType_TWITTER, 477 "facebook": keybase1.ProofType_FACEBOOK, 478 "github": keybase1.ProofType_GITHUB, 479 "reddit": keybase1.ProofType_REDDIT, 480 "coinbase": keybase1.ProofType_COINBASE, 481 "hackernews": keybase1.ProofType_HACKERNEWS, 482 "https": keybase1.ProofType_GENERIC_WEB_SITE, 483 "http": keybase1.ProofType_GENERIC_WEB_SITE, 484 "dns": keybase1.ProofType_DNS, 485 "rooter": keybase1.ProofType_ROOTER, 486 "generic_social": keybase1.ProofType_GENERIC_SOCIAL, 487 } 488 489 // remove when ShouldUseParameterizedProofs is removed 490 var RemoteServiceOrder = []keybase1.ProofType{ 491 keybase1.ProofType_KEYBASE, 492 keybase1.ProofType_TWITTER, 493 keybase1.ProofType_FACEBOOK, 494 keybase1.ProofType_GITHUB, 495 keybase1.ProofType_REDDIT, 496 keybase1.ProofType_COINBASE, 497 keybase1.ProofType_HACKERNEWS, 498 keybase1.ProofType_GENERIC_WEB_SITE, 499 keybase1.ProofType_GENERIC_SOCIAL, 500 keybase1.ProofType_ROOTER, 501 } 502 503 const CanonicalHost = "keybase.io" 504 505 const ( 506 HTTPDefaultTimeout = 60 * time.Second 507 HTTPDefaultScraperTimeout = 10 * time.Second 508 HTTPPollMaximum = 5 * time.Second 509 HTTPFastTimeout = 5 * time.Second 510 ) 511 512 // The following constants apply to APIArg parameters for 513 // critical idempotent API calls 514 const ( 515 HTTPRetryInitialTimeout = 1 * time.Second 516 HTTPRetryMutliplier = 1.5 517 HTTPRetryCount = 6 518 ) 519 520 const ( 521 ServerUpdateLag = time.Minute 522 ) 523 524 // key_revocation_types 525 const ( 526 RevSimpleDelete = 0 527 RevFull = 1 528 RevDated = 2 529 ) 530 531 type KeyStatus int 532 533 const ( 534 KeyUncancelled KeyStatus = iota 535 KeyRevoked 536 KeyDeleted 537 KeySuperseded 538 ) 539 540 type KeyRole int 541 542 const ( 543 DLGNone KeyRole = iota 544 DLGSibkey 545 DLGSubkey 546 ) 547 548 const ( 549 Kex2PhraseEntropy = 88 550 Kex2PhraseEntropy2 = 99 // we've upped the entropy to 99 bits after the 2018 NCC Audit 551 Kex2ScryptCost = 1 << 17 552 Kex2ScryptLiteCost = 1 << 10 553 Kex2ScryptR = 8 554 Kex2ScryptP = 1 555 Kex2ScryptKeylen = 32 556 ) 557 558 // PaperKeyWordCountMin of 13 is based on the current state: 559 // entropy: 143 (PaperKeySecretEntropy [117] + PaperKeyIDBits [22] + PaperKeyVersionBits [4]) 560 // len(secwords): 2048 561 const ( 562 PaperKeyScryptCost = 32768 563 PaperKeyScryptR = 8 564 PaperKeyScryptP = 1 565 PaperKeyScryptKeylen = 128 566 PaperKeySecretEntropy = 117 567 PaperKeyIDBits = 22 568 PaperKeyVersionBits = 4 569 PaperKeyVersion = 0 570 PaperKeyWordCountMin = 13 // this should never change to a value greater than 13 571 PaperKeyNoPrefixLen = 11 // word count min - 2 572 ) 573 574 const UserSummaryLimit = 500 // max number of user summaries in one request 575 576 const MinPassphraseLength = 8 577 578 const TrackingRateLimitSeconds = 50 579 580 type KexRole int 581 582 const ( 583 KexRoleProvisioner KexRole = iota 584 KexRoleProvisionee 585 ) 586 587 const ( 588 IdentifySourceKBFS = "kbfs" 589 TestInvitationCode = "202020202020202020202020" 590 ) 591 592 const ( 593 SecretPromptCancelDuration = 5 * time.Minute 594 ) 595 596 const ( 597 ServiceLogFileName = "keybase.service.log" 598 EKLogFileName = "keybase.ek.log" 599 PerfLogFileName = "keybase.perf.log" 600 KBFSLogFileName = kbconst.KBFSLogFileName 601 KBFSPerfLogFileName = "keybase.kbfs.perf.log" 602 GitLogFileName = "keybase.git.log" 603 GitPerfLogFileName = "keybase.git.perf.log" 604 UpdaterLogFileName = "keybase.updater.log" 605 GUILogFileName = "Keybase.app.log" 606 // StartLogFileName is where services can log to (on startup) before they handle their own logging 607 StartLogFileName = "keybase.start.log" 608 ) 609 610 const ( 611 PGPAssertionKey = "pgp" 612 ) 613 614 const ( 615 NotificationDismissPGPPrefix = "pgp_secret_store" 616 NotificationDismissPGPValue = "dismissed" 617 ) 618 619 const ( 620 EncryptionReasonChatLocalStorage EncryptionReason = "Keybase-Chat-Local-Storage-1" 621 EncryptionReasonChatMessage EncryptionReason = "Keybase-Chat-Message-1" 622 EncryptionReasonChatIndexerTokenKey EncryptionReason = "Keybase-Chat-IndexerTokenKey-1" 623 EncryptionReasonChatIndexerAliasKey EncryptionReason = "Keybase-Chat-IndexerAliasKey-1" 624 EncryptionReasonTeamsLocalStorage EncryptionReason = "Keybase-Teams-Local-Storage-1" 625 EncryptionReasonTeamsFTLLocalStorage EncryptionReason = "Keybase-Teams-FTL-Local-Storage-1" 626 EncryptionReasonTeamsHiddenLocalStorage EncryptionReason = "Keybase-Teams-Hidden-Local-Storage-1" 627 EncryptionReasonErasableKVLocalStorage EncryptionReason = "Keybase-Erasable-KV-Local-Storage-1" 628 EncryptionReasonTeambotEphemeralKey EncryptionReason = "Keybase-Teambot-Ephemeral-Key-1" 629 EncryptionReasonTeambotKey EncryptionReason = "Keybase-Teambot-Key-1" 630 EncryptionReasonContactsLocalStorage EncryptionReason = "Keybase-Contacts-Local-Storage-1" 631 EncryptionReasonContactsResolvedServer EncryptionReason = "Keybase-Contacts-Resolved-Server-1" 632 EncryptionReasonTeambotKeyLocalStorage EncryptionReason = "Keybase-Teambot-Key-Local-Storage-1" 633 EncryptionReasonKBFSFavorites EncryptionReason = "kbfs.favorites" // legacy const for kbfs favorites 634 ) 635 636 type DeriveReason string 637 638 const ( 639 DeriveReasonPUKSigning DeriveReason = "Derived-User-NaCl-EdDSA-1" 640 DeriveReasonPUKEncryption DeriveReason = "Derived-User-NaCl-DH-1" 641 // Context used for chaining generations of PerUserKeys. 642 DeriveReasonPUKPrev DeriveReason = "Derived-User-NaCl-SecretBox-1" 643 DeriveReasonPUKStellarBundle DeriveReason = "Derived-User-NaCl-SecretBox-StellarBundle-1" 644 DeriveReasonPUKStellarNoteSelf DeriveReason = "Derived-User-NaCl-SecretBox-StellarSelfNote-1" 645 DeriveReasonPUKStellarAcctBundle DeriveReason = "Derived-User-NaCl-SecretBox-StellarAcctBundle-1" 646 647 DeriveReasonDeviceEKEncryption DeriveReason = "Derived-Ephemeral-Device-NaCl-DH-1" 648 DeriveReasonUserEKEncryption DeriveReason = "Derived-Ephemeral-User-NaCl-DH-1" 649 DeriveReasonTeamEKEncryption DeriveReason = "Derived-Ephemeral-Team-NaCl-DH-1" 650 DeriveReasonTeamEKExplodingChat DeriveReason = "Derived-Ephemeral-Team-NaCl-SecretBox-ExplodingChat-1" 651 DeriveReasonTeambotEKEncryption DeriveReason = "Derived-Ephemeral-Teambot-NaCl-DH-1" 652 DeriveReasonTeambotKeyEncryption DeriveReason = "Derived-Teambot-Key-NaCl-DH-1" 653 654 DeriveReasonChatPairwiseMAC DeriveReason = "Derived-Chat-Pairwise-HMAC-SHA256-1" 655 656 DeriveReasonLinuxRevokableKeyring DeriveReason = "Keybase-Derived-LKS-SecretBox-1" 657 ) 658 659 // Not a DeriveReason because it is not used in the same way. 660 const DeriveReasonPUKStellarNoteShared string = "Keybase-Derived-Stellar-Note-PUK-Sbox-NaCl-DH-1" 661 662 // FirstProdMerkleSeqnoWithSkips is the first merkle root on production that 663 // has skip pointers indicating log(n) previous merkle roots. 664 var FirstProdMerkleSeqnoWithSkips = keybase1.Seqno(835903) 665 666 // We didn't have valid signatures before 796, so don't try to load them. 667 var FirstProdMerkleSeqnoWithSigs = keybase1.Seqno(796) 668 669 // Before this merkle seqno, we had the other, more bushy shape. From this point 670 // on, we have the modern shape. It's possible to tweak our clients to handle both 671 // shapes, but it's not really worth it at this time. 672 var FirstProdMerkleTreeWithModernShape = keybase1.Seqno(531408) 673 674 // FirstProdMerkleSeqnoWithHiddenRootHash is the first merkle root on production that 675 // contains the hash of a blind merkle tree root. 676 var FirstProdMerkleSeqnoWithHiddenRootHash = keybase1.Seqno(14145980) 677 678 type AppType string 679 680 const ( 681 MobileAppType AppType = "mobile" 682 DesktopAppType AppType = "desktop" 683 NoAppType AppType = "" 684 ) 685 686 func StringToAppType(s string) AppType { 687 switch s { 688 case string(MobileAppType): 689 return MobileAppType 690 case string(DesktopAppType): 691 return DesktopAppType 692 default: 693 return NoAppType 694 } 695 } 696 697 // UID of t_alice 698 const TAliceUID = keybase1.UID("295a7eea607af32040647123732bc819") 699 700 const SharedTeamKeyBoxVersion1 = 1 701 702 const ( 703 TeamDHDerivationString = "Keybase-Derived-Team-NaCl-DH-1" 704 TeamEdDSADerivationString = "Keybase-Derived-Team-NaCl-EdDSA-1" 705 TeamKBFSDerivationString = "Keybase-Derived-Team-NaCl-KBFS-1" 706 TeamChatDerivationString = "Keybase-Derived-Team-NaCl-Chat-1" 707 TeamSaltpackDerivationString = "Keybase-Derived-Team-NaCl-Saltpack-1" 708 TeamPrevKeySecretBoxDerivationString = "Keybase-Derived-Team-NaCl-SecretBox-1" 709 TeamGitMetadataDerivationString = "Keybase-Derived-Team-NaCl-GitMetadata-1" 710 TeamSeitanTokenDerivationString = "Keybase-Derived-Team-NaCl-SeitanInviteToken-1" 711 TeamStellarRelayDerivationString = "Keybase-Derived-Team-NaCl-StellarRelay-1" 712 TeamKVStoreDerivationString = "Keybase-Derived-Team-NaCl-KVStore-1" 713 TeamKeySeedCheckDerivationString = "Keybase-Derived-Team-Seedcheck-1" 714 ) 715 716 func CurrentSaltpackVersion() saltpack.Version { 717 return saltpack.Version2() 718 } 719 720 const ( 721 InviteIDTag = 0x27 722 ) 723 724 const CurrentGitMetadataEncryptionVersion = 1 725 726 // The secret_store_file and erasable_kv_store use a random noise file of this 727 // size when encrypting secrets for disk. 728 const noiseFileLen = 1024 * 1024 * 2 729 730 // NOTE if you change these values you should change them in 731 // go/chatbase/storage/ephemeral.go as well. 732 const MaxEphemeralContentLifetime = time.Hour * 24 * 7 733 const MinEphemeralContentLifetime = time.Second * 30 734 735 // NOTE: If you change this value you should change it in lib/constants.iced 736 // and go/ekreaperd/reaper.go as well. 737 // Devices are considered stale and not included in new keys after this interval 738 const MaxEphemeralKeyStaleness = time.Hour * 24 * 38 // 1.25 months 739 // Everyday we want to generate a new key if possible 740 const EphemeralKeyGenInterval = time.Hour * 24 // one day 741 // Our keys must last at least this long. 742 const MinEphemeralKeyLifetime = MaxEphemeralContentLifetime + EphemeralKeyGenInterval 743 744 const MaxTeamMembersForPairwiseMAC = 100 745 746 const TeamBackoffBeforeAuditOnNeedRotate = time.Minute 747 748 const ( 749 MaxStellarPaymentNoteLength = 500 750 MaxStellarPaymentBoxedNoteLength = 2000 751 MaxStellarPaymentPublicNoteLength = 28 752 ) 753 754 const ClientTriplesecVersion = 3 755 756 // Also hard-coded in packaging/linux/{post_install.sh,run_keybase} 757 const DisableRootRedirectorConfigKey = "disable-root-redirector" 758 759 // Also defined in lib_public/public_constants.iced 760 const ( 761 AutoresetEventStart = 0 762 AutoresetEventVerify = 1 763 AutoresetEventCancel = 2 764 AutoresetEventNotify = 3 765 AutoresetEventReady = 4 766 AutoresetEventReset = 5 767 ) 768 769 const ProfileProofSuggestions = true 770 771 const ( 772 ExternalURLsBaseKey = "external_urls" 773 ExternalURLsStellarPartners = "stellar_partners" 774 ) 775 776 type LoginAttempt int 777 778 const ( 779 LoginAttemptNone LoginAttempt = 0 780 LoginAttemptOffline LoginAttempt = 1 781 LoginAttemptOnline LoginAttempt = 2 782 ) 783 784 const ( 785 // Do not fetch the merkle root again if it was fetched within this 786 // threshold. Note that the server can always not tell us about a new root 787 // even if we set this threshold to a very short value (unless we learn 788 // about it otherwise), and that if we poll an honest server will tell us if 789 // we should update the root (which will override this threshold). 790 DefaultMerkleRootFreshness = 1 * time.Minute 791 )