Categorygithub.com/jsipprell/keyctl
modulepackage
1.0.3
Repository: https://github.com/jsipprell/keyctl.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
9
Dependents
9
Files
773 SLOC

# README

GoDoc Build Status

keyctl

A native Go API for the security key management system (aka "keyrings") found in Linux 2.6+

The keyctl interface is nominally provided by three or so Linux-specific syscalls, however it is almost always wrapped in a library named libkeyutils.so.

This package interacts directly with the syscall interface and does not require CGO for linkage to the helper library provided on most systems.

Example Usages

To access the default session keyring (and create it if it doesn't exist)

package main
   
import (
  "log"
  "github.com/jsipprell/keyctl"
)
    
func main() {
  keyring, err := keyctl.SessionKeyring()
  if err != nil {
    log.Fatal(err)
  }
      
  // default timeout of 10 seconds for new or updated keys
  keyring.SetDefaultTimeout(10)
  secureData := []byte{1,2,3,4}
  id, err := keyring.Add("some-data", secureData)
  if err != nil {
    log.Fatal(err)
  }
  log.Printf("created session key id %v", id)
}

To search for an existing key by name:

package main

import (
  "log"
  "github.com/jsipprell/keyctl"
)

func main() {
  keyring, err := keyctl.SessionKeyring()
  if err != nil {
    log.Fatal(err)
  }
  key, err := keyring.Search("some-data")
  if err != nil {
    log.Fatal(err)
  }
 
  data, err := key.Get()
  if err != nil {
    log.Fatal(err)
  }
  log.Printf("secure data: %v\n", data)
}

# Packages

Provides a keyring with an openpgp.ReadMessage wrapper method that when called will automatically attempt private key decryption and save the passphrase in the private session kernel keyring for a configurable amount of time.

# Functions

Change group ownership on a key or keyring.
Change user ownership on a key or keyring.
Creates a new named-keyring linked to a parent keyring.
Create a new key and stream writer with a given name on an open keyring.
Return the current group keyring.
Link an object to a keyring.
List the contents of a keyring.
Returns an io.Reader interface object which will read the key's data from the kernel.
Create a new stream writer to write key data to.
Search for and open an existing keyring with the given name linked to a parent keyring (at any depth).
Open an existing key on a keyring given its name.
Return the keyring specific to the current executing process.
Return the current login session keyring.
Set the time to live in seconds for an entire keyring and all of its keys.
Set permissions on a key or keyring.
Return the keyring specific to the current executing thread.
Unlink an object from a keyring.
Unlink a named keyring from its parent.
Return the current user-session keyring (part of session, but private to current user).

# Constants

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author

# Variables

Error returned if a reference is stale when Info() or Get() is called on it.
Error returned when attempting to close or flush an already closed stream.
Error returned if the Get() method is called on a Reference that doesn't represent a key or keychain.

# Structs

Information about a keyctl reference as returned by ref.Info().
Represents a single key linked to one or more kernel keyrings.
Reference is a reference to an unloaded keyctl Key or Keychain.

# Interfaces

No description provided by the author
All Keys and Keyrings have unique 32-bit serial number identifiers.
Basic interface to a linux keyctl keyring.
Named keyrings are user-created keyrings linked to a parent keyring.

# Type aliases

KeyPerm represents in-kernel access control permission to keys and keyrings as a 32-bit integer broken up into four permission sets, one per byte.