Documentation
¶
Index ¶
- Variables
- func CreateCardCertificate(cardPubKey *ecdsa.PublicKey, signKeyFunc func([]byte) ([]byte, error)) ([]byte, error)
- func GetSignerWithPrivateKey(privKey ecdsa.PrivateKey) func([]byte) ([]byte, error)
- func SignWithDemoKey(cert []byte) ([]byte, error)
- func SignWithYubikeyFunc(slot int, password string) func([]byte) ([]byte, error)
- func ValidateCardCertificate(cert CardCertificate, CAPubKey []byte) error
- type CardCertificate
- type CertPermissions
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrInvalidCert = errors.New("certificate signature was invalid")
View Source
var PhononAlphaCAPubKey = []byte{
0x04,
0x72, 0xd5, 0x8c, 0x1e, 0xc4, 0x8f, 0x00, 0x72,
0xeb, 0xc3, 0x97, 0x12, 0xa8, 0xec, 0x74, 0xe5,
0xa4, 0x58, 0x19, 0x31, 0xd6, 0xff, 0xe5, 0x97,
0xb6, 0x45, 0x9b, 0x46, 0x3c, 0x87, 0xfc, 0xe1,
0x59, 0xb8, 0xe1, 0xae, 0x40, 0xc3, 0x83, 0xcd,
0xae, 0x78, 0xaa, 0xdf, 0xff, 0xb0, 0x83, 0x91,
0x7c, 0x91, 0x1c, 0x3f, 0x9d, 0x75, 0xa5, 0xf1,
0xa9, 0x24, 0xb6, 0x27, 0xf1, 0x5d, 0xec, 0x51,
}
View Source
var PhononDemoCAPubKey = []byte{
0x04,
0x5c, 0xfd, 0xf7, 0x7a, 0x00, 0xb4, 0xb6, 0xb4,
0xa5, 0xb8, 0xbb, 0x26, 0xb5, 0x49, 0x7d, 0xbc,
0x7a, 0x4d, 0x01, 0xcb, 0xef, 0xd7, 0xaa, 0xea,
0xf5, 0xf6, 0xf8, 0xf8, 0x86, 0x59, 0x76, 0xe7,
0x94, 0x1a, 0xb0, 0xec, 0x16, 0x51, 0x20, 0x9c,
0x44, 0x40, 0x09, 0xfd, 0x48, 0xd9, 0x25, 0xa1,
0x7d, 0xe5, 0x04, 0x0b, 0xa4, 0x7e, 0xaf, 0x3f,
0x5b, 0x51, 0x72, 0x0d, 0xd4, 0x0b, 0x2f, 0x9d,
}
Dev cert CA Key
View Source
var PhononMockCAPrivKey = []byte{
0xab, 0x7e, 0xa6, 0xe2, 0xa6, 0xcf, 0x1c, 0x7f,
0xb4, 0xb8, 0x5b, 0x43, 0xba, 0x47, 0x2a, 0x85,
0xfd, 0x94, 0xd6, 0x9b, 0x67, 0xfa, 0xce, 0x7a,
0x9a, 0x07, 0xcd, 0xde, 0x16, 0x85, 0xd8, 0x3b,
}
View Source
var PhononMockCAPubKey = []byte{
0x04,
0xa0, 0x48, 0xd2, 0x7a, 0xe0, 0x10, 0xeb, 0x05,
0x82, 0x32, 0x25, 0xd9, 0x8a, 0x00, 0xf8, 0x19,
0xe7, 0x93, 0x88, 0x08, 0xf4, 0x04, 0x40, 0x0b,
0x4a, 0x8b, 0x66, 0xc3, 0x09, 0xa7, 0x54, 0x15,
0x80, 0x81, 0xc8, 0x09, 0x3b, 0x49, 0x19, 0xe4,
0x13, 0x69, 0x48, 0x33, 0xc1, 0x60, 0xe7, 0xcf,
0x3b, 0x77, 0x92, 0xd6, 0x73, 0x8c, 0xce, 0x54,
0x6b, 0xf0, 0x67, 0x99, 0x7b, 0x18, 0x0f, 0x11,
}
Additional CA Key for testing purposes
Functions ¶
func CreateCardCertificate ¶
func CreateCardCertificate(cardPubKey *ecdsa.PublicKey, signKeyFunc func([]byte) ([]byte, error)) ([]byte, error)
Create a card certificate, signing with the key supplied in the signKeyFunc
func GetSignerWithPrivateKey ¶
func GetSignerWithPrivateKey(privKey ecdsa.PrivateKey) func([]byte) ([]byte, error)
func SignWithDemoKey ¶
func SignWithYubikeyFunc ¶
func ValidateCardCertificate ¶
func ValidateCardCertificate(cert CardCertificate, CAPubKey []byte) error
Accepts a safecard certificate and validates it against the provided CA PubKey Safecard CA's provided by SafecardProdCAPubKey or SafecardDevCAPubKey for the respective environments
Types ¶
type CardCertificate ¶
type CardCertificate struct {
Permissions CertPermissions
PubKey []byte
Sig []byte
}
func ParseRawCardCertificate ¶
func ParseRawCardCertificate(cardCertificateRaw []byte) (cert CardCertificate, err error)
func (CardCertificate) Digest ¶
func (cert CardCertificate) Digest() []byte
Digest the certificate data, permissions and pubkey into bytes This is the set of bytes used to sign and validate the certificate (skips the first two bytes for cert type and length)
func (CardCertificate) Serialize ¶
func (cert CardCertificate) Serialize() []byte
Serialize the full certificate, including the cert type and length which are unused in the certificate signature
func (CardCertificate) String ¶
func (cert CardCertificate) String() string
type CertPermissions ¶
type CertPermissions struct {
// contains filtered or unexported fields
}
Source Files
Click to show internal directories.
Click to hide internal directories.