trust

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 19, 2018 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source
const (
	IssSigKeyFile = "core-sig.seed" // TODO(roosd): rename "core-sig.key" -> "iss-sig.key"
	DecKeyFile    = "as-decrypt.key"
	OffKeyFile    = "offline-root.seed"
	OnKeyFile     = "online-root.seed"
	SigKeyFile    = "as-sig.seed"
)
View Source
const (
	ErrorOpen    = "Unable to load key"
	ErrorParse   = "Unable to parse key file"
	ErrorUnknown = "Unknown algorithm"
)
View Source
const RawKey = "raw"

Variables

This section is empty.

Functions

func LoadKey

func LoadKey(file string, algo string) (common.RawBytes, error)

LoadKey decodes a base64 encoded key stored in file and returns the raw bytes.

Types

type JSON

type JSON interface {
	JSON(bool) ([]byte, error)
}

type KeyConf

type KeyConf struct {
	// IssSigKey is the AS issuer signing Key.
	IssSigKey common.RawBytes
	// DecryptKey is the AS decryption key.
	DecryptKey common.RawBytes
	// OffRootKey is the AS offline root key.
	OffRootKey common.RawBytes
	// OnRootKey is the AS online root key.
	OnRootKey common.RawBytes
	// SignKey is the AS signing key.
	SignKey common.RawBytes
}

func LoadKeyConf

func LoadKeyConf(path string, issSigKey, onKey, offKey bool) (*KeyConf, error)

LoadKeyConf loads key configuration from specified path. issSigKey, onKey, offKey can be set true, to load the respective keys.

func (*KeyConf) String

func (a *KeyConf) String() string

type Store

type Store struct {
	// contains filtered or unexported fields
}

Store handles storage and management of trust objects (certificate chains and TRCs)

func NewStore

func NewStore(certDir, cacheDir, eName string) (*Store, error)

func (*Store) AddChain

func (s *Store) AddChain(chain *cert.Chain, write bool) error

AddChain adds a trusted certificate chain to the store. If write is true, the certificate chain is written to the filesystem (in case it does not already exist).

func (*Store) AddTRC

func (s *Store) AddTRC(trc *trc.TRC, write bool) error

AddTRC adds a trusted TRC to the store. If write is true, the TRC is written to the filesystem (in case it does not already exist).

func (*Store) GetChain

func (s *Store) GetChain(ia addr.IA, ver uint64) *cert.Chain

GetChain returns the certificate chain for the specified values or nil, if it is not present.

func (*Store) GetNewestChain

func (s *Store) GetNewestChain(ia addr.IA) *cert.Chain

GetNewestChain returns the certificate chain with the highest version for the specified ISD-AS.

func (*Store) GetNewestTRC

func (s *Store) GetNewestTRC(isd addr.ISD) *trc.TRC

GetNewestTRC returns the TRC with the highest version for the specified ISD or nil, if there is no TRC present for that ISD.

func (*Store) GetTRC

func (s *Store) GetTRC(isd addr.ISD, ver uint64) *trc.TRC

GetTRC returns the TRC for the specified values or nil, if it is not present.

func (*Store) GetTRCList

func (s *Store) GetTRCList() []*trc.TRC

GetTRCList returns a slice of the highest TRCs for all present ISDs.

func (*Store) VerifyChain

func (s *Store) VerifyChain(subject addr.IA, chain *cert.Chain) error

VerifyChain verifies the chain based on the TRCs present in the store.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL