sneak
a3d3fb3b69
Co-authored-by: clawbot <clawbot@eeqj.de> Reviewed-on: #24 Reviewed-by: clawbot <clawbot@noreply.example.org> Co-authored-by: sneak <sneak@sneak.berlin> Co-committed-by: sneak <sneak@sneak.berlin>
85 lines
2.0 KiB
Go
85 lines
2.0 KiB
Go
//go:build !darwin
|
|
// +build !darwin
|
|
|
|
package secret
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"filippo.io/age"
|
|
"github.com/spf13/afero"
|
|
)
|
|
|
|
var errSENotSupported = fmt.Errorf(
|
|
"secure enclave unlockers are only supported on macOS",
|
|
)
|
|
|
|
// SecureEnclaveUnlockerMetadata is a stub for non-Darwin platforms.
|
|
type SecureEnclaveUnlockerMetadata struct {
|
|
UnlockerMetadata
|
|
SEKeyLabel string `json:"seKeyLabel"`
|
|
SEKeyHash string `json:"seKeyHash"`
|
|
}
|
|
|
|
// SecureEnclaveUnlocker is a stub for non-Darwin platforms.
|
|
type SecureEnclaveUnlocker struct {
|
|
Directory string
|
|
Metadata UnlockerMetadata
|
|
fs afero.Fs
|
|
}
|
|
|
|
// GetIdentity returns an error on non-Darwin platforms.
|
|
func (s *SecureEnclaveUnlocker) GetIdentity() (*age.X25519Identity, error) {
|
|
return nil, errSENotSupported
|
|
}
|
|
|
|
// GetType returns the unlocker type.
|
|
func (s *SecureEnclaveUnlocker) GetType() string {
|
|
return "secure-enclave"
|
|
}
|
|
|
|
// GetMetadata returns the unlocker metadata.
|
|
func (s *SecureEnclaveUnlocker) GetMetadata() UnlockerMetadata {
|
|
return s.Metadata
|
|
}
|
|
|
|
// GetDirectory returns the unlocker directory.
|
|
func (s *SecureEnclaveUnlocker) GetDirectory() string {
|
|
return s.Directory
|
|
}
|
|
|
|
// GetID returns the unlocker ID.
|
|
func (s *SecureEnclaveUnlocker) GetID() string {
|
|
return fmt.Sprintf(
|
|
"%s-secure-enclave",
|
|
s.Metadata.CreatedAt.Format("2006-01-02.15.04"),
|
|
)
|
|
}
|
|
|
|
// Remove returns an error on non-Darwin platforms.
|
|
func (s *SecureEnclaveUnlocker) Remove() error {
|
|
return errSENotSupported
|
|
}
|
|
|
|
// NewSecureEnclaveUnlocker creates a stub SecureEnclaveUnlocker on non-Darwin platforms.
|
|
// The returned instance's methods that require macOS functionality will return errors.
|
|
func NewSecureEnclaveUnlocker(
|
|
fs afero.Fs,
|
|
directory string,
|
|
metadata UnlockerMetadata,
|
|
) *SecureEnclaveUnlocker {
|
|
return &SecureEnclaveUnlocker{
|
|
Directory: directory,
|
|
Metadata: metadata,
|
|
fs: fs,
|
|
}
|
|
}
|
|
|
|
// CreateSecureEnclaveUnlocker returns an error on non-Darwin platforms.
|
|
func CreateSecureEnclaveUnlocker(
|
|
_ afero.Fs,
|
|
_ string,
|
|
) (*SecureEnclaveUnlocker, error) {
|
|
return nil, errSENotSupported
|
|
}
|