libcdoc 0.1.8
Public Types | Public Member Functions | Public Attributes | List of all members
libcdoc::Lock Struct Reference

A descriptor of decryption scheme in container. More...

#include <Lock.h>

Public Types

enum  Type : unsigned char {
  INVALID , SYMMETRIC_KEY , PASSWORD , PUBLIC_KEY ,
  CDOC1 , SERVER , SHARE_SERVER
}
 The lock type. More...
 
enum  PKType : unsigned char { ECC , RSA }
 The public key type. More...
 
enum  Params : unsigned int {
  SALT , PW_SALT , KDF_ITER , RCPT_KEY ,
  CERT , KEY_MATERIAL , KEYSERVER_ID , TRANSACTION_ID ,
  RECIPIENT_ID , SHARE_URLS , CONCAT_DIGEST , METHOD ,
  ALGORITHM_ID , PARTY_UINFO , PARTY_VINFO
}
 Extra parameters depending on key type. More...
 

Public Member Functions

const std::vector< uint8_t > & getBytes (Params param) const
 get lock parameter value
 
std::string getString (Params key) const
 get lock parameter as string
 
int32_t getInt (Params key) const
 get lock parameter as integer
 
bool isValid () const noexcept
 check whether lock is valid
 
constexpr bool isSymmetric () const noexcept
 check whether lock is based on symmetric key
 
constexpr bool isPKI () const noexcept
 check whether lock is based on public key
 
constexpr bool isCertificate () const noexcept
 check whether lock is based on certificate
 
constexpr bool isCDoc1 () const noexcept
 check whether lock is CDoc1 version
 
constexpr bool isRSA () const noexcept
 check whether public key lock uses RSA algorithm
 
bool hasTheSameKey (const Lock &other) const
 check whether two locks have the same public key
 
bool hasTheSameKey (const std::vector< uint8_t > &public_key) const
 check whether lock has the given public key
 
 Lock () noexcept=default
 
 Lock (Type _type) noexcept
 
void setBytes (Params param, const std::vector< uint8_t > &val)
 Set lock parameter value.
 
void setString (Params param, const std::string &val)
 Set lock parameter value from string.
 
void setInt (Params param, int32_t val)
 Set lock parameter value from integer.
 
void setCertificate (const std::vector< uint8_t > &cert)
 A convenience method to initialize CERTIFICATE, RCPT_KEY and PK_TYPE values from given certificate.
 
bool operator== (const Lock &other) const =default
 

Public Attributes

Type type = Type::INVALID
 The lock type.
 
PKType pk_type = PKType::ECC
 algorithm type for public key based locks
 
std::string label
 the lock label
 
std::vector< uint8_t > encrypted_fmk
 encrypted FMK (File Master Key)
 

Detailed Description

A descriptor of decryption scheme in container.

A Lock represents an encryption scheme with certain key and mechanism in encrypted container. A single container may contain many locks (for example one lock for one intended recipient).

To decrypt the container, the FMK (File Master Key) has to be obtained from a lock. Lock type determines, which exact procedures and cryptographic keys are needed for that.

Member Enumeration Documentation

◆ Params

enum libcdoc::Lock::Params : unsigned int

Extra parameters depending on key type.

Enumerator
SALT 

HKDF salt (SYMMETRIC_KEY, PASSWORD and SHARE_SERVER)

PW_SALT 

PBKDF salt (PASSWORD)

KDF_ITER 

PBKDF iteration count (PASSWORD)

RCPT_KEY 

Recipient's public key (PUBLIC_KEY, CDOC1, SERVER)

CERT 

Recipient's certificate (CDOC1)

KEY_MATERIAL 

ECC ephemereal key or RSA encrypted KEK.

KEYSERVER_ID 

Keyserver Id.

TRANSACTION_ID 

Keyserver transaction Id.

RECIPIENT_ID 

Keyshare recipient ID.

SHARE_URLS 

Keyshare server urls (separated by ';')

CONCAT_DIGEST 

CDoc1 specific.

METHOD 

CDoc1 specific.

ALGORITHM_ID 

CDoc1 specific.

PARTY_UINFO 

CDoc1 specific.

PARTY_VINFO 

CDoc1 specific.

◆ PKType

enum libcdoc::Lock::PKType : unsigned char

The public key type.

Enumerator
ECC 

Elliptic curve

RSA 

RSA

◆ Type

enum libcdoc::Lock::Type : unsigned char

The lock type.

Enumerator
INVALID 

Invalid value.

SYMMETRIC_KEY 

Symmetric AES key.

PASSWORD 

PBKDF key (derived from password)

PUBLIC_KEY 

Public key (ECC or RSA)

CDOC1 

CDoc1 lock.

SERVER 

Public key stored on keyserver.

SHARE_SERVER 

Symmetric key distributed on several servers.

Constructor & Destructor Documentation

◆ Lock() [1/2]

libcdoc::Lock::Lock ( )
defaultnoexcept

◆ Lock() [2/2]

libcdoc::Lock::Lock ( Type  _type)
inlinenoexcept

Member Function Documentation

◆ getBytes()

const std::vector< uint8_t > & libcdoc::Lock::getBytes ( Params  param) const
inline

get lock parameter value

Parameters
parama parameter type
Returns
the parameter value

◆ getInt()

int32_t libcdoc::Lock::getInt ( Params  key) const

get lock parameter as integer

Parameters
keya parameter type
Returns
the parameter value

◆ getString()

std::string libcdoc::Lock::getString ( Params  key) const

get lock parameter as string

Parameters
keya parameter type
Returns
the parameter value

◆ hasTheSameKey() [1/2]

bool libcdoc::Lock::hasTheSameKey ( const Lock other) const

check whether two locks have the same public key

This convenience method checks whether both locks are public key based, and if they are, whether the RCPT_KEY parameters are identical (i.e. both can be decrypted by the same private key)

Parameters
otherthe other lock
Returns
true if both have the same public key

◆ hasTheSameKey() [2/2]

bool libcdoc::Lock::hasTheSameKey ( const std::vector< uint8_t > &  public_key) const

check whether lock has the given public key

This convenience method checks whether lock is public key based, and if it is, whether the RCPT_KEY parameters is identical to ptovided key(i.e. it can be decrypted by the corresponding private key)

Parameters
public_keythe public key (short format)
Returns
true if lock has the same public key

◆ isCDoc1()

constexpr bool libcdoc::Lock::isCDoc1 ( ) const
inlineconstexprnoexcept

check whether lock is CDoc1 version

Returns
true if type is CDOC1

◆ isCertificate()

constexpr bool libcdoc::Lock::isCertificate ( ) const
inlineconstexprnoexcept

check whether lock is based on certificate

Returns
true if type is CDOC1

◆ isPKI()

constexpr bool libcdoc::Lock::isPKI ( ) const
inlineconstexprnoexcept

check whether lock is based on public key

Returns
true if type is CDOC1, PUBLIC_KEY or SERVER

◆ isRSA()

constexpr bool libcdoc::Lock::isRSA ( ) const
inlineconstexprnoexcept

check whether public key lock uses RSA algorithm

Returns
true if pk_type is RSA

◆ isSymmetric()

constexpr bool libcdoc::Lock::isSymmetric ( ) const
inlineconstexprnoexcept

check whether lock is based on symmetric key

Returns
true if type is SYMMETRIC_KEY or PASSWORD

◆ isValid()

bool libcdoc::Lock::isValid ( ) const
inlinenoexcept

check whether lock is valid

Returns
true if valid

◆ operator==()

bool libcdoc::Lock::operator== ( const Lock other) const
default

◆ setBytes()

void libcdoc::Lock::setBytes ( Params  param,
const std::vector< uint8_t > &  val 
)
inline

Set lock parameter value.

Parameters
parama parameter type
valthe value

◆ setCertificate()

void libcdoc::Lock::setCertificate ( const std::vector< uint8_t > &  cert)

A convenience method to initialize CERTIFICATE, RCPT_KEY and PK_TYPE values from given certificate.

Parameters
certthe certificate (der-encoded)

◆ setInt()

void libcdoc::Lock::setInt ( Params  param,
int32_t  val 
)

Set lock parameter value from integer.

Parameters
parama parameter type
valthe value

◆ setString()

void libcdoc::Lock::setString ( Params  param,
const std::string &  val 
)
inline

Set lock parameter value from string.

Parameters
parama parameter type
valthe value

Member Data Documentation

◆ encrypted_fmk

std::vector<uint8_t> libcdoc::Lock::encrypted_fmk

encrypted FMK (File Master Key)

◆ label

std::string libcdoc::Lock::label

the lock label

◆ pk_type

PKType libcdoc::Lock::pk_type = PKType::ECC

algorithm type for public key based locks

◆ type

Type libcdoc::Lock::type = Type::INVALID

The lock type.

The documentation for this struct was generated from the following file: