exchange

Documentation

Overview

Package exchange provides high-level interface to generate signed exchanges.

Index

• Constants
• Variables
• func ReadExchangeFile(filename string) (*signedexchange.Exchange, error)
• type Config
• type Factory
  • func NewFactory(c Config) *Factory
  • func (fty *Factory) Get() (*Factory, error)
  • func (fty *Factory) NewExchange(resp *Response, vp ValidPeriod, validityURL *url.URL) (*signedexchange.Exchange, error)
  • func (fty *Factory) Verify(e *signedexchange.Exchange, date time.Time) ([]byte, error)
• type FactoryProvider
• type Response
  • func NewResponse(resp *http.Response) (*Response, error)
  • func (resp *Response) AddPreload(p *preload.Preload) bool
  • func (resp *Response) GetFullHeader(keepNonSXGPreloads bool) http.Header
• type ValidPeriod
  • func NewValidPeriod(date, expires time.Time) ValidPeriod
  • func NewValidPeriodWithLifetime(date time.Time, lifetime time.Duration) ValidPeriod
  • func (vp ValidPeriod) Contains(t time.Time) bool
  • func (vp ValidPeriod) Date() time.Time
  • func (vp ValidPeriod) Expires() time.Time
  • func (vp ValidPeriod) Lifetime() time.Duration
  • func (vp ValidPeriod) String() string

Examples

• ValidPeriod.Contains

Constants

const (
	DefaultVersion      = version.Version1b3
	DefaultMIRecordSize = 16384
)

These are the default values in Config.

const (
	// See htmltask.ExtractSubContentTypes.
	SubContentType = "Webpackager-Sub-Content-Type"
)

These are keys used in ExtraData. They are prefixed with "X-WebPackager" to avoid confusion with real HTTP headers.

Variables

var DefaultCertURL = urlutil.MustParse("/cert.cbor")

DefaultCertURL is the default value for CertURL in Config.

Functions

func ReadExchangeFile

func ReadExchangeFile(filename string) (*signedexchange.Exchange, error)

ReadExchangeFile reads a signed exchange from a file.

Types

type Config

type Config struct {
	// Version specifies the signed exchange version. If Version is empty,
	// Factory uses DefaultVersion.
	Version version.Version

	// MIRecordSize specifies Merkle Integrity record size. The value must
	// be positive, or zero to use DefaultMIRecordSize. It must not exceed
	// 16384 (16 KiB) to be compliant with the specification.
	MIRecordSize int

	// CertChain specifies the certificate chain. CertChain may not be nil.
	CertChain *certchain.AugmentedChain

	// CertURL specifies the cert-url parameter in the signature. It can be
	// relative, in which case Factory resolves the absolute URL using
	// the request URL. It should still usually contain an absolute path
	// (e.g. "/cert.cbor", not "cert.cbor"). If CertURL is nil, Factory uses
	// DefaultCertURL.
	CertURL *url.URL

	// PrivateKey specifies the private key used for signing. PrivateKey may
	// not be nil.
	PrivateKey crypto.PrivateKey

	// KeepNonSXGPreloads instructs Factory to include preload link headers
	// that don't have the corresponding allowed-alt-sxg with a valid
	// header-integrity.
	KeepNonSXGPreloads bool
}

Config holds the parameters to produce signed exchanges.

type Factory

type Factory struct {
	Config
}

Factory produces and verifies signed exchanges.

func NewFactory

func NewFactory(c Config) *Factory

NewFactory creates and initializes a new Factory. It panics if c.CertChain or c.PrivateKey is nil.

func (*Factory) Get

func (fty *Factory) Get() (*Factory, error)

Get returns fty. It implements FactoryProvider and allows Factory to be set directory to ExchangeFactory in webpackager.Config.

func (*Factory) NewExchange

func (fty *Factory) NewExchange(resp *Response, vp ValidPeriod, validityURL *url.URL) (*signedexchange.Exchange, error)

NewExchange generates a signed exchange from resp, vp, and validityURL.

func (*Factory) Verify

func (fty *Factory) Verify(e *signedexchange.Exchange, date time.Time) ([]byte, error)

Verify validates the provided signed exchange e at the provided date. It returns the payload decoded from e on success.

type FactoryProvider

type FactoryProvider interface {
	Get() (*Factory, error)
}

FactoryProvider provides Factory.

type Response

type Response struct {
	// Response represents the HTTP response this instance is constructed
	// from. Body has been read into Payload and closed. Other fields may
	// also be mutated by processors (Header in particular).
	*http.Response

	// Payload is the content read from Response.Body and possibly modified
	// by processors.
	Payload []byte

	// Preloads represents preload links to add to HTTP headers.
	Preloads []*preload.Preload

	// ExtraData contains information extracted from this Response and
	// used inside the program. Processors extract information and append
	// it with an arbitrary key. Subsequent processors, ValidPeriodRules,
	// and ValidityURLRules can reference the information using that key.
	//
	// The signed exchange will not include ExtraData.
	ExtraData http.Header
}

Response represents a pre-signed HTTP exchange to make a signed exchange from. It is essentially a wrapper around http.Response. Note the request is accessible through http.Response.

func NewResponse

func NewResponse(resp *http.Response) (*Response, error)

NewResponse creates and initializes a new Response wrapping resp. The new Response takes the ownership of resp: the caller should not use resp after this call.

func (*Response) AddPreload

func (resp *Response) AddPreload(p *preload.Preload) bool

AddPreload adds p to resp.Preloads if p is not already in resp.Preloads, and reports whether p was added. It considers Preloads to be equal when their Links are equal.

func (*Response) GetFullHeader

func (resp *Response) GetFullHeader(keepNonSXGPreloads bool) http.Header

GetFullHeader returns a new http.Header containing all header items from resp.Header and resp.Preloads. GetFullHeader makes a deep copy of resp.Header, thus does not mutate it.

type ValidPeriod

type ValidPeriod struct {
	// contains filtered or unexported fields
}

ValidPeriod represents the period the signed exchange is valid for.

func NewValidPeriod

func NewValidPeriod(date, expires time.Time) ValidPeriod

NewValidPeriod creates and initializes a new ValidPeriod from the date and expires parameters.

func NewValidPeriodWithLifetime

func NewValidPeriodWithLifetime(date time.Time, lifetime time.Duration) ValidPeriod

NewValidPeriodWithLifetime creates and initializes a new ValidPeriod from the date parameter and the lifetime.

func (ValidPeriod) Contains

func (vp ValidPeriod) Contains(t time.Time) bool

Contains reports whether t is neither before the date parameter nor after the expires parameter. In other words, Contains returns true if t is between the date and expires parameters, both inclusive.

Example

package main

import (
	"fmt"
	"time"

	"github.com/google/webpackager/exchange"
)

func main() {
	date := time.Date(2019, time.October, 1, 10, 30, 0, 0, time.UTC)
	expires := time.Date(2019, time.October, 2, 10, 30, 0, 0, time.UTC)

	vp := exchange.NewValidPeriod(date, expires)

	fmt.Println(vp.Contains(time.Date(2019, time.October, 1, 10, 29, 0, 0, time.UTC)))
	fmt.Println(vp.Contains(time.Date(2019, time.October, 1, 10, 30, 0, 0, time.UTC)))
	fmt.Println(vp.Contains(time.Date(2019, time.October, 1, 22, 30, 0, 0, time.UTC)))
	fmt.Println(vp.Contains(time.Date(2019, time.October, 2, 10, 30, 0, 0, time.UTC)))
	fmt.Println(vp.Contains(time.Date(2019, time.October, 2, 10, 31, 0, 0, time.UTC)))
}

Output:

false
true
true
true
false

func (ValidPeriod) Date

func (vp ValidPeriod) Date() time.Time

Date returns the date parameter, when the signed exchange is produced.

func (ValidPeriod) Expires

func (vp ValidPeriod) Expires() time.Time

Expires returns the expires parameter, when the signed exchange gets expired.

func (ValidPeriod) Lifetime

func (vp ValidPeriod) Lifetime() time.Duration

Lifetime returns the duration between the date and expires parameters.

func (ValidPeriod) String

func (vp ValidPeriod) String() string

String returns a human-readable string.