Documentation ¶
Index ¶
- func AddHandlers(s *Services)
- func EmptyToBuffer(f *bytes.Buffer) error
- func HandlerAddKeys(s *Services) http.HandlerFunc
- func HandlerRegister(s *Services) http.HandlerFunc
- func HandlerSigner(s *Services) http.HandlerFunc
- func HandlerSigners(s *Services) http.HandlerFunc
- func HandlerVerify(s *Services) http.HandlerFunc
- type AWS
- type ByteArray
- type Configuration
- type Crypto
- type Keys
- type KeysWithDomain
- type Local
- type Marshaler
- type OWID
- func FromBase64(value string, m Marshaler) (*OWID, error)
- func FromBuffer(b *bytes.Buffer, target Marshaler) (*OWID, error)
- func FromByteArray(data []byte, m Marshaler) (*OWID, error)
- func FromForm(q *url.Values, key string, target Marshaler) (*OWID, error)
- func NewUnsignedOwid(domain string, date time.Time, target Marshaler) (*OWID, error)
- func (o *OWID) AgeInMinutes() int
- func (o *OWID) AsBase64() (string, error)
- func (o *OWID) AsString() string
- func (o *OWID) FromBuffer(b *bytes.Buffer) error
- func (o *OWID) GetTimeStampInMinutes() uint32
- func (o *OWID) MarshalBinary() ([]byte, error)
- func (o *OWID) MarshalJSON() ([]byte, error)
- func (o *OWID) SetTimeStampInMinutes(t uint32)
- func (o *OWID) Sign(crypto *Crypto) error
- func (o *OWID) ToBuffer(f *bytes.Buffer) error
- func (o *OWID) ToQuery(k string, q *url.Values) error
- func (o *OWID) UnmarshalBinary(data []byte) error
- func (o *OWID) UnmarshalJSON(data []byte) error
- func (o *OWID) Validate() error
- func (o *OWID) Verify(scheme string) (bool, error)
- func (o *OWID) VerifyWithCrypto(crypto *Crypto) (bool, error)
- func (o *OWID) VerifyWithPublicKey(public string) (bool, error)
- type PublicKey
- type Register
- type Services
- type Signer
- func (s *Signer) CreateOWIDandSign(m Marshaler) (*OWID, error)
- func (s *Signer) MarshalJSON() ([]byte, error)
- func (s *Signer) NewCryptoSignOnly() (*Crypto, error)
- func (s *Signer) NewOwid(target Marshaler) (*OWID, error)
- func (s *Signer) PublicKeys() ([]*PublicKey, error)
- func (s *Signer) Sign(owid *OWID) error
- func (s *Signer) SortKeys()
- func (s *Signer) UnmarshalJSON(data []byte) error
- func (s *Signer) Verify(owid *OWID) (bool, error)
- type SignerPublic
- type Store
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AddHandlers ¶
func AddHandlers(s *Services)
AddHandlers to the http default mux for shared web state.
func EmptyToBuffer ¶
EmptyToBuffer writes an empty OWID marker. Used to indicate optional OWIDs in byte arrays.
func HandlerAddKeys ¶ added in v0.1.7
func HandlerAddKeys(s *Services) http.HandlerFunc
HandlerAddKeys adds a key to the signer associated with the domain.
func HandlerRegister ¶
func HandlerRegister(s *Services) http.HandlerFunc
HandlerRegister handles registering of a domain as a signer.
func HandlerSigner ¶ added in v0.1.7
func HandlerSigner(s *Services) http.HandlerFunc
HandlerSigner Returns the public information associated with the creator.
func HandlerSigners ¶ added in v0.1.7
func HandlerSigners(s *Services) http.HandlerFunc
HandlerSignersAsJSON is a handler that returns a list of all the known domains that relate to signers in JSON format.
func HandlerVerify ¶
func HandlerVerify(s *Services) http.HandlerFunc
HandlerVerify verifies the signature in the incoming OWID. If the method is POST and the content is binary data then the OWID is created using the FromByteArray method. Otherwise the OWID is constructed form the base 64 encoded string in the owid parameter. Returns true if the OWID is valid, otherwise false.
Types ¶
type AWS ¶
type AWS struct {
// contains filtered or unexported fields
}
AWS is a implementation of owid.Store for Amazon's Dynamo DB storage.
func (*AWS) GetSigner ¶ added in v0.1.7
GetSigner gets signer for domain from internal map, updating the internal map from AWS if the signer is not in the map.
func (*AWS) GetSigners ¶ added in v0.1.7
GetSigners returns a map of all the known signers keyed on domain.
type ByteArray ¶ added in v0.1.7
type ByteArray struct {
Data []byte // The byte array with the data
}
ByteArray is a simple implementation of the data interface
func (*ByteArray) MarshalBinary ¶ added in v0.1.7
BinaryMarshal returns the byte array. Implements encoding.BinaryMarshaler.
func (*ByteArray) MarshalOwid ¶ added in v0.1.7
BinaryMarshal returns the byte array. Implements owid.Marshaler.
type Configuration ¶
type Configuration struct { config.Base `mapstructure:",squash"` OwidFile string `mapstructure:"owidFile"` OwidStore string `mapstructure:"owidStore"` }
Configuration details from appsettings.json for access to the AWS, Azure, or GCP storage.
func NewConfig ¶
func NewConfig(file string) Configuration
NewConfig creates a new instance of configuration from the file provided. If the file does not contain a value for some important fields then the environment is checked to see if there is corresponding value present there.
func (*Configuration) Log ¶ added in v0.1.7
func (c *Configuration) Log()
Log prints non sensitive configuration fields to the logger.
type Crypto ¶
type Crypto struct {
// contains filtered or unexported fields
}
Crypto structure containing the public and private keys
func NewCrypto ¶
NewCrypto creates an new instance of the Crypto structure and generates a public / private key pair used to sign and verify OWIDs.
func NewCryptoSignOnly ¶
NewCryptoSignOnly creates a new instance of the Crypto structure for signing OWIDs only from the PEM provided. privatePem PEM format non password protected ECDSA private PEM key.
func NewCryptoVerifyOnly ¶
NewCryptoVerifyOnly creates a new instance of the Crypto structure for Verifying OWIDs only from the PEM key. publicPemKey PEM format ECDSA public PEM key.
func (*Crypto) SignByteArray ¶
SignByteArray signs the byte array with the private key of the crypto provider.
type Keys ¶ added in v0.1.7
type Keys struct { PrivateKey string `json:"privateKey"` // The private key in PEM format PublicKey string `json:"publicKey"` // The public key in PEM format Created time.Time `json:"created"` // The date and time that the keys were created // contains filtered or unexported fields }
Keys associated with a signer at a given point in time.
func (*Keys) NewCryptoSignOnly ¶ added in v0.1.7
NewCryptoSignOnly creates a new instance of the Crypto structure for signing OWIDs only.
func (*Keys) NewCryptoVerifyOnly ¶ added in v0.1.7
NewCryptoVerifyOnly creates a new instance of the Crypto structure for Verifying OWIDs only.
func (*Keys) SubjectPublicKeyInfo ¶ added in v0.1.7
SubjectPublicKeyInfo returns the public key in SPKI form.
type KeysWithDomain ¶ added in v0.1.7
Keys with domain is a structure that also includes the domain of the signer that the key relates to. Used when writing the keys to permanent storage.
type Local ¶
type Local struct {
// contains filtered or unexported fields
}
Local store implementation for OWID - data is stored in maps in memory and persisted on disk using JSON files.
func NewLocalStore ¶
NewLocalStore creates a new instance of Local from a given file path.
func (*Local) GetSigner ¶ added in v0.1.7
GetSigner gets signer for domain from internal map, updating the internal map if the signer is not in the map.
func (*Local) GetSigners ¶ added in v0.1.7
GetSigners returns a map of all the known signers keyed on domain.
type Marshaler ¶ added in v0.1.7
type Marshaler interface { // Marshal the data to an OWID for signing or verification. MarshalOwid() ([]byte, error) }
Marshaler used to obtain only the data from the target of the OWID that needs to be signed or verified. The normal encoding.BinaryMarshaler implementation may well also contain the OWID as well and there can not be used for the purpose of obtaining the data from the target for signing or verification.
type OWID ¶
type OWID struct { Version byte // The byte version of the OWID. Domain string // Domain associated with the creator. TimeStamp time.Time // The date and time to the nearest minute in UTC that the OWID was signed. Signature []byte // Signature for this OWID and the data returned from the target. Target Marshaler // Instance of the object that contains the data related to the OWID. }
OWID structure which can be used as a node in a tree.
func FromBase64 ¶
FromBase64 creates a single OWID from the base 64 string.
func FromBuffer ¶
FromBuffer creates a single OWID from the buffer and data.
func FromByteArray ¶
FromByteArray creates a single OWID from the byte array with the data provided.
func FromForm ¶
FromForm extracts the base64 string from the form and returns the OWID. If the key is missing or the string is not valid then an error is returned.
func NewUnsignedOwid ¶ added in v0.1.7
NewUnsignedOwid creates a new unsigned instance of the OWID structure. returns the new OWID
func (*OWID) AgeInMinutes ¶ added in v0.1.7
AgeInMinutes returns the number of complete minutes that have elapsed since the OWID was created.
func (*OWID) AsString ¶
AsString returns the OWID as a base 64 string or the text of any error message.
func (*OWID) FromBuffer ¶ added in v0.1.7
FromBuffer populates the OWID fields from the buffer provided.
func (*OWID) GetTimeStampInMinutes ¶ added in v0.1.7
GetTimeStampInMinutes returns the date that the OWID was created as the number of minutes since the common.IoDateBase epoch.
func (*OWID) MarshalBinary ¶ added in v0.1.7
MarshalBinary returns the OWID as a byte array.
func (*OWID) MarshalJSON ¶ added in v0.1.7
MarshalJSON the OWID to conform to the OneKey source definition. https://github.com/OneKey-Network/addressability-framework/blob/main/mvp-spec/model/source.md Note: the version is added to the JSON with the intention of adding this to the source in OneKey in the future.
func (*OWID) SetTimeStampInMinutes ¶ added in v0.1.7
SetTimeStampInMinutes sets the timestamp in minutes from the common.IoDateBase epoch.
func (*OWID) Sign ¶
Sign the data provided with the crypto instance and update the signature of the OWID. The timestamp is updated to the current time. The domain and timestamp are appended to the target data before signing. The OWID is only considered valid if the timestamp and domain also match. crypto instance to use for signing
func (*OWID) UnmarshalBinary ¶ added in v0.1.7
UnmarshalBinary implements encoding.BinaryUnmarshaler.
func (*OWID) UnmarshalJSON ¶ added in v0.1.7
UnmarshalJSON from JSON which conforms to the OneKey source definition. https://github.com/OneKey-Network/addressability-framework/blob/main/mvp-spec/model/source.md
func (*OWID) Validate ¶ added in v0.1.7
Validate the OWID data structure (not the same as Verify which checks the signature is valid) and returns an error instance if there is a problem.
func (*OWID) Verify ¶
Verify this OWID and it's ancestors by fetching the public key from the domain in the OWID. scheme to use when fetching the public key from the domain in the OWID Returns true if the signature matches the data, otherwise false.
func (*OWID) VerifyWithCrypto ¶
VerifyWithCrypto the signature in the OWID and the data provided. crypto instance to use for verification Returns true if the signature matches the data, otherwise false.
type PublicKey ¶ added in v0.1.7
type PublicKey struct { PublicKey string `json:"publicKey,omitempty"` // The public key in PEM format Created time.Time `json:"created"` // The date and time that the keys were created }
PublicKey associated with the signer at a given point in time.
type Register ¶
type Register struct { Services *Services Domain string Name string TermsURL string Error string NameError string TermsURLError string ReadOnly bool MinNameLength int MaxNameLength int MaxTermsURLLength int }
Register contains HTML template data used to register a signer
func (*Register) DisplayErrors ¶
type Services ¶
type Services struct {
// contains filtered or unexported fields
}
Services references all the information needed for OWID methods.
func NewServices ¶
func NewServices(config *Configuration, store Store, access access.Access) *Services
NewServices a set of services to use with OWID. These provide defaults via the configuration parameter, and access to persistent storage for signer configuration via the store parameter. config
func (*Services) GetSigner ¶ added in v0.1.7
GetSigner returns the signer from the store used by the service.
func (*Services) GetSignerHttp ¶ added in v0.1.7
GetSignerHttp for the request writing an error to the response if there is no signer for the host associated with the request.
type Signer ¶ added in v0.1.7
type Signer struct { Domain string `json:"domain"` // The registered domain name and key field Name string `json:"name"` // The common name of the signer TermsURL string `json:"termsUrl"` // URL with the T&Cs associated with the signed data Keys []*Keys `json:"keys"` // The private and public keys associated with the signer // contains filtered or unexported fields }
Signer of Open Web Ids.
func NewTestDefaultSigner ¶ added in v0.1.7
NewTestSigner creates a new default test signer. A public test method so that consuming packages can easilly create test signers to verify their OWID target structures.
func NewTestSigner ¶ added in v0.1.7
NewTestSigner creates a new test signer for the domain, name, and terms provided. A public test method so that consuming packages can easilly create test signers to verify their OWID target structures.
func (*Signer) CreateOWIDandSign ¶ added in v0.1.7
CreateOWIDandSign the OWID with the payload and signs the result. data to be signed Returns a new OWID for the signer.
func (*Signer) MarshalJSON ¶ added in v0.1.7
MarshalJSON prevents the signer being marshalled. A safety feature to reduce the risk of accidental exposure of the private keys.
func (*Signer) NewCryptoSignOnly ¶ added in v0.1.7
NewCryptoSignOnly creates a new instance of the Crypto structure for signing OWIDs only.
func (*Signer) NewOwid ¶ added in v0.1.7
NewOwid returns a new unsigned OWID associated with the signer. target associated with the newly created OWID returns the new OWID ready to be signed
func (*Signer) PublicKeys ¶ added in v0.1.7
PublicKeys creates an array of the public key information.
func (*Signer) Sign ¶ added in v0.1.7
Sign the OWID by updating the signature field. owid to update the signature
func (*Signer) SortKeys ¶ added in v0.1.7
func (s *Signer) SortKeys()
SortKeys in descending order of created date.
func (*Signer) UnmarshalJSON ¶ added in v0.1.7
UnmarshalJSON prevents the signer being unmarshalled. A safety feature to reduce the risk of accidental exposure of the private keys.
func (*Signer) Verify ¶ added in v0.1.7
Verify the OWID and any other OWIDs are valid for this signer. owid containing the signature to verify with the data Returns true if the signature is valid, otherwise false.
The signer has multiple keys and all of them have to be tried against the signature before verification can be complete. The keys are ordered based on proximity to the OWID date field and then tried in order.
type SignerPublic ¶ added in v0.1.7
type SignerPublic struct { Domain string `json:"domain"` // The registered domain name and key field Name string `json:"name"` // The common name of the signer TermsURL string `json:"termsUrl"` // URL with the T&Cs associated with the signed data PublicKeys []*PublicKey `json:"publicKeys"` // The public keys associated with the signer }
Signer of Open Web Ids in a form that can be marshalled for providing public key information to other parties.
type Store ¶
type Store interface { // GetSigner returns the signer information for the domain. GetSigner(domain string) (*Signer, error) // GetSigners return a map of all the known signers keyed on domain. GetSigners() map[string]*Signer // contains filtered or unexported methods }
Store is an interface for accessing persistent signer data for signing and verifying OWIDs.
func NewStore ¶
func NewStore(c *Configuration) Store
NewStore returns a work implementation of the Store interface for the configuration supplied.