authority

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 27, 2016 License: MIT Imports: 13 Imported by: 0

Documentation

Overview

Package authority creates and manages platform certificates.

Example 
path, _ := ioutil.TempDir("", "")
keyPath := filepath.Join(path, PkeyFileName)
certPath := filepath.Join(path, RootCAFileName)

// Generate root certificate and key
v := common.MockViper("key_size", 1024, "validity", 365, "country", "UK", "organization", "DFSS", "unit", "unit", "cn", "ROOT", "path", path)
hash, err := Initialize(v, nil, nil)
if err != nil || hash == nil {
	fmt.Println(err)
	return
}

CheckFile(keyPath, "Private key")
CheckFile(certPath, "Certificate")

// Fetch files into memory
pid, err := Start(path)
if err != nil {
	fmt.Println(err)
	return
}

// Generate child certificate and key
childPath := filepath.Join(path, "child")
v = common.MockViper("key_size", 1024, "validity", 10, "country", "FR", "organization", "DFSS", "unit", "unit", "cn", "CHILD", "path", childPath)
_, err = Initialize(v, pid.RootCA, pid.Pkey)
if err != nil {
	fmt.Println(err)
	return
}

CheckFile(filepath.Join(childPath, "key.pem"), "Child private key")
CheckFile(filepath.Join(childPath, "cert.pem"), "Child certificate")

_ = os.RemoveAll(path)

Output:

Private key file has been found
Certificate file has been found
Child private key file has been found
Child certificate file has been found

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func Initialize 

func Initialize(v *viper.Viper, ca *x509.Certificate, rKey *rsa.PrivateKey) (hash []byte, err error)

Initialize creates and saves the platform's private key and root certificate to a PEM format. If ca and rKey are not nil, they will be used as the root certificate and root private key instead of creating a ones. The files are saved at the specified path by viper. The returned `hash` is the SHA-512 hash of the generated certificate.

Types

type PlatformID 

type PlatformID struct {
	Pkey   *rsa.PrivateKey
	RootCA *x509.Certificate
}

PlatformID contains platform private key and root certificate

func Start 

func Start(path string) (*PlatformID, error)

Start fetches the platform's private rsa key and root certificate, and create a PlatformID accordingly.

The specified path should not end by a separator.

The files are fetched using their default name.

type TTPHolder added in v0.3.0 

type TTPHolder struct {
	// contains filtered or unexported fields
}

TTPHolder stores available TTPs (trusted third parties)

func NewTTPHolder added in v0.3.0 

func NewTTPHolder(filename string) (*TTPHolder, error)

NewTTPHolder loads available TTPs from the specified file. The format of this file should be as-is:

<addr ttp 1>[:<port ttp 1] <SHA-512 hash of the ttp certificate (hex format)>\n ...

Example: see testdata/ttps. If an error occurs during the retrieval of the file, an empty TTPHolder will be provided. If the file is corrupted (wrong format), and error will be thrown.

func (*TTPHolder) Add added in v0.3.0 

func (h *TTPHolder) Add(addrport string, hash []byte)

Add adds the provided TTP to the TTP holder. It is thread-safe.

func (*TTPHolder) Get added in v0.3.0 

func (h *TTPHolder) Get() *api.LaunchSignature_TTP

Get returns a TTP from the TTP holder. It is thread-safe, and base on a round-robin system.

If the TTPHolder is empty, returns nil.

func (*TTPHolder) Nb added in v0.3.0 

func (h *TTPHolder) Nb() int

Nb returns the number of loaded TTP in this holder.

func (*TTPHolder) Save added in v0.3.0 

func (h *TTPHolder) Save(filename string) error

Save saves the TTP holder in a file, respecting the same format as presented in the loader.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.