// check cached keys for arg.Bundles match. func matchingCachedKey(g *libkb.GlobalContext, arg keybase1.UnboxBytes32AnyArg) (key libkb.GenericKey, index int, err error) { err = g.LoginState().Account(func(a *libkb.Account) { // check device key first dkey, err := a.CachedSecretKey(libkb.SecretKeyArg{KeyType: libkb.DeviceEncryptionKeyType}) if err == nil { if n, ok := kidMatch(dkey, arg.Bundles); ok { key = dkey index = n return } } // check paper key pkey := a.GetUnlockedPaperEncKey() if n, ok := kidMatch(pkey, arg.Bundles); ok { key = pkey index = n return } }, "UnboxBytes32Any") if err != nil { return nil, 0, err } if key != nil { return key, index, nil } return nil, 0, nil }
func getMySecretKey( g *libkb.GlobalContext, secretUI libkb.SecretUI, secretKeyType libkb.SecretKeyType, reason string) ( libkb.GenericKey, error) { var key libkb.GenericKey var err error aerr := g.LoginState().Account(func(a *libkb.Account) { key, err = a.CachedSecretKey(libkb.SecretKeyArg{KeyType: secretKeyType}) }, "Keyrings - cachedSecretKey") if key != nil && err == nil { return key, nil } if aerr != nil { g.Log.Debug("error getting account: %s", aerr) } me, err := libkb.LoadMe(libkb.NewLoadUserArg(g)) if err != nil { return nil, err } arg := libkb.SecretKeyPromptArg{ Ska: libkb.SecretKeyArg{ Me: me, KeyType: secretKeyType, }, SecretUI: secretUI, Reason: reason, UseCancelCache: true, } return g.Keyrings.GetSecretKeyWithPrompt(arg) }
func CurrentUID(g *libkb.GlobalContext) (keybase1.UID, error) { var loggedIn bool var err error var uid keybase1.UID aerr := g.LoginState().Account(func(a *libkb.Account) { loggedIn, err = a.LoggedInProvisionedLoad() if err != nil { return } if !loggedIn { return } uid = a.LocalSession().GetUID() }, "Service - SessionHandler - CurrentUID") if aerr != nil { return uid, aerr } if err != nil { return uid, err } if !loggedIn { return uid, libkb.LoginRequiredError{} } return uid, nil }
// This is used by SaltpackDecrypt as well. func getPaperKey(g *libkb.GlobalContext, ctx *Context) (*keypair, error) { passphrase, err := libkb.GetPaperKeyPassphrase(g, ctx.SecretUI, "") if err != nil { return nil, err } paperPhrase, err := libkb.NewPaperKeyPhraseCheckVersion(g, passphrase) if err != nil { return nil, err } bkarg := &PaperKeyGenArg{ Passphrase: paperPhrase, SkipPush: true, } bkeng := NewPaperKeyGen(bkarg, g) if err := RunEngine(bkeng, ctx); err != nil { return nil, err } kp := &keypair{sigKey: bkeng.SigKey(), encKey: bkeng.EncKey()} if err := g.LoginState().Account(func(a *libkb.Account) { a.SetUnlockedPaperKey(kp.sigKey, kp.encKey) }, "UnlockedPaperKey"); err != nil { return nil, err } return kp, nil }
// check all the user's paper keys for arg.Bundles match func matchingPaperKey(g *libkb.GlobalContext, secretUI libkb.SecretUI, arg keybase1.UnboxBytes32AnyArg, me *libkb.User) (key libkb.GenericKey, index int, err error) { cki := me.GetComputedKeyInfos() if cki == nil { return nil, 0, nil } var matchingPaper []*libkb.Device for _, pdev := range cki.PaperDevices() { enckey, err := me.GetComputedKeyFamily().GetEncryptionSubkeyForDevice(pdev.ID) if err != nil { return nil, 0, err } if _, ok := kidMatch(enckey, arg.Bundles); ok { g.Log.Debug("matching paper key: %s", *pdev.Description) matchingPaper = append(matchingPaper, pdev) } } if len(matchingPaper) == 0 { g.Log.Debug("no matching paper keys found") return nil, 0, nil } phrase, err := libkb.GetPaperKeyForCryptoPassphrase(secretUI, arg.Reason, matchingPaper) if err != nil { return nil, 0, err } paperPhrase, err := libkb.NewPaperKeyPhraseCheckVersion(g, phrase) if err != nil { return nil, 0, err } bkarg := &PaperKeyGenArg{ Passphrase: paperPhrase, SkipPush: true, } bkeng := NewPaperKeyGen(bkarg, g) if err := RunEngine(bkeng, &Context{}); err != nil { return nil, 0, err } // find the index for the key they entered (and make sure the key they entered matches) if n, ok := kidMatch(bkeng.EncKey(), arg.Bundles); ok { // this key matches, so cache this paper key if err := g.LoginState().Account(func(a *libkb.Account) { a.SetUnlockedPaperKey(bkeng.SigKey(), bkeng.EncKey()) }, "UnboxBytes32Any - cache paper key"); err != nil { return nil, 0, err } return bkeng.EncKey(), n, nil } return nil, 0, nil }
// NewScanKeys creates a ScanKeys type. If there is a login // session, it will load the pgp keys for that user. func NewScanKeys(secui libkb.SecretUI, idui libkb.IdentifyUI, opts *keybase1.TrackOptions, g *libkb.GlobalContext) (*ScanKeys, error) { sk := &ScanKeys{ secui: secui, idui: idui, opts: opts, Contextified: libkb.NewContextified(g), } var err error g.Log.Debug("+ NewScanKeys") defer func() { g.Log.Debug("- NewScanKeys -> %s", err) }() lin, err := g.LoginState().LoggedInLoad() if err != nil { return nil, err } if !lin { return sk, nil } // logged in: sk.me, err = libkb.LoadMe(libkb.NewLoadUserArg(sk.G())) if err != nil { return nil, fmt.Errorf("loadme error: %s", err) } // if user provided, then load their local keys, and their synced secret key: synced, err := sk.me.GetSyncedSecretKey() if err != nil { return nil, fmt.Errorf("getsyncedsecret err: %s", err) } aerr := sk.G().LoginState().Account(func(a *libkb.Account) { var ring *libkb.SKBKeyringFile ring, err = a.Keyring() if err != nil { return } err = sk.coalesceBlocks(ring, synced) }, "NewScanKeys - coalesceBlocks") if aerr != nil { return nil, err } if err != nil { return nil, err } return sk, nil }
func getMySecretKey(g *libkb.GlobalContext, getSecretUI func() libkb.SecretUI, secretKeyType libkb.SecretKeyType, reason string) (libkb.GenericKey, error) { g.Log.Debug("getMySecretKey: acquiring lock") getKeyMu.Lock() defer func() { getKeyMu.Unlock() g.Log.Debug("getMySecretKey: lock released") }() g.Log.Debug("getMySecretKey: lock acquired") // check cache after acquiring lock var key libkb.GenericKey var err error aerr := g.LoginState().Account(func(a *libkb.Account) { key, err = a.CachedSecretKey(libkb.SecretKeyArg{KeyType: secretKeyType}) }, "Keyrings - cachedSecretKey") if key != nil && err == nil { return key, nil } if aerr != nil { g.Log.Debug("error getting account: %s", aerr) } me, err := libkb.LoadMe(libkb.NewLoadUserArg(g)) if err != nil { return nil, err } arg := libkb.SecretKeyPromptArg{ Ska: libkb.SecretKeyArg{ Me: me, KeyType: secretKeyType, }, SecretUI: getSecretUI(), Reason: reason, UseCancelCache: true, } return g.Keyrings.GetSecretKeyWithPrompt(arg) }