keystore- Managing stores of secret things

Safe HaskellNone




data SECTIONS h s k Source



class (Bounded a, Enum a, Eq a, Ord a, Show a) => Code a where Source

Minimal complete definition



encode :: a -> String Source

decode :: String -> Maybe a Source

class (Code h, Code s, Code k) => Sections h s k | s -> h, k -> h, h -> s, k -> s, s -> k, h -> k where Source

This class describes the relationship between the host-id, section-id and key-id types used to build a hierarchical deployment model for a keystore. A minimal instance would have to define hostDeploySection. The deploy example program contains a fairly thorough example of this class being used to implement a quite realitic deploymrnt scenario.

Minimal complete definition



hostDeploySection Source


:: h 
-> s

the deployment section: for a given host, the starting section for locating the keys during a deployment (higher/closer sections taking priority)

sectionType Source


:: s 
-> SectionType

whether the section holds the top key for the keystore (i.e., keystore master key), the signing key for the keystore or is a normal section containing deployment keys

superSections Source


:: s 
-> [s]

the sections that get a copy of the master for this section (making all of its keys available to them); N.B., the graph formed by this this relationship over the sections must be acyclic

keyIsHostIndexed Source


:: k 
-> Maybe (h -> Bool)

if the key is host-indexed then the predicate specifies the hosts that use this key

keyIsInSection Source


:: k 
-> s 
-> Bool

specifies which sections a key is resident in

getKeyData Source


:: Maybe h 
-> s 
-> k 
-> IO KeyData

loads the data for a particular key

sectionSettings Source


:: Maybe s 
-> IO Settings

loads the setting for a given settings

describeKey Source


:: k 
-> String

describes the key (for the ks help command)

describeSection Source


:: s 
-> String

describes the section (for the ks help command)

sectionPWEnvVar Source


:: s 
-> EnvVar

secifies the environment variable containing the ^ master password/provate key for for the given section

data SectionType Source

Sections are used to hold the top (master) key for the keystore, its signing key, or deployment keys



data KeyData Source

A key is triple containing some (plain-text) identity information for the key, some comment text and the secret text to be encrypted. Note that the keystore doesn't rely on this information but merely stores it. (They can be empty.) The identity field will often be used to storte the key's identity within the system that generates and uses it, ofor example.


type KeyPredicate h s k = Maybe h -> s -> k -> Bool Source

One, many or all of the keys in a store may be rotated at a time. we use one of these to specify which keys are to be rotated.

data RetrieveDg Source

This type specifies the reasons that an attempt to access a key from the store has failed. This kind of failure suggests an inconsistent model and will be raised regardless of which keys have been stored in the store.

initialise :: Sections h s k => CtxParams -> KeyPredicate h s k -> IO () Source

Here we create the store and rotate in a buch of keys. N.B. All of the section passwords must be bound in the process environment before calling procedure.

rotate :: Sections h s k => IC -> KeyPredicate h s k -> IO () Source

Rotate in a set of keys specified by the predicate.

rotateIfChanged :: Sections h s k => IC -> KeyPredicate h s k -> IO () Source

Rotate in a set of keys specified by the predicate, rotating each key only if it has changed: NB the check is contingent on the secret text being accessible; if the secret text is not accessible then the rotation will happen.

retrieve :: Sections h s k => IC -> h -> k -> IO (Retrieve [Key]) Source

Retrieve the keys for a given host from the store. Note that the whole history for the given key is returned. Note also that the secret text may not be present if it is not accessible (depnding upon hwich section passwords are correctly bound in the process environment). Note also that the Retrieve diagnostic should not fail if a coherent model has been ddefined for Sections.

signKeystore :: Sections h s k => IC -> SECTIONS h s k -> IO ByteString Source

Sign the keystore. (Requites the password for the signing section to be correctly bound in the environment)

noKeys :: KeyPredicate h s k Source

A predicate specifying all of the keys in the store.

allKeys :: KeyPredicate h s k Source

A predicate specifying none of the keys in the keystore.

keyPrededicate :: Sections h s k => Maybe h -> Maybe s -> Maybe k -> KeyPredicate h s k Source

A utility for specifing a slice of the keys in the store, optionally specifying host section and key that should belong to the slice. (If the host is specified then the resulting predicate will only include host-indexed keys belonging to the given host.)

keyHelp :: Sections h s k => Maybe k -> Text Source

secretKeySummary :: Sections h s k => IC -> SECTIONS h s k -> IO Text Source

List a shell script for establishing all of the keys in the environment. NB For this to work the password for the top section (or the passwords for all of the sections must be bound if the store does not maintain a top key).

publicKeySummary :: Sections h s k => IC -> SECTIONS h s k -> FilePath -> IO Text Source

List a shell script for storing the public signing key for the store.

locateKeys :: Sections h s k => IC -> SECTIONS h s k -> Name -> IO [Key] Source

List all of the keys that have the given name as their prefix. If the generic name of a key is given then it will list the complete history for the key, the current (or most recent) entry first.

keyName :: Sections h s k => h -> k -> Retrieve Name Source

Return the generic name for a given key thst is used by the specified host, returning a failure diagnostic if the host does not have such a key on the given Section model.

passwordName :: Sections h s k => s -> Name Source

The name of the key that stores the password for a given sections.