2023-07-17 03:23:26 +02:00
|
|
|
package crypto
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"errors"
|
2023-12-22 10:44:49 +01:00
|
|
|
|
|
|
|
|
"github.com/quexten/goldwarden/logging"
|
2023-07-17 03:23:26 +02:00
|
|
|
)
|
|
|
|
|
|
2023-12-22 10:44:49 +01:00
|
|
|
var keyringLog = logging.GetLogger("Goldwarden", "Keyring")
|
|
|
|
|
|
2023-07-17 03:23:26 +02:00
|
|
|
type Keyring struct {
|
2023-12-22 12:43:38 +01:00
|
|
|
isLocked bool
|
|
|
|
|
accountKey SymmetricEncryptionKey
|
2023-07-17 03:23:26 +02:00
|
|
|
AsymmetricEncyryptionKey AsymmetricEncryptionKey
|
2023-12-22 08:02:23 +01:00
|
|
|
IsMemguard bool
|
2023-07-17 03:23:26 +02:00
|
|
|
OrganizationKeys map[string]string
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-22 08:02:23 +01:00
|
|
|
func NewMemoryKeyring(accountKey *MemorySymmetricEncryptionKey) Keyring {
|
2023-12-22 10:44:49 +01:00
|
|
|
keyringLog.Info("Creating new memory keyring")
|
2023-12-22 08:02:23 +01:00
|
|
|
return Keyring{
|
2023-12-22 12:43:38 +01:00
|
|
|
isLocked: accountKey == nil,
|
|
|
|
|
accountKey: accountKey,
|
2023-12-22 08:02:23 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewMemguardKeyring(accountKey *MemguardSymmetricEncryptionKey) Keyring {
|
2023-12-22 10:44:49 +01:00
|
|
|
keyringLog.Info("Creating new memguard keyring")
|
2023-07-17 03:23:26 +02:00
|
|
|
return Keyring{
|
2023-12-22 12:43:38 +01:00
|
|
|
isLocked: accountKey == nil,
|
|
|
|
|
accountKey: accountKey,
|
2023-07-17 03:23:26 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (keyring Keyring) IsLocked() bool {
|
2023-12-22 12:43:38 +01:00
|
|
|
return keyring.isLocked
|
2023-07-17 03:23:26 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (keyring *Keyring) Lock() {
|
2023-12-22 10:44:49 +01:00
|
|
|
keyringLog.Info("Locking keyring")
|
2023-12-22 12:43:38 +01:00
|
|
|
keyring.isLocked = true
|
|
|
|
|
keyring.accountKey = nil
|
2023-12-22 08:02:23 +01:00
|
|
|
keyring.AsymmetricEncyryptionKey = MemoryAsymmetricEncryptionKey{}
|
2023-07-17 03:23:26 +02:00
|
|
|
keyring.OrganizationKeys = nil
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-22 12:43:38 +01:00
|
|
|
func (keyring *Keyring) UnlockWithAccountKey(accountKey SymmetricEncryptionKey) {
|
|
|
|
|
keyringLog.Info("Unlocking keyring with account key")
|
|
|
|
|
keyring.isLocked = false
|
|
|
|
|
keyring.accountKey = accountKey
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (keyring *Keyring) GetAccountKey() SymmetricEncryptionKey {
|
|
|
|
|
return keyring.accountKey
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-17 20:58:36 +02:00
|
|
|
func (keyring *Keyring) GetSymmetricKeyForOrganization(uuid string) (SymmetricEncryptionKey, error) {
|
2023-07-17 03:23:26 +02:00
|
|
|
if key, ok := keyring.OrganizationKeys[uuid]; ok {
|
|
|
|
|
decryptedOrgKey, err := DecryptWithAsymmetric([]byte(key), keyring.AsymmetricEncyryptionKey)
|
|
|
|
|
if err != nil {
|
2023-12-22 08:02:23 +01:00
|
|
|
return MemorySymmetricEncryptionKey{}, err
|
2023-07-17 03:23:26 +02:00
|
|
|
}
|
|
|
|
|
|
2023-12-22 08:02:23 +01:00
|
|
|
return MemorySymmetricEncryptionKeyFromBytes(decryptedOrgKey)
|
2023-07-17 03:23:26 +02:00
|
|
|
}
|
2023-12-22 08:02:23 +01:00
|
|
|
return MemorySymmetricEncryptionKey{}, errors.New("no key found for organization")
|
2023-07-17 03:23:26 +02:00
|
|
|
}
|
