Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CompactPKI

type CompactPKI struct {
	PrivateKeyPEM []byte
	PublicKeyPEM  []byte
	AuthorityPEM  []byte
	// contains filtered or unexported fields
}

    CompactPKI holds all PKI information

    func NewCompactPKI

    func NewCompactPKI(keyPEM, certPEM, caPEM, txKey []byte) (*CompactPKI, error)

      NewCompactPKI creates new secrets for PKI implementation based on compact encoding

      func (*CompactPKI) AckSize

      func (p *CompactPKI) AckSize() uint32

        AckSize returns the default size of an ACK packet

        func (*CompactPKI) AuthPEM

        func (p *CompactPKI) AuthPEM() []byte

          AuthPEM returns the Certificate Authority PEM

          func (*CompactPKI) DecodingKey

          func (p *CompactPKI) DecodingKey(server string, ackKey interface{}, prevKey interface{}) (interface{}, error)

            DecodingKey returns the public key

            func (*CompactPKI) EncodingKey

            func (p *CompactPKI) EncodingKey() interface{}

              EncodingKey returns the private key

              func (*CompactPKI) EncodingPEM

              func (p *CompactPKI) EncodingPEM() []byte

                EncodingPEM returns the certificate PEM that is used for encoding

                func (*CompactPKI) PublicKey

                func (p *CompactPKI) PublicKey() interface{}

                  PublicKey returns the public key

                  func (*CompactPKI) TransmittedKey

                  func (p *CompactPKI) TransmittedKey() []byte

                    TransmittedKey returns the PEM of the public key in the case of PKI if there is no certificate cache configured

                    func (*CompactPKI) TransmittedPEM

                    func (p *CompactPKI) TransmittedPEM() []byte

                      TransmittedPEM returns the PEM certificate that is transmitted

                      func (*CompactPKI) Type

                      func (p *CompactPKI) Type() PrivateSecretsType

                        Type implements the interface Secrets

                        func (*CompactPKI) VerifyPublicKey

                        func (p *CompactPKI) VerifyPublicKey(pkey []byte) (interface{}, error)

                          VerifyPublicKey verifies if the inband public key is correct.

                          type NullPKI

                          type NullPKI struct {
                          	PrivateKeyPEM []byte
                          	PublicKeyPEM  []byte
                          	AuthorityPEM  []byte
                          }

                            NullPKI holds all PKI information

                            func NewNullPKI

                            func NewNullPKI(keyPEM, certPEM, caPEM []byte) (*NullPKI, error)

                              NewNullPKI creates new secrets for PKI implementation based on compact encoding

                              func (*NullPKI) AckSize

                              func (p *NullPKI) AckSize() uint32

                                AckSize returns the default size of an ACK packet

                                func (*NullPKI) AuthPEM

                                func (p *NullPKI) AuthPEM() []byte

                                  AuthPEM returns the Certificate Authority PEM

                                  func (*NullPKI) DecodingKey

                                  func (p *NullPKI) DecodingKey(server string, ackKey interface{}, prevKey interface{}) (interface{}, error)

                                    DecodingKey returns the public key

                                    func (*NullPKI) EncodingKey

                                    func (p *NullPKI) EncodingKey() interface{}

                                      EncodingKey returns the private key

                                      func (*NullPKI) EncodingPEM

                                      func (p *NullPKI) EncodingPEM() []byte

                                        EncodingPEM returns the certificate PEM that is used for encoding

                                        func (*NullPKI) PublicKey

                                        func (p *NullPKI) PublicKey() interface{}

                                          PublicKey returns nil in this case

                                          func (*NullPKI) TransmittedKey

                                          func (p *NullPKI) TransmittedKey() []byte

                                            TransmittedKey returns the PEM of the public key in the case of PKI if there is no certificate cache configured

                                            func (*NullPKI) TransmittedPEM

                                            func (p *NullPKI) TransmittedPEM() []byte

                                              TransmittedPEM returns the PEM certificate that is transmitted

                                              func (*NullPKI) Type

                                              func (p *NullPKI) Type() PrivateSecretsType

                                                Type implements the interface Secrets

                                                func (*NullPKI) VerifyPublicKey

                                                func (p *NullPKI) VerifyPublicKey(pkey []byte) (interface{}, error)

                                                  VerifyPublicKey verifies if the inband public key is correct.

                                                  type PKISecrets

                                                  type PKISecrets struct {
                                                  	PrivateKeyPEM    []byte
                                                  	PublicKeyPEM     []byte
                                                  	AuthorityPEM     []byte
                                                  	CertificateCache map[string]*ecdsa.PublicKey
                                                  	// contains filtered or unexported fields
                                                  }

                                                    PKISecrets holds all PKI information

                                                    func NewPKISecrets

                                                    func NewPKISecrets(keyPEM, certPEM, caPEM []byte, certCache map[string]*ecdsa.PublicKey) (*PKISecrets, error)

                                                      NewPKISecrets creates new secrets for PKI implementations

                                                      func (*PKISecrets) AckSize

                                                      func (p *PKISecrets) AckSize() uint32

                                                        AckSize returns the default size of an ACK packet

                                                        func (*PKISecrets) AuthPEM

                                                        func (p *PKISecrets) AuthPEM() []byte

                                                          AuthPEM returns the Certificate Authority PEM

                                                          func (*PKISecrets) DecodingKey

                                                          func (p *PKISecrets) DecodingKey(server string, ackCert interface{}, prevCert interface{}) (interface{}, error)

                                                            DecodingKey returns the public key

                                                            func (*PKISecrets) EncodingKey

                                                            func (p *PKISecrets) EncodingKey() interface{}

                                                              EncodingKey returns the private key

                                                              func (*PKISecrets) EncodingPEM

                                                              func (p *PKISecrets) EncodingPEM() []byte

                                                                EncodingPEM returns the certificate PEM that is used for encoding

                                                                func (*PKISecrets) PublicKey

                                                                func (p *PKISecrets) PublicKey() interface{}

                                                                  PublicKey returns the public key

                                                                  func (*PKISecrets) PublicKeyAdd

                                                                  func (p *PKISecrets) PublicKeyAdd(host string, newCert []byte) error

                                                                    PublicKeyAdd validates the parameter certificate. If valid, the corresponding key is added in the PublicKeyCache. If Invalid, an error is returned.

                                                                    func (*PKISecrets) TransmittedKey

                                                                    func (p *PKISecrets) TransmittedKey() []byte

                                                                      TransmittedKey returns the PEM of the public key in the case of PKI if there is no certificate cache configured

                                                                      func (*PKISecrets) TransmittedPEM

                                                                      func (p *PKISecrets) TransmittedPEM() []byte

                                                                        TransmittedPEM returns the PEM certificate that is transmitted

                                                                        func (*PKISecrets) Type

                                                                        func (p *PKISecrets) Type() PrivateSecretsType

                                                                          Type implements the interface Secrets

                                                                          func (*PKISecrets) VerifyPublicKey

                                                                          func (p *PKISecrets) VerifyPublicKey(pkey []byte) (interface{}, error)

                                                                            VerifyPublicKey verifies if the inband public key is correct.

                                                                            type PSKSecrets

                                                                            type PSKSecrets struct {
                                                                            	SharedKey []byte
                                                                            }

                                                                              PSKSecrets holds the shared key.

                                                                              func NewPSKSecrets

                                                                              func NewPSKSecrets(psk []byte) *PSKSecrets

                                                                                NewPSKSecrets creates new PSK Secrets.

                                                                                func (*PSKSecrets) AckSize

                                                                                func (p *PSKSecrets) AckSize() uint32

                                                                                  AckSize returns the expected size of ack packets.

                                                                                  func (*PSKSecrets) AuthPEM

                                                                                  func (p *PSKSecrets) AuthPEM() []byte

                                                                                    AuthPEM returns the Certificate Authority PEM.

                                                                                    func (*PSKSecrets) DecodingKey

                                                                                    func (p *PSKSecrets) DecodingKey(server string, ackCert, prevCert interface{}) (interface{}, error)

                                                                                      DecodingKey returns the preshared key.

                                                                                      func (*PSKSecrets) EncodingKey

                                                                                      func (p *PSKSecrets) EncodingKey() interface{}

                                                                                        EncodingKey returns the pre-shared key.

                                                                                        func (*PSKSecrets) EncodingPEM

                                                                                        func (p *PSKSecrets) EncodingPEM() []byte

                                                                                          EncodingPEM returns the certificate PEM that is used for encoding.

                                                                                          func (*PSKSecrets) PublicKey

                                                                                          func (p *PSKSecrets) PublicKey() interface{}

                                                                                            PublicKey returns the public key

                                                                                            func (*PSKSecrets) TransmittedKey

                                                                                            func (p *PSKSecrets) TransmittedKey() []byte

                                                                                              TransmittedKey returns nil in the case of pre-shared key.

                                                                                              func (*PSKSecrets) TransmittedPEM

                                                                                              func (p *PSKSecrets) TransmittedPEM() []byte

                                                                                                TransmittedPEM returns the PEM certificate that is transmitted.

                                                                                                func (*PSKSecrets) Type

                                                                                                func (p *PSKSecrets) Type() PrivateSecretsType

                                                                                                  Type implements the Secrets interface.

                                                                                                  func (*PSKSecrets) VerifyPublicKey

                                                                                                  func (p *PSKSecrets) VerifyPublicKey(pkey []byte) (interface{}, error)

                                                                                                    VerifyPublicKey always returns nil for pre-shared secrets.

                                                                                                    type PrivateSecretsType

                                                                                                    type PrivateSecretsType int

                                                                                                      PrivateSecretsType identifies the different secrets that are supported

                                                                                                      const (
                                                                                                      	// PKIType  for asymmetric signing
                                                                                                      	PKIType PrivateSecretsType = iota
                                                                                                      	// PSKType  for symetric signing
                                                                                                      	PSKType
                                                                                                      	// PKICompactType is for asymetric signing using compact JWTs on the wire
                                                                                                      	PKICompactType
                                                                                                      	// PKINull is for debugging
                                                                                                      	PKINull
                                                                                                      )

                                                                                                      type Secrets

                                                                                                      type Secrets interface {
                                                                                                      	Type() PrivateSecretsType
                                                                                                      	EncodingKey() interface{}
                                                                                                      	PublicKey() interface{}
                                                                                                      	DecodingKey(server string, ackCert, prevCert interface{}) (interface{}, error)
                                                                                                      	TransmittedKey() []byte
                                                                                                      	VerifyPublicKey(pkey []byte) (interface{}, error)
                                                                                                      	AckSize() uint32
                                                                                                      }

                                                                                                        Secrets is an interface implementing Secrets