Documentation ¶
Overview ¶
Package protocol implements the core of the Roughtime protocol.
Index ¶
- Constants
- func CalculateChainNonce(nonce, prevReply, blind []byte)
- func CreateReplies(ver Version, nonces [][]byte, midpoint time.Time, radius time.Duration, ...) ([][]byte, error)
- func CreateRequest(versionPreference []Version, rand io.Reader, prevReply []byte) (nonce, blind []byte, request []byte, err error)
- func Decode(bytes []byte) (map[uint32][]byte, error)
- func Encode(msg map[uint32][]byte) ([]byte, error)
- func VerifyReply(versionPreference []Version, replyBytes, publicKey []byte, nonce []byte) (midp time.Time, radi time.Duration, err error)
- type Certificate
- type Error
- type ErrorType
- type Version
Constants ¶
const (
// MinRequestSize is the minimum number of bytes in a request.
MinRequestSize = 1024
)
Variables ¶
This section is empty.
Functions ¶
func CalculateChainNonce ¶
func CalculateChainNonce(nonce, prevReply, blind []byte)
CalculateChainNonce fills the `nonce` buffer with the nonce used in the next request in a chain given a reply and a blinding factor. The length of the buffer is expected to match the nonce length for the protocol version.
func CreateReplies ¶
func CreateReplies(ver Version, nonces [][]byte, midpoint time.Time, radius time.Duration, cert *Certificate, privateKey []byte) ([][]byte, error)
CreateReplies signs, using privateKey, a batch of nonces along with the given time and radius. It returns one reply for each nonce using that signature and includes cert in each.
The same version is indicated in each reply. It's the callers responsibility to ensure that each client supports this version.
func CreateRequest ¶
func CreateRequest(versionPreference []Version, rand io.Reader, prevReply []byte) (nonce, blind []byte, request []byte, err error)
CreateRequest creates a Roughtime request given an entropy source and the contents of a previous reply for chaining. If this request is the first of a chain, prevReply can be empty. It returns the nonce (needed to verify the reply), the blind (needed to prove correct chaining to an external party) and the request itself.
func Encode ¶
Encode converts a map of tags to bytestrings into an encoded message. The number of elements in msg and the sum of the lengths of all the bytestrings must be ≤ 2**32.
func VerifyReply ¶
func VerifyReply(versionPreference []Version, replyBytes, publicKey []byte, nonce []byte) (midp time.Time, radi time.Duration, err error)
VerifyReply parses the Roughtime reply in replyBytes, authenticates it using publicKey and verifies that nonce is included in it. It returns the included timestamp and radius.
Types ¶
type Certificate ¶
type Certificate struct {
// contains filtered or unexported fields
}
func NewCertificate ¶
func NewCertificate(minTime, maxTime time.Time, publicKey, rootPrivateKey []byte) (cert *Certificate, err error)
NewCertificate returns a signed certificate, using rootPrivateKey, delegating authority for the given timestamp to publicKey.
func (*Certificate) BytesForVersion ¶
func (cert *Certificate) BytesForVersion(ver Version) []byte
BytesForVersion returns a serialized certificate compatible with the given version. Legacy clients (Google-Roughtime) expect a non-standard encoding of the MINT and MAXT fields.
type Error ¶
type Error struct { // Type is the error type. Type ErrorType // Info includes optional info. Info string }
Error represents a protocol error.
type Version ¶
type Version uint32
Version indicates the version of the Roughtime protocol in use.
const ( // VersionGoogle is Google-Roughtime as described here: // https://roughtime.googlesource.com/roughtime/+/HEAD/PROTOCOL.md VersionGoogle Version = 0 // VersionDraft08 is draft-ietf-ntp-roughtime-08 VersionDraft08 Version = 0x80000008 )
func HandleRequest ¶
HandleRequest resolves the supported versions indicated by the client and parses the values required to produce a response.
func ResponseVersionFromSupported ¶
ResponseVersionFromSupported selects a version to use from the list of versions supported by the clients. Returns an error if the input slice is zero-length.