keystore-0.6.3.1: Managing stores of secret things

Safe HaskellNone
LanguageHaskell2010

Data.KeyStore.IO

Description

This module provide an IO-based API. The ks executable provides some keystore management functions that can be used from the shell and Data.KeyStore.KeyStore provides the underlying functional model.

Synopsis

Documentation

readSettings :: FilePath -> IO Settings Source

Read the JSON-encoded KeyStore settings from the named file.

data CtxParams Source

The parameters used to set up a KeyStore session.

Constructors

CtxParams 

Fields

cp_store :: Maybe FilePath

location of any explictlt specified keystore file

cp_debug :: Maybe Bool

whether debug output has been specified enabled or not

cp_readonly :: Maybe Bool

Just True => do not update keystore

Instances

data IC Source

Constructors

IC 

Fields

ic_ctx_params :: CtxParams
 
ic_cache :: Maybe (IORef (Ctx, State))
 

module Data.KeyStore.Types

module Data.KeyStore.KS.KS

keyStoreBytes :: KeyStore -> ByteString Source

Encode a key store as a JSON ByteString (discarding any cached cleartext copies of secrets it may have)

keyStoreFromBytes :: ByteString -> E KeyStore Source

settingsFromBytes :: ByteString -> E Settings Source

defaultSettingsFilePath :: FilePath Source

The default place for keystore settings (settings).

settingsFilePath :: String -> FilePath Source

Add the standard file extension to a base name (.json).

defaultKeyStoreFilePath :: FilePath Source

The default file for a keystore (keystore.json).

defaultCtxParams :: CtxParams Source

Suitable default CtxParams.

instanceCtx :: CtxParams -> IO IC Source

Given CtxParams describing the location of the keystore, etc., generate an IC for use in the following keystore access functions that will allow context to be cached between calls to these access functions.

instanceCtx_ :: CtxParams -> IC Source

This functional method will generate an IC that will not cache any state between calls.

newKeyStore :: FilePath -> Settings -> IO () Source

Generate a new keystore located in the given file with the given global settings.

store :: IC -> IO FilePath Source

the filepath of the loaded store

listSettings :: IC -> IO () Source

List the JSON settings on stdout.

settings :: IC -> IO Settings Source

Return the settings associated with the keystore.

updateSettings :: IC -> FilePath -> IO () Source

Update the global settings of a keystore from the given JSON settings.

listTriggers :: IC -> IO () Source

List the triggers set up in the keystore on stdout.

triggers :: IC -> IO [Trigger] Source

Returns the striggers setup on the keystore.

addTrigger :: IC -> TriggerID -> Pattern -> FilePath -> IO () Source

addTrigger' cariant that erads the setting from a file.

addTrigger' :: IC -> TriggerID -> Pattern -> Settings -> IO () Source

Set up a named trigger on a keystore that will fire when a key matches the given pattern establishing the settings.

rmvTrigger :: IC -> TriggerID -> IO () Source

Remove the named trigger from the keystore.

createRSAKeyPair :: IC -> Name -> Comment -> Identity -> [Safeguard] -> IO () Source

Create an RSA key pair, encoding the private key in the named Safeguards.

createKey :: IC -> Name -> Comment -> Identity -> Maybe EnvVar -> Maybe ByteString -> IO () Source

Create a symmetric key, possibly auto-loaded from an environment variable.

adjustKey :: IC -> Name -> (Key -> Key) -> IO () Source

Adjust a named key.

rememberKey :: IC -> Name -> FilePath -> IO () Source

Load a named key from the named file.

rememberKey_ :: IC -> Name -> ByteString -> IO () Source

Load the named key.

secureKey :: IC -> Name -> Safeguard -> IO () Source

Encrypt and store the key with the named safeguard.

loadKey :: IC -> Name -> IO Key Source

Try and retrieve the secret text for a given key.

showIdentity :: IC -> Bool -> Name -> IO ByteString Source

Return the identity of a key.

showComment :: IC -> Bool -> Name -> IO ByteString Source

Return the comment associated with a key.

showDate :: IC -> Bool -> Name -> IO ByteString Source

Return the creation UTC of a key.

showHash :: IC -> Bool -> Name -> IO ByteString Source

Return the hash of a key.

showHashComment :: IC -> Bool -> Name -> IO ByteString Source

Return the hash comment of a key/

showHashSalt :: IC -> Bool -> Name -> IO ByteString Source

Retuen the hash salt of a key.

showPublic :: IC -> Bool -> Name -> IO ByteString Source

(For public key pairs only) return the public key.

showSecret :: IC -> Bool -> Name -> IO ByteString Source

Return the secret text of a key (will be the private key for a public key pair).

keys :: IC -> IO [Key] Source

Return all of the keys in the keystore.

list :: IC -> IO () Source

List a summary of all of the keys on stdout.

keyInfo :: IC -> Name -> IO () Source

deleteKeys :: IC -> [Name] -> IO () Source

Delete a list of keys from the keystore.

encrypt :: IC -> Name -> FilePath -> FilePath -> IO () Source

encrypt_ :: IC -> Name -> ByteString -> IO ByteString Source

Encrypt a ByteString with a named key.

encrypt__ :: IC -> Name -> ByteString -> IO RSASecretData Source

Encrypt a ByteString with a named key to produce a RSASecretData.

decrypt :: IC -> FilePath -> FilePath -> IO () Source

Decrypt a file with the named key (whose secret text must be accessible).

decrypt_ :: IC -> ByteString -> IO ByteString Source

Decrypt a ByteString with the named key (whose secret text must be accessible).

decrypt__ :: IC -> Name -> RSASecretData -> IO ByteString Source

Decrypt a ByteString from a RSASecretData with the named key (whose secret text must be accessible).

sign :: IC -> Name -> FilePath -> FilePath -> IO () Source

Sign a file with the named key (whose secret text must be accessible) to produce a detached signature in the named file.

sign_ :: IC -> Name -> ByteString -> IO ByteString Source

Sign a ByteString with the named key (whose secret text must be accessible) to produce a detached signature.

verify :: IC -> FilePath -> FilePath -> IO Bool Source

Verify that a signature for a file via the named public key.

verify_ :: IC -> ByteString -> ByteString -> IO Bool Source

Verify that a signature for a ByteString via the named public key.

run :: IC -> KS a -> IO a Source

Run a KS function in an IO context, dealing with keystore updates, output, debug logging and errors.

getKeystore :: IC -> IO KeyStore Source

getState :: IC -> IO State Source

getCtxState :: IC -> IO (Ctx, State) Source

putCtxState :: IC -> Ctx -> State -> IO () Source