1*e7b1675dSTing-Kang Chang// Copyright 2022 Google LLC 2*e7b1675dSTing-Kang Chang// 3*e7b1675dSTing-Kang Chang// Licensed under the Apache License, Version 2.0 (the "License"); 4*e7b1675dSTing-Kang Chang// you may not use this file except in compliance with the License. 5*e7b1675dSTing-Kang Chang// You may obtain a copy of the License at 6*e7b1675dSTing-Kang Chang// 7*e7b1675dSTing-Kang Chang// http://www.apache.org/licenses/LICENSE-2.0 8*e7b1675dSTing-Kang Chang// 9*e7b1675dSTing-Kang Chang// Unless required by applicable law or agreed to in writing, software 10*e7b1675dSTing-Kang Chang// distributed under the License is distributed on an "AS IS" BASIS, 11*e7b1675dSTing-Kang Chang// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*e7b1675dSTing-Kang Chang// See the License for the specific language governing permissions and 13*e7b1675dSTing-Kang Chang// limitations under the License. 14*e7b1675dSTing-Kang Chang// 15*e7b1675dSTing-Kang Chang//////////////////////////////////////////////////////////////////////////////// 16*e7b1675dSTing-Kang Chang 17*e7b1675dSTing-Kang Chang// Package monitoring defines the structs and interfaces for monitoring primitives with Tink. 18*e7b1675dSTing-Kang Chang// This package isn't yet production ready and might go through various changes. 19*e7b1675dSTing-Kang Changpackage monitoring 20*e7b1675dSTing-Kang Chang 21*e7b1675dSTing-Kang Chang// KeyStatus represents KeyStatusType in tink/proto/tink.proto. 22*e7b1675dSTing-Kang Changtype KeyStatus int 23*e7b1675dSTing-Kang Chang 24*e7b1675dSTing-Kang Changconst ( 25*e7b1675dSTing-Kang Chang // Enabled keys can be used for cryptographic operations. 26*e7b1675dSTing-Kang Chang Enabled KeyStatus = iota 27*e7b1675dSTing-Kang Chang // Disabled keys can't be used, but can be re-enabled. 28*e7b1675dSTing-Kang Chang Disabled 29*e7b1675dSTing-Kang Chang // Destroyed keys don't exist in the keyset anymore. 30*e7b1675dSTing-Kang Chang Destroyed 31*e7b1675dSTing-Kang Chang 32*e7b1675dSTing-Kang Chang // DoNotUse is intended to guard from failures that may be caused by future expansions. 33*e7b1675dSTing-Kang Chang DoNotUse KeyStatus = 20 34*e7b1675dSTing-Kang Chang) 35*e7b1675dSTing-Kang Chang 36*e7b1675dSTing-Kang Changfunc (status KeyStatus) String() string { 37*e7b1675dSTing-Kang Chang switch status { 38*e7b1675dSTing-Kang Chang case Enabled: 39*e7b1675dSTing-Kang Chang return "ENABLED" 40*e7b1675dSTing-Kang Chang case Disabled: 41*e7b1675dSTing-Kang Chang return "DISABLED" 42*e7b1675dSTing-Kang Chang case Destroyed: 43*e7b1675dSTing-Kang Chang return "DESTROYED" 44*e7b1675dSTing-Kang Chang } 45*e7b1675dSTing-Kang Chang return "UNKNOWN" 46*e7b1675dSTing-Kang Chang} 47*e7b1675dSTing-Kang Chang 48*e7b1675dSTing-Kang Chang// Entry represents each entry inside a Keyset. 49*e7b1675dSTing-Kang Changtype Entry struct { 50*e7b1675dSTing-Kang Chang Status KeyStatus 51*e7b1675dSTing-Kang Chang KeyID uint32 52*e7b1675dSTing-Kang Chang KeyType string 53*e7b1675dSTing-Kang Chang KeyPrefix string 54*e7b1675dSTing-Kang Chang} 55*e7b1675dSTing-Kang Chang 56*e7b1675dSTing-Kang Chang// KeysetInfo represents a keyset in a certain point in time for the 57*e7b1675dSTing-Kang Chang// purpose of monitoring operations involving cryptographic keys. 58*e7b1675dSTing-Kang Changtype KeysetInfo struct { 59*e7b1675dSTing-Kang Chang Annotations map[string]string 60*e7b1675dSTing-Kang Chang PrimaryKeyID uint32 61*e7b1675dSTing-Kang Chang Entries []*Entry 62*e7b1675dSTing-Kang Chang} 63*e7b1675dSTing-Kang Chang 64*e7b1675dSTing-Kang Chang// NewKeysetInfo creates a new KeysetInfo. 65*e7b1675dSTing-Kang Changfunc NewKeysetInfo(annotations map[string]string, primaryKeyID uint32, entries []*Entry) *KeysetInfo { 66*e7b1675dSTing-Kang Chang return &KeysetInfo{ 67*e7b1675dSTing-Kang Chang Annotations: annotations, 68*e7b1675dSTing-Kang Chang PrimaryKeyID: primaryKeyID, 69*e7b1675dSTing-Kang Chang Entries: entries, 70*e7b1675dSTing-Kang Chang } 71*e7b1675dSTing-Kang Chang} 72*e7b1675dSTing-Kang Chang 73*e7b1675dSTing-Kang Chang// Context defines a context for monitoring events, wich includes the 74*e7b1675dSTing-Kang Chang// primitive and API used, and information on the keyset. 75*e7b1675dSTing-Kang Changtype Context struct { 76*e7b1675dSTing-Kang Chang Primitive string 77*e7b1675dSTing-Kang Chang APIFunction string 78*e7b1675dSTing-Kang Chang KeysetInfo *KeysetInfo 79*e7b1675dSTing-Kang Chang} 80*e7b1675dSTing-Kang Chang 81*e7b1675dSTing-Kang Chang// NewContext creates a new monitoring context. 82*e7b1675dSTing-Kang Changfunc NewContext(primitive string, apiFunction string, keysetInfo *KeysetInfo) *Context { 83*e7b1675dSTing-Kang Chang return &Context{ 84*e7b1675dSTing-Kang Chang Primitive: primitive, 85*e7b1675dSTing-Kang Chang APIFunction: apiFunction, 86*e7b1675dSTing-Kang Chang KeysetInfo: keysetInfo, 87*e7b1675dSTing-Kang Chang } 88*e7b1675dSTing-Kang Chang} 89*e7b1675dSTing-Kang Chang 90*e7b1675dSTing-Kang Chang// Logger is an interface for logging which can be created through a `Client`. 91*e7b1675dSTing-Kang Chang// monitoring clients are invoked by Tink during cryptographic operations to emit 92*e7b1675dSTing-Kang Chang// certain events. 93*e7b1675dSTing-Kang Changtype Logger interface { 94*e7b1675dSTing-Kang Chang // Logs a successful use of `keyID` on an input of `numBytes`. Tink primitive 95*e7b1675dSTing-Kang Chang // wrappers call this method when they successfully use a key to carry out a 96*e7b1675dSTing-Kang Chang // primitive method, e.g. aead.Encrypt(). As a consequence, implementations of 97*e7b1675dSTing-Kang Chang // MonitoringClient should be mindful on the amount of work performed by this 98*e7b1675dSTing-Kang Chang // method, as this will be called on each cryptographic operation. Implementations 99*e7b1675dSTing-Kang Chang // of MonitoringClient are responsible to add context to identify, e.g., the 100*e7b1675dSTing-Kang Chang // primitive and the API function. 101*e7b1675dSTing-Kang Chang Log(keyID uint32, numBytes int) 102*e7b1675dSTing-Kang Chang 103*e7b1675dSTing-Kang Chang // Logs a failure. Tink calls this method when a cryptographic operation 104*e7b1675dSTing-Kang Chang // failed, e.g. no key could be found to decrypt a ciphertext. In this 105*e7b1675dSTing-Kang Chang // case the failure is not associated with a specific key, therefore this 106*e7b1675dSTing-Kang Chang // method has no arguments. The MonitoringClient implementation is responsible 107*e7b1675dSTing-Kang Chang // to add context to identify where the failure comes from. 108*e7b1675dSTing-Kang Chang LogFailure() 109*e7b1675dSTing-Kang Chang} 110*e7b1675dSTing-Kang Chang 111*e7b1675dSTing-Kang Chang// Client represents an interface to hold monitoring client context to create a `Logger`. 112*e7b1675dSTing-Kang Chang// A Client is registered with Tink's registry and used by primitives to obtain a `Logger`. 113*e7b1675dSTing-Kang Changtype Client interface { 114*e7b1675dSTing-Kang Chang NewLogger(context *Context) (Logger, error) 115*e7b1675dSTing-Kang Chang} 116