Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	CAPEM = `` /* 618-byte string literal not displayed */

	CAKeyPEM = `` /* 226-byte string literal not displayed */

	PrivateKeyPEM = `` /* 226-byte string literal not displayed */

	PublicPEM = `` /* 647-byte string literal not displayed */

)

    Certs

    Functions

    func CreateTxtToken

    func CreateTxtToken() []byte

      CreateTxtToken creates a transmitter token

      Types

      type CompactPKI

      type CompactPKI struct {
      	PrivateKeyPEM []byte
      	PublicKeyPEM  []byte
      	AuthorityPEM  []byte
      	TokenKeyPEMs  [][]byte
      	Compressed    claimsheader.CompressionType
      	// contains filtered or unexported fields
      }

        CompactPKI holds all PKI information

        func NewCompactPKI

        func NewCompactPKI(keyPEM []byte, certPEM []byte, caPEM []byte, txKey []byte, compress claimsheader.CompressionType) (*CompactPKI, error)

          NewCompactPKI creates new secrets for PKI implementation based on compact encoding

          func NewCompactPKIWithTokenCA

          func NewCompactPKIWithTokenCA(keyPEM []byte, certPEM []byte, caPEM []byte, tokenKeyPEMs [][]byte, txKey []byte, compress claimsheader.CompressionType) (*CompactPKI, error)

            NewCompactPKIWithTokenCA creates new secrets for PKI implementation based on compact encoding.

            keyPEM: is the private key that will be used for signing tokens formated as a PEM file.
            certPEM: is the public key that will be used formated as a PEM file.
            tokenKeyPEMs: is a list of public keys that can be used to verify the public token that
                          that is transmitted over the wire. These are essentially the public CA PEMs
                          that were used to sign the txtKey
            txKey: is the public key that is send over the wire.
            compressionType: is packed with the secrets to indicate compression.
            

            func (*CompactPKI) AckSize

            func (p *CompactPKI) AckSize() uint32

              AckSize returns the default size of an ACK packet

              func (*CompactPKI) EncodingKey

              func (p *CompactPKI) EncodingKey() interface{}

                EncodingKey returns the private key

                func (*CompactPKI) KeyAndClaims

                func (p *CompactPKI) KeyAndClaims(pkey []byte) (interface{}, []string, time.Time, error)

                  KeyAndClaims returns both the key and any attributes associated with the public key.

                  func (*CompactPKI) PublicKey

                  func (p *CompactPKI) PublicKey() interface{}

                    PublicKey returns the public key

                    func (*CompactPKI) PublicSecrets

                    func (p *CompactPKI) PublicSecrets() PublicSecrets

                      PublicSecrets returns the secrets that are marshallable over the RPC interface.

                      func (*CompactPKI) TransmittedKey

                      func (p *CompactPKI) TransmittedKey() []byte

                        TransmittedKey returns the PEM of the public key in the case of PKI if there is no certificate cache configured

                        func (*CompactPKI) Type

                        func (p *CompactPKI) Type() PrivateSecretsType

                          Type implements the interface Secrets

                          type CompactPKIPublicSecrets

                          type CompactPKIPublicSecrets struct {
                          	Type        PrivateSecretsType
                          	Key         []byte
                          	Certificate []byte
                          	CA          []byte
                          	TokenCAs    [][]byte
                          	Token       []byte
                          	Compressed  claimsheader.CompressionType
                          }

                            CompactPKIPublicSecrets includes all the secrets that can be transmitted over the RPC interface.

                            func (*CompactPKIPublicSecrets) CertAuthority

                            func (p *CompactPKIPublicSecrets) CertAuthority() []byte

                              CertAuthority returns the cert authority

                              func (*CompactPKIPublicSecrets) SecretsType

                                SecretsType returns the type of secrets.

                                type LockedSecrets

                                type LockedSecrets interface {
                                	Secrets() (Secrets, func())
                                }

                                  LockedSecrets provides a way to use secrets where shared read access is required. The user becomes responsible for unlocking when done using them. The implementation should lock the access to secrets for reading, and pass down the function for unlocking.

                                  type NullPKI

                                  type NullPKI struct {
                                  	PrivateKeyPEM []byte
                                  	PublicKeyPEM  []byte
                                  	AuthorityPEM  []byte
                                  }

                                    NullPKI holds all PKI information

                                    func NewNullPKI

                                    func NewNullPKI(keyPEM, certPEM, caPEM []byte) (*NullPKI, error)

                                      NewNullPKI creates new secrets for PKI implementation based on compact encoding

                                      func (*NullPKI) AckSize

                                      func (p *NullPKI) AckSize() uint32

                                        AckSize returns the default size of an ACK packet

                                        func (*NullPKI) EncodingKey

                                        func (p *NullPKI) EncodingKey() interface{}

                                          EncodingKey returns the private key

                                          func (*NullPKI) KeyAndClaims

                                          func (p *NullPKI) KeyAndClaims(pkey []byte) (interface{}, []string, time.Time, error)

                                            KeyAndClaims returns both the key and any attributes associated with the public key.

                                            func (*NullPKI) PublicKey

                                            func (p *NullPKI) PublicKey() interface{}

                                              PublicKey returns nil in this case

                                              func (*NullPKI) PublicSecrets

                                              func (p *NullPKI) PublicSecrets() PublicSecrets

                                                PublicSecrets returns the secrets that are marshallable over the RPC interface.

                                                func (*NullPKI) TransmittedKey

                                                func (p *NullPKI) TransmittedKey() []byte

                                                  TransmittedKey returns the PEM of the public key in the case of PKI if there is no certificate cache configured

                                                  func (*NullPKI) Type

                                                  func (p *NullPKI) Type() PrivateSecretsType

                                                    Type implements the interface Secrets

                                                    type NullPublicSecrets

                                                    type NullPublicSecrets struct {
                                                    	Type PrivateSecretsType
                                                    }

                                                      NullPublicSecrets includes all the secrets that can be transmitted over the RPC interface.

                                                      func (*NullPublicSecrets) CertAuthority

                                                      func (p *NullPublicSecrets) CertAuthority() []byte

                                                        CertAuthority returns the cert authority - N/A to PSK

                                                        func (*NullPublicSecrets) SecretsType

                                                        func (p *NullPublicSecrets) SecretsType() PrivateSecretsType

                                                          SecretsType returns the type of secrets.

                                                          type PrivateSecretsType

                                                          type PrivateSecretsType int

                                                            PrivateSecretsType identifies the different secrets that are supported

                                                            const (
                                                            	// PKICompactType is for asymetric signing using compact JWTs on the wire
                                                            	PKICompactType PrivateSecretsType = iota
                                                            	// PKINull is for debugging
                                                            	PKINull
                                                            )

                                                            type PublicKeyAdder

                                                            type PublicKeyAdder interface {
                                                            
                                                            	// PublicKeyAdd adds the given cert for the given host.
                                                            	PublicKeyAdd(host string, cert []byte) error
                                                            }

                                                              PublicKeyAdder register a publicKey for a Node.

                                                              type PublicSecrets

                                                              type PublicSecrets interface {
                                                              	SecretsType() PrivateSecretsType
                                                              	CertAuthority() []byte
                                                              }

                                                                PublicSecrets is an interface of the data structures of the secrets that can be transmitted over the RPC interface to the remotes.

                                                                type Secrets

                                                                type Secrets interface {
                                                                	// Type must return the type of the secrets as defined in the PrivateSecretsType
                                                                	Type() PrivateSecretsType
                                                                	// EncodingKey returns the key used to encode the tokens.
                                                                	EncodingKey() interface{}
                                                                	// PublicKey returns the public ket of the secrets.
                                                                	PublicKey() interface{}
                                                                	// TransmittedKey returns the public key as a byte slice and as it is transmitted
                                                                	// on the wire.
                                                                	TransmittedKey() []byte
                                                                	// KeyAndClaims will verify the public key and return any claims that are part of the key.
                                                                	KeyAndClaims(pkey []byte) (interface{}, []string, time.Time, error)
                                                                	// AckSize calculates the size of the ACK packet based on the keys.
                                                                	AckSize() uint32
                                                                	// PublicSecrets returns the PEM formated secrets to be transmitted over the RPC interface.
                                                                	PublicSecrets() PublicSecrets
                                                                }

                                                                  Secrets is an interface implementing secrets

                                                                  func CreateCompactPKITestSecrets

                                                                  func CreateCompactPKITestSecrets() (*x509.Certificate, Secrets, error)

                                                                    CreateCompactPKITestSecrets creates test secrets

                                                                    func NewSecrets

                                                                    func NewSecrets(s PublicSecrets) (Secrets, error)

                                                                      NewSecrets creates a new set of secrets based on the type.