Interface ServerSideSecretStorage

Interface provided by SecretStorage implementations

Normally this will just be an ServerSideSecretStorageImpl, but for backwards compatibility some methods allow other implementations.

interface ServerSideSecretStorage {
    addKey(algorithm, opts, keyId?): Promise<SecretStorageKeyObject>;
    checkKey(key, info): Promise<boolean>;
    get(name): Promise<undefined | string>;
    getDefaultKeyId(): Promise<null | string>;
    getKey(keyId?): Promise<null | SecretStorageKeyTuple>;
    hasKey(keyId?): Promise<boolean>;
    isStored(name): Promise<null | Record<string, SecretStorageKeyDescriptionAesV1>>;
    setDefaultKeyId(keyId): Promise<void>;
    store(name, secret, keys?): Promise<void>;
}

Implemented by

Methods

  • Get a secret from storage, and decrypt it.

    Parameters

    • name: string

      the name of the secret - i.e., the "event type" stored in the account data

    Returns Promise<undefined | string>

    the decrypted contents of the secret, or "undefined" if name is not found in the user's account data.

  • Get the current default key ID for encrypting secrets.

    Returns Promise<null | string>

    The default key ID or null if no default key ID is set

  • Get the key information for a given ID.

    Parameters

    • Optional keyId: null | string

      The ID of the key to check for. Defaults to the default key ID if not provided.

    Returns Promise<null | SecretStorageKeyTuple>

    If the key was found, the return value is an array of the form [keyId, keyInfo]. Otherwise, null is returned. XXX: why is this an array when addKey returns an object?

  • Check whether we have a key with a given ID.

    Parameters

    • Optional keyId: string

      The ID of the key to check for. Defaults to the default key ID if not provided.

    Returns Promise<boolean>

    Whether we have the key.

  • Store an encrypted secret on the server.

    Details of the encryption keys to be used must previously have been stored in account data (for example, via ServerSideSecretStorage#addKey.

    Parameters

    • name: string

      The name of the secret - i.e., the "event type" to be stored in the account data

    • secret: string

      The secret contents.

    • Optional keys: null | string[]

      The IDs of the keys to use to encrypt the secret, or null/undefined to use the default key (will throw if no default key is set).

    Returns Promise<void>

Generated using TypeDoc