pki

package
v0.0.16 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 21, 2023 License: AGPL-3.0 Imports: 7 Imported by: 51

Documentation

Overview

Package pki provides the mix network PKI related interfaces.

Index

Constants

View Source
const LayerProvider = 255

LayerProvider is the Layer that providers list in their MixDescriptors.

Variables

View Source
var (
	// ErrNoDocument is the error returned when there never will be a document
	// for a given epoch.
	ErrNoDocument = errors.New("pki: requested epoch will never get a document")

	// ErrInvalidPostEpoch is the error returned when the server rejects a
	// descriptor upload for a given epoch due to time reasons.
	ErrInvalidPostEpoch = errors.New("pki: post for epoch will never succeeed")
)

Functions

This section is empty.

Types

type Client

type Client interface {
	// Get returns the PKI document along with the raw serialized form for the provided epoch.
	Get(ctx context.Context, epoch uint64) (*Document, []byte, error)

	// Post posts the node's descriptor to the PKI for the provided epoch.
	Post(ctx context.Context, epoch uint64, signingKey *eddsa.PrivateKey, d *MixDescriptor) error

	// Deserialize returns PKI document given the raw bytes.
	Deserialize(raw []byte) (*Document, error)
}

Client is the abstract interface used for PKI interaction.

type Document

type Document struct {
	// Epoch is the epoch for which this Document instance is valid for.
	Epoch uint64

	// GenesisEpoch is the epoch on which authorities started consensus
	GenesisEpoch uint64

	// SendRatePerMinute is the number of packets per minute a client can send.
	SendRatePerMinute uint64

	// Mu is the inverse of the mean of the exponential distribution
	// that the Sphinx packet per-hop mixing delay will be sampled from.
	Mu float64

	// MuMaxDelay is the maximum Sphinx packet per-hop mixing delay in
	// milliseconds.
	MuMaxDelay uint64

	// LambdaP is the inverse of the mean of the exponential distribution
	// that clients will sample to determine the time interval between sending
	// messages from it's FIFO egress queue or drop decoy messages if the queue
	// is empty.
	LambdaP float64

	// LambdaPMaxDelay is the maximum time interval in milliseconds.
	LambdaPMaxDelay uint64

	// LambdaL is the inverse of the mean of the exponential distribution
	// that clients will sample to determine the time interval between sending
	// decoy loop messages.
	LambdaL float64

	// LambdaLMaxDelay is the maximum time interval in milliseconds.
	LambdaLMaxDelay uint64

	// LambdaD is the inverse of the mean of the exponential distribution
	// that clients will sample to determine the time interval between sending
	// decoy drop messages.
	LambdaD float64

	// LambdaDMaxDelay is the maximum time interval in milliseconds.
	LambdaDMaxDelay uint64

	// LambdaM is the inverse of the mean of the exponential distribution
	// that mixes will sample to determine send timing of mix loop decoy traffic.
	LambdaM float64

	// LambdaMMaxDelay is the maximum send interval in milliseconds.
	LambdaMMaxDelay uint64

	// Topology is the mix network topology, excluding providers.
	Topology [][]*MixDescriptor

	// Providers is the list of providers that can interact with the mix
	// network.
	Providers []*MixDescriptor

	// SharedRandomCommit used by the voting process.
	SharedRandomCommit []byte

	// SharedRandomValue produced by voting process.
	SharedRandomValue []byte

	// PriorSharedRandom used by applications that need a longer lived SRV.
	PriorSharedRandom [][]byte
}

Document is a PKI document.

func (*Document) GetMix

func (d *Document) GetMix(name string) (*MixDescriptor, error)

GetMix returns the MixDescriptor for the given mix Name.

func (*Document) GetMixByKey

func (d *Document) GetMixByKey(key []byte) (*MixDescriptor, error)

GetMixByKey returns the specific mix descriptor corresponding to the specified IdentityKey.

func (*Document) GetMixesInLayer

func (d *Document) GetMixesInLayer(layer uint8) ([]*MixDescriptor, error)

GetMixesInLayer returns all the mix descriptors for a given layer.

func (*Document) GetNode

func (d *Document) GetNode(name string) (*MixDescriptor, error)

GetNode returns the specific descriptor corresponding to the specified node Name.

func (*Document) GetNodeByKey

func (d *Document) GetNodeByKey(key []byte) (*MixDescriptor, error)

GetNodeByKey returns the specific descriptor corresponding to the specified IdentityKey.

func (*Document) GetProvider

func (d *Document) GetProvider(name string) (*MixDescriptor, error)

GetProvider returns the MixDescriptor for the given provider Name.

func (*Document) GetProviderByKey

func (d *Document) GetProviderByKey(key []byte) (*MixDescriptor, error)

GetProviderByKey returns the specific provider descriptor corresponding to the specified IdentityKey.

func (*Document) String

func (d *Document) String() string

String returns a string representation of a Document.

type MixDescriptor

type MixDescriptor struct {
	// Name is the human readable (descriptive) node identifier.
	Name string

	// IdentityKey is the node's identity (signing) key.
	IdentityKey *eddsa.PublicKey

	// LinkKey is the node's wire protocol public key.
	LinkKey *ecdh.PublicKey

	// MixKeys is a map of epochs to Sphinx keys.
	MixKeys map[uint64]*ecdh.PublicKey

	// Addresses is the map of transport to address combinations that can
	// be used to reach the node.
	Addresses map[Transport][]string

	// Kaetzchen is the map of provider autoresponder agents by capability
	// to parameters.
	Kaetzchen map[string]map[string]interface{} `json:",omitempty"`

	// RegistrationHTTPAddresses is a slice of HTTP URLs used for Provider
	// user registration. Providers of course may choose to set this to nil.
	RegistrationHTTPAddresses []string

	// Layer is the topology layer.
	Layer uint8

	// LoadWeight is the node's load balancing weight (unused).
	LoadWeight uint8
}

MixDescriptor is a description of a given Mix or Provider (node).

type Transport

type Transport string

Transport is a link transport protocol.

var (
	// TransportInvalid is the invalid transport.
	TransportInvalid Transport

	// TransportTCP is TCP, with the IP version determined by the results of
	// a name server lookup.
	TransportTCP Transport = "tcp"

	// TransportTCPv4 is TCP over IPv4.
	TransportTCPv4 Transport = "tcp4"

	// TransportTCPv6 is TCP over IPv6.
	TransportTCPv6 Transport = "tcp6"

	// InternalTransports is the list of transports used for non-client related
	// communications.
	InternalTransports = []Transport{TransportTCPv4, TransportTCPv6}

	// ClientTransports is the list of transports used by default for client
	// to provider communication.
	ClientTransports = []Transport{TransportTCP, TransportTCPv4, TransportTCPv6}
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL