github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/kbfs/libkey/interfaces.go (about) 1 // Copyright 2019 Keybase Inc. All rights reserved. 2 // Use of this source code is governed by a BSD 3 // license that can be found in the LICENSE file. 4 5 package libkey 6 7 import ( 8 "context" 9 10 "github.com/keybase/client/go/kbfs/idutil" 11 "github.com/keybase/client/go/kbfs/kbfscodec" 12 "github.com/keybase/client/go/kbfs/kbfscrypto" 13 "github.com/keybase/client/go/kbfs/kbfsmd" 14 "github.com/keybase/client/go/kbfs/tlf" 15 "github.com/keybase/client/go/kbfs/tlfhandle" 16 "github.com/keybase/client/go/protocol/keybase1" 17 ) 18 19 // KeyOps fetches server-side key halves from the key server. 20 type KeyOps interface { 21 // GetTLFCryptKeyServerHalf gets a server-side key half for a 22 // device given the key half ID. 23 GetTLFCryptKeyServerHalf(ctx context.Context, 24 serverHalfID kbfscrypto.TLFCryptKeyServerHalfID, 25 cryptPublicKey kbfscrypto.CryptPublicKey) ( 26 kbfscrypto.TLFCryptKeyServerHalf, error) 27 28 // PutTLFCryptKeyServerHalves stores a server-side key halves for a 29 // set of users and devices. 30 PutTLFCryptKeyServerHalves(ctx context.Context, 31 keyServerHalves kbfsmd.UserDeviceKeyServerHalves) error 32 33 // DeleteTLFCryptKeyServerHalf deletes a server-side key half for a 34 // device given the key half ID. 35 DeleteTLFCryptKeyServerHalf(ctx context.Context, 36 uid keybase1.UID, key kbfscrypto.CryptPublicKey, 37 serverHalfID kbfscrypto.TLFCryptKeyServerHalfID) error 38 } 39 40 // KeyServer fetches/writes server-side key halves from/to the key server. 41 type KeyServer interface { 42 // GetTLFCryptKeyServerHalf gets a server-side key half for a 43 // device given the key half ID. 44 GetTLFCryptKeyServerHalf(ctx context.Context, 45 serverHalfID kbfscrypto.TLFCryptKeyServerHalfID, 46 cryptPublicKey kbfscrypto.CryptPublicKey) ( 47 kbfscrypto.TLFCryptKeyServerHalf, error) 48 49 // PutTLFCryptKeyServerHalves stores a server-side key halves for a 50 // set of users and devices. 51 PutTLFCryptKeyServerHalves(ctx context.Context, 52 keyServerHalves kbfsmd.UserDeviceKeyServerHalves) error 53 54 // DeleteTLFCryptKeyServerHalf deletes a server-side key half for a 55 // device given the key half ID. 56 DeleteTLFCryptKeyServerHalf(ctx context.Context, 57 uid keybase1.UID, key kbfscrypto.CryptPublicKey, 58 serverHalfID kbfscrypto.TLFCryptKeyServerHalfID) error 59 60 // Shutdown is called to free any KeyServer resources. 61 Shutdown() 62 } 63 64 // KeyMetadata is an interface for something that holds key 65 // information. This is usually implemented by RootMetadata. 66 type KeyMetadata interface { 67 // TlfID returns the ID of the TLF for which this object holds 68 // key info. 69 TlfID() tlf.ID 70 71 // TypeForKeying returns the keying type for this MD. 72 TypeForKeying() tlf.KeyingType 73 74 // LatestKeyGeneration returns the most recent key generation 75 // with key data in this object, or PublicKeyGen if this TLF 76 // is public. 77 LatestKeyGeneration() kbfsmd.KeyGen 78 79 // GetTlfHandle returns the handle for the TLF. It must not 80 // return nil. 81 // 82 // TODO: Remove the need for this function in this interface, 83 // so that kbfsmd.RootMetadata can implement this interface 84 // fully. 85 GetTlfHandle() *tlfhandle.Handle 86 87 // IsWriter checks that the given user is a valid writer of the TLF 88 // right now. 89 IsWriter( 90 ctx context.Context, checker kbfsmd.TeamMembershipChecker, 91 osg idutil.OfflineStatusGetter, uid keybase1.UID, 92 verifyingKey kbfscrypto.VerifyingKey) (bool, error) 93 94 // HasKeyForUser returns whether or not the given user has 95 // keys for at least one device. Returns an error if the TLF 96 // is public. 97 HasKeyForUser(user keybase1.UID) (bool, error) 98 99 // GetTLFCryptKeyParams returns all the necessary info to 100 // construct the TLF crypt key for the given key generation, 101 // user, and device (identified by its crypt public key), or 102 // false if not found. This returns an error if the TLF is 103 // public. 104 GetTLFCryptKeyParams( 105 keyGen kbfsmd.KeyGen, user keybase1.UID, 106 key kbfscrypto.CryptPublicKey) ( 107 kbfscrypto.TLFEphemeralPublicKey, 108 kbfscrypto.EncryptedTLFCryptKeyClientHalf, 109 kbfscrypto.TLFCryptKeyServerHalfID, bool, error) 110 111 // StoresHistoricTLFCryptKeys returns whether or not history keys are 112 // symmetrically encrypted; if not, they're encrypted per-device. 113 StoresHistoricTLFCryptKeys() bool 114 115 // GetHistoricTLFCryptKey attempts to symmetrically decrypt the 116 // key at the given generation using the current generation's 117 // TLFCryptKey. 118 GetHistoricTLFCryptKey(codec kbfscodec.Codec, keyGen kbfsmd.KeyGen, 119 currentKey kbfscrypto.TLFCryptKey) ( 120 kbfscrypto.TLFCryptKey, error) 121 }