diff options
Diffstat (limited to 'crypto-common/src/main/kotlin/app')
3 files changed, 130 insertions, 0 deletions
diff --git a/crypto-common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt b/crypto-common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt new file mode 100644 index 00000000..952f4a7e --- /dev/null +++ b/crypto-common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt @@ -0,0 +1,42 @@ +/* + * Copyright © 2014-2021 The Android Password Store Authors. All Rights Reserved. + * SPDX-License-Identifier: GPL-3.0-only + */ + +package app.passwordstore.crypto + +import app.passwordstore.crypto.errors.CryptoHandlerException +import com.github.michaelbull.result.Result +import java.io.InputStream +import java.io.OutputStream + +/** Generic interface to implement cryptographic operations on top of. */ +public interface CryptoHandler<Key> { + + /** + * Decrypt the given [ciphertextStream] using a [privateKey] and [passphrase], and writes the + * resultant plaintext to [outputStream]. The returned [Result] should be checked to ensure it is + * **not** an instance of [com.github.michaelbull.result.Err] before the contents of + * [outputStream] are used. + */ + public fun decrypt( + privateKey: Key, + passphrase: String, + ciphertextStream: InputStream, + outputStream: OutputStream, + ): Result<Unit, CryptoHandlerException> + + /** + * Encrypt the given [plaintextStream] to the provided [keys], and writes the encrypted ciphertext + * to [outputStream]. The returned [Result] should be checked to ensure it is **not** an instance + * of [com.github.michaelbull.result.Err] before the contents of [outputStream] are used. + */ + public fun encrypt( + keys: List<Key>, + plaintextStream: InputStream, + outputStream: OutputStream, + ): Result<Unit, CryptoHandlerException> + + /** Given a [fileName], return whether this instance can handle it. */ + public fun canHandle(fileName: String): Boolean +} diff --git a/crypto-common/src/main/kotlin/app/passwordstore/crypto/KeyManager.kt b/crypto-common/src/main/kotlin/app/passwordstore/crypto/KeyManager.kt new file mode 100644 index 00000000..31e1710d --- /dev/null +++ b/crypto-common/src/main/kotlin/app/passwordstore/crypto/KeyManager.kt @@ -0,0 +1,44 @@ +/* + * Copyright © 2014-2021 The Android Password Store Authors. All Rights Reserved. + * SPDX-License-Identifier: GPL-3.0-only + */ + +package app.passwordstore.crypto + +import com.github.michaelbull.result.Result + +/** + * [KeyManager] defines a contract for implementing a management system for [Key]s as they would be + * used by an implementation of [CryptoHandler] to obtain eligible public or private keys as + * required. + */ +public interface KeyManager<Key, KeyIdentifier> { + + /** + * Inserts a [key] into the store. If the key already exists, this method will return + * [app.passwordstore.crypto.errors.KeyAlreadyExistsException] unless [replace] is `true`. + */ + public suspend fun addKey(key: Key, replace: Boolean = false): Result<Key, Throwable> + + /** Removes [key] from the store. */ + public suspend fun removeKey(key: Key): Result<Key, Throwable> + + /** + * Get a [Key] for the given [id]. The actual semantics of what [id] is are left to individual + * implementations to figure out for themselves. For example, in GPG this can be a full + * hexadecimal key ID, an email, a short hex key ID, and probably a few more things. + */ + public suspend fun getKeyById(id: KeyIdentifier): Result<Key, Throwable> + + /** Returns all keys currently in the store as a [List]. */ + public suspend fun getAllKeys(): Result<List<Key>, Throwable> + + /** + * Get a stable identifier for the given [key]. The returned key ID should be suitable to be used + * as an identifier for the cryptographic identity tied to this key. + */ + public suspend fun getKeyId(key: Key): KeyIdentifier? + + /** Given a [fileName], return whether this instance can handle it. */ + public fun canHandle(fileName: String): Boolean +} diff --git a/crypto-common/src/main/kotlin/app/passwordstore/crypto/errors/CryptoException.kt b/crypto-common/src/main/kotlin/app/passwordstore/crypto/errors/CryptoException.kt new file mode 100644 index 00000000..81bdf95f --- /dev/null +++ b/crypto-common/src/main/kotlin/app/passwordstore/crypto/errors/CryptoException.kt @@ -0,0 +1,44 @@ +package app.passwordstore.crypto.errors + +import app.passwordstore.crypto.KeyManager + +public sealed class CryptoException(message: String? = null, cause: Throwable? = null) : + Exception(message, cause) + +/** Sealed exception types for [KeyManager]. */ +public sealed class KeyManagerException(message: String? = null) : CryptoException(message) + +/** Store contains no keys. */ +public object NoKeysAvailableException : KeyManagerException("No keys were found") + +/** Key directory does not exist or cannot be accessed. */ +public object KeyDirectoryUnavailableException : + KeyManagerException("Key directory does not exist") + +/** Failed to delete given key. */ +public object KeyDeletionFailedException : KeyManagerException("Couldn't delete the key file") + +/** Failed to parse the key as a known type. */ +public object InvalidKeyException : + KeyManagerException("Given key cannot be parsed as a known key type") + +/** No key matching `keyId` could be found. */ +public class KeyNotFoundException(keyId: String) : + KeyManagerException("No key found with id: $keyId") + +/** Attempting to add another key for `keyId` without requesting a replace. */ +public class KeyAlreadyExistsException(keyId: String) : + KeyManagerException("Pre-existing key was found for $keyId") + +/** Sealed exception types for [app.passwordstore.crypto.CryptoHandler]. */ +public sealed class CryptoHandlerException(message: String? = null, cause: Throwable? = null) : + CryptoException(message, cause) + +/** The passphrase provided for decryption was incorrect. */ +public class IncorrectPassphraseException(cause: Throwable) : CryptoHandlerException(null, cause) + +/** No keys were provided for encryption. */ +public class NoKeysProvided(message: String?) : CryptoHandlerException(message, null) + +/** An unexpected error that cannot be mapped to a known type. */ +public class UnknownError(cause: Throwable) : CryptoHandlerException(null, cause) |