keystore- Managing stores of secret things

Safe HaskellNone




keyStoreBytes :: KeyStore -> ByteString Source #

Encode a key store as a JSON ByteString (discarding any cached cleartext copies of secrets it may have)

encryptWithRSAKeyKS :: Name -> ClearText -> KS EncryptionPacket Source #

Encrypt a clear text message with a name RSA key pair.

decryptWithRSAKeyKS :: EncryptionPacket -> KS ClearText Source #

Decrypt an RSA-encrypted message (the RSA secret key named in the message must be available.)

signWithRSAKeyKS :: Name -> ClearText -> KS SignaturePacket Source #

Sign a message with a named RSA secret key (which must be available).

verifyWithRSAKeyKS :: ClearText -> SignaturePacket -> KS Bool Source #

Verify that an RSA signature of a message is correct.

encryptWithKeysKS :: Safeguard -> ClearText -> KS EncrypedCopy Source #

Symetrically encrypt a message with a Safeguard (list of names private keys).

decryptWithKeysKS :: EncrypedCopy -> KS ClearText Source #

Symetrically encrypt a message with a Safeguard (list of names private keys).

createKeyKS Source #


:: Name

(unique) name of the new key

-> Comment

the comment string

-> Identity

the identity string

-> Maybe EnvVar

the environment variable used to hold a clear text copy

-> Maybe ClearText

(optionally) the clear test copy

-> KS () 

Create a private key.

backupKeysKS :: KS () Source #

Backup all of the keys in the store with their configured backup keys.

rememberKeyKS :: Name -> ClearText -> KS () Source #

Remember the secret text for a key -- will record the hash and encrypt it with the configured safeguards, generating an error if any of the safeguards are not available.

secureKeyKS :: Name -> Safeguard -> KS () Source #

Primitive to make a cryptographic copy (i.e., a safeguard) of the secret text of a key, storing it in the key (and doing nothing if the that safeguard is already present).

getKeysKS :: KS [Key] Source #

Return all of the keys in the keystore.

listKS :: KS () Source #

List all of the keys in the store, one per line, on the output.

keyInfoKS :: Name -> KS () Source #

Print out the information of a particular key.

loadKeyKS :: Name -> KS Key Source #

Try to load the secret copy into the key and return it. (No error is raised if it failed to recover the secret.)

loadEncryptionKeyKS :: Dirctn -> EncrypedCopy -> KS (Maybe EncryptionKey) Source #

Try to load an encryption or decryption key for an encrypted message.