github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/kbfs/libkey/interfaces.go (about)

     1  // Copyright 2019 Keybase Inc. All rights reserved.
     2  // Use of this source code is governed by a BSD
     3  // license that can be found in the LICENSE file.
     4  
     5  package libkey
     6  
     7  import (
     8  	"context"
     9  
    10  	"github.com/keybase/client/go/kbfs/idutil"
    11  	"github.com/keybase/client/go/kbfs/kbfscodec"
    12  	"github.com/keybase/client/go/kbfs/kbfscrypto"
    13  	"github.com/keybase/client/go/kbfs/kbfsmd"
    14  	"github.com/keybase/client/go/kbfs/tlf"
    15  	"github.com/keybase/client/go/kbfs/tlfhandle"
    16  	"github.com/keybase/client/go/protocol/keybase1"
    17  )
    18  
    19  // KeyOps fetches server-side key halves from the key server.
    20  type KeyOps interface {
    21  	// GetTLFCryptKeyServerHalf gets a server-side key half for a
    22  	// device given the key half ID.
    23  	GetTLFCryptKeyServerHalf(ctx context.Context,
    24  		serverHalfID kbfscrypto.TLFCryptKeyServerHalfID,
    25  		cryptPublicKey kbfscrypto.CryptPublicKey) (
    26  		kbfscrypto.TLFCryptKeyServerHalf, error)
    27  
    28  	// PutTLFCryptKeyServerHalves stores a server-side key halves for a
    29  	// set of users and devices.
    30  	PutTLFCryptKeyServerHalves(ctx context.Context,
    31  		keyServerHalves kbfsmd.UserDeviceKeyServerHalves) error
    32  
    33  	// DeleteTLFCryptKeyServerHalf deletes a server-side key half for a
    34  	// device given the key half ID.
    35  	DeleteTLFCryptKeyServerHalf(ctx context.Context,
    36  		uid keybase1.UID, key kbfscrypto.CryptPublicKey,
    37  		serverHalfID kbfscrypto.TLFCryptKeyServerHalfID) error
    38  }
    39  
    40  // KeyServer fetches/writes server-side key halves from/to the key server.
    41  type KeyServer interface {
    42  	// GetTLFCryptKeyServerHalf gets a server-side key half for a
    43  	// device given the key half ID.
    44  	GetTLFCryptKeyServerHalf(ctx context.Context,
    45  		serverHalfID kbfscrypto.TLFCryptKeyServerHalfID,
    46  		cryptPublicKey kbfscrypto.CryptPublicKey) (
    47  		kbfscrypto.TLFCryptKeyServerHalf, error)
    48  
    49  	// PutTLFCryptKeyServerHalves stores a server-side key halves for a
    50  	// set of users and devices.
    51  	PutTLFCryptKeyServerHalves(ctx context.Context,
    52  		keyServerHalves kbfsmd.UserDeviceKeyServerHalves) error
    53  
    54  	// DeleteTLFCryptKeyServerHalf deletes a server-side key half for a
    55  	// device given the key half ID.
    56  	DeleteTLFCryptKeyServerHalf(ctx context.Context,
    57  		uid keybase1.UID, key kbfscrypto.CryptPublicKey,
    58  		serverHalfID kbfscrypto.TLFCryptKeyServerHalfID) error
    59  
    60  	// Shutdown is called to free any KeyServer resources.
    61  	Shutdown()
    62  }
    63  
    64  // KeyMetadata is an interface for something that holds key
    65  // information. This is usually implemented by RootMetadata.
    66  type KeyMetadata interface {
    67  	// TlfID returns the ID of the TLF for which this object holds
    68  	// key info.
    69  	TlfID() tlf.ID
    70  
    71  	// TypeForKeying returns the keying type for this MD.
    72  	TypeForKeying() tlf.KeyingType
    73  
    74  	// LatestKeyGeneration returns the most recent key generation
    75  	// with key data in this object, or PublicKeyGen if this TLF
    76  	// is public.
    77  	LatestKeyGeneration() kbfsmd.KeyGen
    78  
    79  	// GetTlfHandle returns the handle for the TLF. It must not
    80  	// return nil.
    81  	//
    82  	// TODO: Remove the need for this function in this interface,
    83  	// so that kbfsmd.RootMetadata can implement this interface
    84  	// fully.
    85  	GetTlfHandle() *tlfhandle.Handle
    86  
    87  	// IsWriter checks that the given user is a valid writer of the TLF
    88  	// right now.
    89  	IsWriter(
    90  		ctx context.Context, checker kbfsmd.TeamMembershipChecker,
    91  		osg idutil.OfflineStatusGetter, uid keybase1.UID,
    92  		verifyingKey kbfscrypto.VerifyingKey) (bool, error)
    93  
    94  	// HasKeyForUser returns whether or not the given user has
    95  	// keys for at least one device. Returns an error if the TLF
    96  	// is public.
    97  	HasKeyForUser(user keybase1.UID) (bool, error)
    98  
    99  	// GetTLFCryptKeyParams returns all the necessary info to
   100  	// construct the TLF crypt key for the given key generation,
   101  	// user, and device (identified by its crypt public key), or
   102  	// false if not found. This returns an error if the TLF is
   103  	// public.
   104  	GetTLFCryptKeyParams(
   105  		keyGen kbfsmd.KeyGen, user keybase1.UID,
   106  		key kbfscrypto.CryptPublicKey) (
   107  		kbfscrypto.TLFEphemeralPublicKey,
   108  		kbfscrypto.EncryptedTLFCryptKeyClientHalf,
   109  		kbfscrypto.TLFCryptKeyServerHalfID, bool, error)
   110  
   111  	// StoresHistoricTLFCryptKeys returns whether or not history keys are
   112  	// symmetrically encrypted; if not, they're encrypted per-device.
   113  	StoresHistoricTLFCryptKeys() bool
   114  
   115  	// GetHistoricTLFCryptKey attempts to symmetrically decrypt the
   116  	// key at the given generation using the current generation's
   117  	// TLFCryptKey.
   118  	GetHistoricTLFCryptKey(codec kbfscodec.Codec, keyGen kbfsmd.KeyGen,
   119  		currentKey kbfscrypto.TLFCryptKey) (
   120  		kbfscrypto.TLFCryptKey, error)
   121  }