iapi

package
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 6, 2019 License: GPL-3.0 Imports: 31 Imported by: 51

Documentation

Index

Constants

View Source
const PermittedCombinedStatements = 1000
View Source
const PermittedPermissions = 64

Don't change this without rewriting tree builder

View Source
const PermittedPrimaryStatements = 10

Variables

View Source
var ErrDecryptBodyMalformed = errors.New("body is malformed")
View Source
var ErrInvalidRequest = errors.New("invalid request")

Should be returned byy any of the four main functions if it receives an invalid request e.g., empty object passed to a PUT function

View Source
var ErrNoMore = errors.New("no more")

Should be returned by IterateQueue if there are no more entries

View Source
var ErrNotImplemented = errors.New("not implemented")

Should be returned by any of the four main functions if not implemented

View Source
var ErrObjectNotFound = errors.New("object not found")

Should be returned by Get if the object is not found

View Source
var ErrObjectNotPut = errors.New("failed to put object")

Should be returned by Put if if fails to store the object

View Source
var KECCAK256 = &HashScheme_Keccak_256{}
View Source
var PLAINTEXTBODYSCHEME = &PlaintextBodyScheme{}
View Source
var WR1PartitionTiers []int64 = []int64{int64(64 * 7 * 24 * time.Hour), int64(16 * 7 * 24 * time.Hour), int64(4 * 7 * 24 * time.Hour), int64(7 * 24 * time.Hour)}

The WR1 recommended partition scheme is <userdefined: 12> <beginrange: 4> <endrange: 4> Which allows for expiry ranges at a granularity of weeks In the worst case this requires a key bundle of 144 keys to delegate. Ranges are only allowed to go up to 3 years long.

Functions

func AnalyzeSuffix

func AnalyzeSuffix(uri string) (valid, hasStar, hasPlus bool)

AnalyzeSuffix checks a given URI for schema validity and possession of characteristics

func Bool

func Bool(b bool) *bool

func CalculateEmptyKeyBundleEntries added in v0.2.0

func CalculateEmptyKeyBundleEntries(startDat time.Time, endDat time.Time, userPrefix [][]byte) ([][][]byte, []serdes.BLS12381OAQUEKeyringBundleEntry, wve.WVE)

This generates the partitions and calculates the differences to generate the keyring bundle entries, but it does not generate the keys

func CalculateKeyBundlePartitions added in v0.2.0

func CalculateKeyBundlePartitions(startDat time.Time, endDat time.Time, userPrefix [][]byte) ([][][]byte, wve.WVE)

func CalculateWR1Partition added in v0.2.0

func CalculateWR1Partition(validFrom time.Time, validUntil time.Time, userPrefix [][]byte) ([][]byte, wve.WVE)

func DecodeKeyBundleEntries added in v0.2.0

func DecodeKeyBundleEntries(be []serdes.BLS12381OAQUEKeyringBundleEntry) ([][][]byte, wve.WVE)

func HashSchemeInstanceEqual

func HashSchemeInstanceEqual(lhs HashSchemeInstance, rhs HashSchemeInstance) bool

func InjectStorageInterface

func InjectStorageInterface(si StorageInterface)

func Int

func Int(i int) *int

func IsNameDeclarationValid added in v0.2.0

func IsNameDeclarationValid(s string) bool

func ParseWR1Partition added in v0.2.0

func ParseWR1Partition(p [][]byte) (start *DateRange, end *DateRange, user [][]byte, err wve.WVE)

func Partition added in v0.2.0

func Partition(s ...string) [][]byte

func Partition20 added in v0.2.0

func Partition20(s ...string) [][]byte

func RestrictBy

func RestrictBy(from string, by string) (string, bool)

Copied verbatim from bosswave RestrictBy takes a topic, and a permission, and returns the intersection that represents the from topic restricted by the permission. It took a looong time to work out this logic...

func String

func String(s string) *string

func Time

func Time(t time.Time) *time.Time

func ToArr32

func ToArr32(b []byte) [32]byte

func WR1PartitionToIntString added in v0.2.0

func WR1PartitionToIntString(p [][]byte) string

func WR1PartitionToString added in v0.2.0

func WR1PartitionToString(p [][]byte) string

Types

type AESKeyring

type AESKeyring struct {
	SerdesForm *asn1.External
	// contains filtered or unexported fields
}

func (*AESKeyring) DecryptKeyring

func (kr *AESKeyring) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)

func (*AESKeyring) EncryptKeyring

func (kr *AESKeyring) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)

func (*AESKeyring) Supported

func (kr *AESKeyring) Supported() bool

type Attestation

type Attestation struct {
	//Before any decryption was applied
	CanonicalForm *serdes.WaveAttestation
	//After we decrypted
	DecryptedBody *serdes.AttestationBody
	//Revocationbs
	Revocations []RevocationSchemeInstance
	//Extra information obtained if this is a WR1 dot
	WR1Extra *WR1Extra
	//Extra information obtained if this is a PSK dot
	PSKExtra *PSKExtra
}

func (*Attestation) ArrayKeccak256

func (e *Attestation) ArrayKeccak256() [32]byte

func (*Attestation) Attester

func (*Attestation) DER

func (e *Attestation) DER() ([]byte, error)

func (*Attestation) Expired

func (e *Attestation) Expired() (bool, error)

func (*Attestation) Hash

func (e *Attestation) Hash(scheme HashScheme) HashSchemeInstance

func (*Attestation) Keccak256

func (e *Attestation) Keccak256() []byte

func (*Attestation) Keccak256HI

func (e *Attestation) Keccak256HI() HashSchemeInstance

func (*Attestation) Namespace added in v0.2.1

func (*Attestation) Subject

func (*Attestation) WR1DomainVisibilityKeys

func (e *Attestation) WR1DomainVisibilityKeys() []EntitySecretKeySchemeInstance

func (*Attestation) WR1SecretSlottedKeys

func (e *Attestation) WR1SecretSlottedKeys() []SlottedSecretKey

type AttestationBodyScheme

type AttestationBodyScheme interface {
	Scheme
	DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation, inextra interface{}) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
	EncryptBody(ctx context.Context, ec BodyEncryptionContext, attester *EntitySecrets, subject *Entity, intermediateForm *serdes.WaveAttestation, policy PolicySchemeInstance) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
}

func AttestationBodySchemeFor

func AttestationBodySchemeFor(ex *asn1.External) AttestationBodyScheme

type AttestationVerifierBodyKeySchemeInstance

type AttestationVerifierBodyKeySchemeInstance interface {
	Scheme
	DecryptBody(ctx context.Context, ciphertext []byte) ([]byte, error)
}

type BodyDecryptionContext

type BodyDecryptionContext interface {
	EntityByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE)
}

type BodyEncryptionContext

type BodyEncryptionContext interface {
}

type Capability

type Capability int
const (
	CapCertification  Capability = 1
	CapAttestation    Capability = 2
	CapSigning        Capability = 3
	CapAuthentication Capability = 4
	CapAuthorization  Capability = 5
	CapEncryption     Capability = 6
)

type CommitmentRevocationSchemeInstance added in v0.2.1

type CommitmentRevocationSchemeInstance struct {
	SerdesForm *serdes.RevocationOption
	CRBody     *serdes.CommitmentRevocation
}

func NewCommitmentRevocationSchemeInstance added in v0.2.1

func NewCommitmentRevocationSchemeInstance(loc LocationSchemeInstance, critical bool, secrets ...[]byte) *CommitmentRevocationSchemeInstance

func (*CommitmentRevocationSchemeInstance) CanonicalForm added in v0.2.1

func (*CommitmentRevocationSchemeInstance) Critical added in v0.2.1

func (*CommitmentRevocationSchemeInstance) Id added in v0.2.1

func (*CommitmentRevocationSchemeInstance) IsRevoked added in v0.2.1

func (*CommitmentRevocationSchemeInstance) Supported added in v0.2.1

func (rs *CommitmentRevocationSchemeInstance) Supported() bool

type DateRange added in v0.2.0

type DateRange struct {
	Start time.Time
	End   time.Time
}

func WR1PartitionChunkToDateRange added in v0.2.0

func WR1PartitionChunkToDateRange(chunk [][]byte) (*DateRange, wve.WVE)

type Entity

type Entity struct {
	CanonicalForm *serdes.WaveEntity
	VerifyingKey  EntityKeySchemeInstance
	Keys          []EntityKeySchemeInstance
	Revocations   []RevocationSchemeInstance
	Extensions    []ExtensionSchemeInstance
}

func (*Entity) ArrayKeccak256

func (e *Entity) ArrayKeccak256() [32]byte

func (*Entity) DER

func (e *Entity) DER() ([]byte, error)

func (*Entity) Expired

func (e *Entity) Expired() bool

func (*Entity) Hash

func (e *Entity) Hash(scheme HashScheme) HashSchemeInstance

func (*Entity) Keccak256

func (e *Entity) Keccak256() []byte

func (*Entity) Keccak256HI

func (e *Entity) Keccak256HI() HashSchemeInstance

func (*Entity) MessageVerifyingKey added in v0.2.1

func (e *Entity) MessageVerifyingKey() EntityKeySchemeInstance

func (*Entity) WR1_BodyParams

func (e *Entity) WR1_BodyParams() (EntityKeySchemeInstance, error)

func (*Entity) WR1_DirectEncryptionKey

func (e *Entity) WR1_DirectEncryptionKey() (EntityKeySchemeInstance, error)

func (*Entity) WR1_DomainVisiblityParams

func (e *Entity) WR1_DomainVisiblityParams() (EntityKeySchemeInstance, error)

type EntityKeySchemeInstance

type EntityKeySchemeInstance interface {
	Scheme
	//Such as the public key, used for comparing keys to check private matches
	IdentifyingBlob(ctx context.Context) (string, error)
	SystemIdentifyingBlob(ctx context.Context) (string, error)
	HasCapability(c Capability) bool
	VerifyCertify(ctx context.Context, data []byte, signature []byte) error
	VerifyAttestation(ctx context.Context, data []byte, signature []byte) error
	VerifyMessage(ctx context.Context, data []byte, signature []byte) error
	EncryptMessage(ctx context.Context, content []byte) ([]byte, error)
	GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
	CanonicalForm() *serdes.EntityPublicKey
}

type EntityKey_Curve25519

type EntityKey_Curve25519 struct {
	SerdesForm *serdes.EntityPublicKey
	PublicKey  [32]byte
}

func (*EntityKey_Curve25519) CanonicalForm

func (ek *EntityKey_Curve25519) CanonicalForm() *serdes.EntityPublicKey

func (*EntityKey_Curve25519) EncryptMessage

func (ek *EntityKey_Curve25519) EncryptMessage(ctx context.Context, data []byte) ([]byte, error)

func (*EntityKey_Curve25519) GenerateChildKey

func (ek *EntityKey_Curve25519) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)

func (*EntityKey_Curve25519) HasCapability

func (ek *EntityKey_Curve25519) HasCapability(c Capability) bool

func (*EntityKey_Curve25519) IdentifyingBlob

func (ek *EntityKey_Curve25519) IdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_Curve25519) Supported

func (ek *EntityKey_Curve25519) Supported() bool

func (*EntityKey_Curve25519) SystemIdentifyingBlob added in v0.2.1

func (ek *EntityKey_Curve25519) SystemIdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_Curve25519) VerifyAttestation

func (ek *EntityKey_Curve25519) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_Curve25519) VerifyCertify

func (ek *EntityKey_Curve25519) VerifyCertify(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_Curve25519) VerifyMessage

func (ek *EntityKey_Curve25519) VerifyMessage(ctx context.Context, data []byte, signature []byte) error

type EntityKey_Ed25519

type EntityKey_Ed25519 struct {
	SerdesForm *serdes.EntityPublicKey
	PublicKey  ed25519.PublicKey
}

func (*EntityKey_Ed25519) CanonicalForm

func (ek *EntityKey_Ed25519) CanonicalForm() *serdes.EntityPublicKey

func (*EntityKey_Ed25519) EncryptMessage

func (ek *EntityKey_Ed25519) EncryptMessage(ctx context.Context, data []byte) ([]byte, error)

func (*EntityKey_Ed25519) GenerateChildKey

func (ek *EntityKey_Ed25519) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)

func (*EntityKey_Ed25519) HasCapability

func (ek *EntityKey_Ed25519) HasCapability(c Capability) bool

func (*EntityKey_Ed25519) IdentifyingBlob

func (ek *EntityKey_Ed25519) IdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_Ed25519) Supported

func (ek *EntityKey_Ed25519) Supported() bool

func (*EntityKey_Ed25519) SystemIdentifyingBlob added in v0.2.1

func (ek *EntityKey_Ed25519) SystemIdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_Ed25519) VerifyAttestation

func (ek *EntityKey_Ed25519) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_Ed25519) VerifyCertify

func (ek *EntityKey_Ed25519) VerifyCertify(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_Ed25519) VerifyMessage

func (ek *EntityKey_Ed25519) VerifyMessage(ctx context.Context, data []byte, signature []byte) error

type EntityKey_IBE_BLS12381 added in v0.4.0

type EntityKey_IBE_BLS12381 struct {
	SerdesForm *serdes.EntityPublicKey
	Params     *lqibe.Params
	ID         []byte
	LQID       *lqibe.ID
}

func (*EntityKey_IBE_BLS12381) CanonicalForm added in v0.4.0

func (k *EntityKey_IBE_BLS12381) CanonicalForm() *serdes.EntityPublicKey

func (*EntityKey_IBE_BLS12381) EncryptMessage added in v0.4.0

func (k *EntityKey_IBE_BLS12381) EncryptMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntityKey_IBE_BLS12381) GenerateChildKey added in v0.4.0

func (k *EntityKey_IBE_BLS12381) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)

func (*EntityKey_IBE_BLS12381) GobDecode added in v0.4.0

func (ek *EntityKey_IBE_BLS12381) GobDecode(ba []byte) error

func (*EntityKey_IBE_BLS12381) GobEncode added in v0.4.0

func (ek *EntityKey_IBE_BLS12381) GobEncode() ([]byte, error)

func (*EntityKey_IBE_BLS12381) HasCapability added in v0.4.0

func (k *EntityKey_IBE_BLS12381) HasCapability(c Capability) bool

func (*EntityKey_IBE_BLS12381) IdentifyingBlob added in v0.4.0

func (k *EntityKey_IBE_BLS12381) IdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_IBE_BLS12381) Supported added in v0.4.0

func (k *EntityKey_IBE_BLS12381) Supported() bool

func (*EntityKey_IBE_BLS12381) SystemIdentifyingBlob added in v0.4.0

func (k *EntityKey_IBE_BLS12381) SystemIdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_IBE_BLS12381) VerifyAttestation added in v0.4.0

func (k *EntityKey_IBE_BLS12381) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_IBE_BLS12381) VerifyCertify added in v0.4.0

func (k *EntityKey_IBE_BLS12381) VerifyCertify(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_IBE_BLS12381) VerifyMessage added in v0.4.0

func (k *EntityKey_IBE_BLS12381) VerifyMessage(ctx context.Context, data []byte, signature []byte) error

type EntityKey_IBE_Params_BLS12381 added in v0.4.0

type EntityKey_IBE_Params_BLS12381 struct {
	SerdesForm *serdes.EntityPublicKey
	PublicKey  *lqibe.Params
}

func (*EntityKey_IBE_Params_BLS12381) CanonicalForm added in v0.4.0

func (*EntityKey_IBE_Params_BLS12381) EncryptMessage added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) EncryptMessage(ctx context.Context, data []byte) ([]byte, error)

func (*EntityKey_IBE_Params_BLS12381) GenerateChildKey added in v0.4.0

func (k *EntityKey_IBE_Params_BLS12381) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)

func (*EntityKey_IBE_Params_BLS12381) GobDecode added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) GobDecode(ba []byte) error

func (*EntityKey_IBE_Params_BLS12381) GobEncode added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) GobEncode() ([]byte, error)

func (*EntityKey_IBE_Params_BLS12381) HasCapability added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) HasCapability(c Capability) bool

func (*EntityKey_IBE_Params_BLS12381) IdentifyingBlob added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) IdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_IBE_Params_BLS12381) Supported added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) Supported() bool

func (*EntityKey_IBE_Params_BLS12381) SystemIdentifyingBlob added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) SystemIdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_IBE_Params_BLS12381) VerifyAttestation added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_IBE_Params_BLS12381) VerifyCertify added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) VerifyCertify(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_IBE_Params_BLS12381) VerifyMessage added in v0.4.0

func (ek *EntityKey_IBE_Params_BLS12381) VerifyMessage(ctx context.Context, data []byte, signature []byte) error

type EntityKey_OAQUE_BLS12381_S20 added in v0.4.0

type EntityKey_OAQUE_BLS12381_S20 struct {
	SerdesForm   *serdes.EntityPublicKey
	Params       *wkdibe.Params
	AttributeSet [][]byte
}

func (*EntityKey_OAQUE_BLS12381_S20) CanonicalForm added in v0.4.0

func (*EntityKey_OAQUE_BLS12381_S20) EncryptMessage added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) EncryptMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntityKey_OAQUE_BLS12381_S20) GenerateChildKey added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)

func (*EntityKey_OAQUE_BLS12381_S20) GobDecode added in v0.4.0

func (ek *EntityKey_OAQUE_BLS12381_S20) GobDecode(ba []byte) error

func (*EntityKey_OAQUE_BLS12381_S20) GobEncode added in v0.4.0

func (ek *EntityKey_OAQUE_BLS12381_S20) GobEncode() ([]byte, error)

func (*EntityKey_OAQUE_BLS12381_S20) HasCapability added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) HasCapability(c Capability) bool

func (*EntityKey_OAQUE_BLS12381_S20) IdentifyingBlob added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) IdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_OAQUE_BLS12381_S20) Supported added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) Supported() bool

func (*EntityKey_OAQUE_BLS12381_S20) SystemIdentifyingBlob added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) SystemIdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_OAQUE_BLS12381_S20) VerifyAttestation added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_OAQUE_BLS12381_S20) VerifyCertify added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) VerifyCertify(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_OAQUE_BLS12381_S20) VerifyMessage added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20) VerifyMessage(ctx context.Context, data []byte, signature []byte) error

type EntityKey_OAQUE_BLS12381_S20_Params added in v0.4.0

type EntityKey_OAQUE_BLS12381_S20_Params struct {
	SerdesForm *serdes.EntityPublicKey
	Params     *wkdibe.Params
}

func (*EntityKey_OAQUE_BLS12381_S20_Params) CanonicalForm added in v0.4.0

func (*EntityKey_OAQUE_BLS12381_S20_Params) EncryptMessage added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20_Params) EncryptMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntityKey_OAQUE_BLS12381_S20_Params) GenerateChildKey added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20_Params) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)

func (*EntityKey_OAQUE_BLS12381_S20_Params) GobDecode added in v0.4.0

func (ek *EntityKey_OAQUE_BLS12381_S20_Params) GobDecode(ba []byte) error

func (*EntityKey_OAQUE_BLS12381_S20_Params) GobEncode added in v0.4.0

func (ek *EntityKey_OAQUE_BLS12381_S20_Params) GobEncode() ([]byte, error)

func (*EntityKey_OAQUE_BLS12381_S20_Params) HasCapability added in v0.4.0

func (*EntityKey_OAQUE_BLS12381_S20_Params) IdentifyingBlob added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20_Params) IdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_OAQUE_BLS12381_S20_Params) Supported added in v0.4.0

func (*EntityKey_OAQUE_BLS12381_S20_Params) SystemIdentifyingBlob added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20_Params) SystemIdentifyingBlob(ctx context.Context) (string, error)

func (*EntityKey_OAQUE_BLS12381_S20_Params) VerifyAttestation added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20_Params) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_OAQUE_BLS12381_S20_Params) VerifyCertify added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20_Params) VerifyCertify(ctx context.Context, data []byte, signature []byte) error

func (*EntityKey_OAQUE_BLS12381_S20_Params) VerifyMessage added in v0.4.0

func (k *EntityKey_OAQUE_BLS12381_S20_Params) VerifyMessage(ctx context.Context, data []byte, signature []byte) error

type EntityKeyringSchemeInstance

type EntityKeyringSchemeInstance interface {
	Scheme
	DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)
	EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)
}

func EntityKeyringSchemeInstanceFor

func EntityKeyringSchemeInstanceFor(e asn1.External) (EntityKeyringSchemeInstance, error)

func NewEntityKeyringSchemeInstance

func NewEntityKeyringSchemeInstance(oid asn1.ObjectIdentifier) (EntityKeyringSchemeInstance, error)

type EntitySecretKeySchemeInstance

type EntitySecretKeySchemeInstance interface {
	Scheme
	Public() EntityKeySchemeInstance
	SignCertify(ctx context.Context, content []byte) ([]byte, error)
	//Signing signature bindings or signing DER (for ephemeral)
	SignAttestation(ctx context.Context, content []byte) ([]byte, error)
	SignMessage(ctx context.Context, content []byte) ([]byte, error)
	DecryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)
	DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)
	GenerateChildSecretKey(ctx context.Context, identity interface{}, delegable bool) (EntitySecretKeySchemeInstance, error)
	SecretCanonicalForm() *serdes.EntityKeyringEntry
	Equal(rhs EntitySecretKeySchemeInstance) bool
}

func NewEntityKeySchemeInstance

func NewEntityKeySchemeInstance(oid asn1.ObjectIdentifier, capabilities ...Capability) (EntitySecretKeySchemeInstance, error)

type EntitySecretKey_Curve25519

type EntitySecretKey_Curve25519 struct {
	SerdesForm *serdes.EntityKeyringEntry
	PrivateKey [32]byte
	PublicKey  [32]byte
}

func (*EntitySecretKey_Curve25519) CanonicalForm

func (ek *EntitySecretKey_Curve25519) CanonicalForm() *serdes.EntityPublicKey

func (*EntitySecretKey_Curve25519) DecryptMessage

func (ek *EntitySecretKey_Curve25519) DecryptMessage(ctx context.Context, data []byte) ([]byte, error)

func (*EntitySecretKey_Curve25519) DecryptMessageAsChild

func (ek *EntitySecretKey_Curve25519) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)

func (*EntitySecretKey_Curve25519) Equal

func (*EntitySecretKey_Curve25519) GenerateChildSecretKey

func (ek *EntitySecretKey_Curve25519) GenerateChildSecretKey(ctx context.Context, identity interface{}, delegable bool) (EntitySecretKeySchemeInstance, error)

func (*EntitySecretKey_Curve25519) HasCapability

func (ek *EntitySecretKey_Curve25519) HasCapability(c Capability) bool

func (*EntitySecretKey_Curve25519) Public

func (*EntitySecretKey_Curve25519) SecretCanonicalForm

func (ek *EntitySecretKey_Curve25519) SecretCanonicalForm() *serdes.EntityKeyringEntry

func (*EntitySecretKey_Curve25519) SignAttestation

func (ek *EntitySecretKey_Curve25519) SignAttestation(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_Curve25519) SignCertify

func (ek *EntitySecretKey_Curve25519) SignCertify(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_Curve25519) SignMessage

func (ek *EntitySecretKey_Curve25519) SignMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_Curve25519) Supported

func (ek *EntitySecretKey_Curve25519) Supported() bool

type EntitySecretKey_Ed25519

type EntitySecretKey_Ed25519 struct {
	SerdesForm *serdes.EntityKeyringEntry
	PublicKey  ed25519.PublicKey
	PrivateKey ed25519.PrivateKey
}

func (*EntitySecretKey_Ed25519) CanonicalForm

func (ek *EntitySecretKey_Ed25519) CanonicalForm() *serdes.EntityPublicKey

func (*EntitySecretKey_Ed25519) DecryptMessage

func (ek *EntitySecretKey_Ed25519) DecryptMessage(ctx context.Context, data []byte) ([]byte, error)

func (*EntitySecretKey_Ed25519) DecryptMessageAsChild

func (ek *EntitySecretKey_Ed25519) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)

func (*EntitySecretKey_Ed25519) Equal

func (*EntitySecretKey_Ed25519) GenerateChildSecretKey

func (ek *EntitySecretKey_Ed25519) GenerateChildSecretKey(ctx context.Context, identity interface{}, delegable bool) (EntitySecretKeySchemeInstance, error)

func (*EntitySecretKey_Ed25519) HasCapability

func (ek *EntitySecretKey_Ed25519) HasCapability(c Capability) bool

func (*EntitySecretKey_Ed25519) Public

func (*EntitySecretKey_Ed25519) SecretCanonicalForm

func (ek *EntitySecretKey_Ed25519) SecretCanonicalForm() *serdes.EntityKeyringEntry

func (*EntitySecretKey_Ed25519) SignAttestation

func (ek *EntitySecretKey_Ed25519) SignAttestation(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_Ed25519) SignCertify

func (ek *EntitySecretKey_Ed25519) SignCertify(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_Ed25519) SignMessage

func (ek *EntitySecretKey_Ed25519) SignMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_Ed25519) Supported

func (ek *EntitySecretKey_Ed25519) Supported() bool

type EntitySecretKey_IBE_BLS12381 added in v0.4.0

type EntitySecretKey_IBE_BLS12381 struct {
	SerdesForm *serdes.EntityKeyringEntry
	PrivateKey *lqibe.SecretKey
	Params     *lqibe.Params
	ID         []byte
	LQID       *lqibe.ID
}

func (*EntitySecretKey_IBE_BLS12381) CanonicalForm added in v0.4.0

func (*EntitySecretKey_IBE_BLS12381) DecryptMessage added in v0.4.0

func (k *EntitySecretKey_IBE_BLS12381) DecryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)

func (*EntitySecretKey_IBE_BLS12381) DecryptMessageAsChild added in v0.4.0

func (ek *EntitySecretKey_IBE_BLS12381) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)

func (*EntitySecretKey_IBE_BLS12381) Equal added in v0.4.0

func (*EntitySecretKey_IBE_BLS12381) GenerateChildSecretKey added in v0.4.0

func (k *EntitySecretKey_IBE_BLS12381) GenerateChildSecretKey(ctx context.Context, identity interface{}, delegable bool) (EntitySecretKeySchemeInstance, error)

func (*EntitySecretKey_IBE_BLS12381) GobDecode added in v0.4.0

func (ek *EntitySecretKey_IBE_BLS12381) GobDecode(ba []byte) error

func (*EntitySecretKey_IBE_BLS12381) GobEncode added in v0.4.0

func (ek *EntitySecretKey_IBE_BLS12381) GobEncode() ([]byte, error)

func (*EntitySecretKey_IBE_BLS12381) HasCapability added in v0.4.0

func (ek *EntitySecretKey_IBE_BLS12381) HasCapability(c Capability) bool

func (*EntitySecretKey_IBE_BLS12381) Public added in v0.4.0

func (*EntitySecretKey_IBE_BLS12381) SecretCanonicalForm added in v0.4.0

func (k *EntitySecretKey_IBE_BLS12381) SecretCanonicalForm() *serdes.EntityKeyringEntry

func (*EntitySecretKey_IBE_BLS12381) SignAttestation added in v0.4.0

func (k *EntitySecretKey_IBE_BLS12381) SignAttestation(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_IBE_BLS12381) SignCertify added in v0.4.0

func (k *EntitySecretKey_IBE_BLS12381) SignCertify(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_IBE_BLS12381) SignMessage added in v0.4.0

func (k *EntitySecretKey_IBE_BLS12381) SignMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_IBE_BLS12381) Supported added in v0.4.0

func (ek *EntitySecretKey_IBE_BLS12381) Supported() bool

type EntitySecretKey_IBE_Master_BLS12381 added in v0.4.0

type EntitySecretKey_IBE_Master_BLS12381 struct {
	SerdesForm *serdes.EntityKeyringEntry
	PrivateKey *lqibe.MasterKey
	PublicKey  *lqibe.Params
}

func (*EntitySecretKey_IBE_Master_BLS12381) CanonicalForm added in v0.4.0

func (*EntitySecretKey_IBE_Master_BLS12381) DecryptMessage added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) DecryptMessage(ctx context.Context, data []byte) ([]byte, error)

func (*EntitySecretKey_IBE_Master_BLS12381) DecryptMessageAsChild added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)

func (*EntitySecretKey_IBE_Master_BLS12381) Equal added in v0.4.0

func (*EntitySecretKey_IBE_Master_BLS12381) GenerateChildSecretKey added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) GenerateChildSecretKey(ctx context.Context, identity interface{}, delegable bool) (EntitySecretKeySchemeInstance, error)

func (*EntitySecretKey_IBE_Master_BLS12381) GobDecode added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) GobDecode(ba []byte) error

func (*EntitySecretKey_IBE_Master_BLS12381) GobEncode added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) GobEncode() ([]byte, error)

func (*EntitySecretKey_IBE_Master_BLS12381) HasCapability added in v0.4.0

func (*EntitySecretKey_IBE_Master_BLS12381) Public added in v0.4.0

func (*EntitySecretKey_IBE_Master_BLS12381) SecretCanonicalForm added in v0.4.0

func (*EntitySecretKey_IBE_Master_BLS12381) SignAttestation added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) SignAttestation(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_IBE_Master_BLS12381) SignCertify added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) SignCertify(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_IBE_Master_BLS12381) SignMessage added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) SignMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_IBE_Master_BLS12381) Supported added in v0.4.0

func (ek *EntitySecretKey_IBE_Master_BLS12381) Supported() bool

type EntitySecretKey_OAQUE_BLS12381_S20 added in v0.4.0

type EntitySecretKey_OAQUE_BLS12381_S20 struct {
	SerdesForm   *serdes.EntityKeyringEntry
	PrivateKey   *wkdibe.SecretKey
	Params       *wkdibe.Params
	AttributeSet [][]byte
	// contains filtered or unexported fields
}

func (*EntitySecretKey_OAQUE_BLS12381_S20) CanonicalForm added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20) DecryptMessage added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20) DecryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20) DecryptMessageAsChild added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20) Equal added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20) GenerateChildSecretKey added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20) GenerateChildSecretKey(ctx context.Context, identity interface{}, delegable bool) (EntitySecretKeySchemeInstance, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20) GobDecode added in v0.4.0

func (ek *EntitySecretKey_OAQUE_BLS12381_S20) GobDecode(ba []byte) error

func (*EntitySecretKey_OAQUE_BLS12381_S20) GobEncode added in v0.4.0

func (ek *EntitySecretKey_OAQUE_BLS12381_S20) GobEncode() ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20) HasCapability added in v0.4.0

func (ek *EntitySecretKey_OAQUE_BLS12381_S20) HasCapability(c Capability) bool

func (*EntitySecretKey_OAQUE_BLS12381_S20) IdHash added in v0.4.0

func (ek *EntitySecretKey_OAQUE_BLS12381_S20) IdHash() [32]byte

func (*EntitySecretKey_OAQUE_BLS12381_S20) Public added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20) SecretCanonicalForm added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20) SignAttestation added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20) SignAttestation(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20) SignCertify added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20) SignCertify(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20) SignMessage added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20) SignMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20) Slots added in v0.4.0

func (ek *EntitySecretKey_OAQUE_BLS12381_S20) Slots() [][]byte

func (*EntitySecretKey_OAQUE_BLS12381_S20) Supported added in v0.4.0

func (ek *EntitySecretKey_OAQUE_BLS12381_S20) Supported() bool

type EntitySecretKey_OAQUE_BLS12381_S20_Master added in v0.4.0

type EntitySecretKey_OAQUE_BLS12381_S20_Master struct {
	SerdesForm *serdes.EntityKeyringEntry
	PrivateKey *wkdibe.MasterKey
	Params     *wkdibe.Params
}

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) CanonicalForm added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) DecryptMessage added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20_Master) DecryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) DecryptMessageAsChild added in v0.4.0

func (ek *EntitySecretKey_OAQUE_BLS12381_S20_Master) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) Equal added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) GenerateChildSecretKey added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20_Master) GenerateChildSecretKey(ctx context.Context, identity interface{}, delegable bool) (EntitySecretKeySchemeInstance, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) GobDecode added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) GobEncode added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) HasCapability added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) Public added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) SecretCanonicalForm added in v0.4.0

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) SignAttestation added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20_Master) SignAttestation(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) SignCertify added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20_Master) SignCertify(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) SignMessage added in v0.4.0

func (k *EntitySecretKey_OAQUE_BLS12381_S20_Master) SignMessage(ctx context.Context, content []byte) ([]byte, error)

func (*EntitySecretKey_OAQUE_BLS12381_S20_Master) Supported added in v0.4.0

type EntitySecrets

type EntitySecrets struct {
	CanonicalForm *serdes.WaveEntitySecret
	Keyring       []EntitySecretKeySchemeInstance
	Entity        *Entity
}

func (*EntitySecrets) AttestationRevocationDetails added in v0.2.1

func (e *EntitySecrets) AttestationRevocationDetails(att *Attestation) ([]byte, LocationSchemeInstance, wve.WVE)

func (*EntitySecrets) CalculateWR1Batch added in v0.4.0

func (e *EntitySecrets) CalculateWR1Batch(partitions [][][]byte, delegable bool) ([]SlottedSecretKey, error)

func (*EntitySecrets) CommitmentRevocationDetails added in v0.2.1

func (e *EntitySecrets) CommitmentRevocationDetails() (content []byte, loc []LocationSchemeInstance)

func (*EntitySecrets) MessageSigningKey added in v0.2.1

func (e *EntitySecrets) MessageSigningKey() EntitySecretKeySchemeInstance

func (*EntitySecrets) NameDeclarationRevocationDetails added in v0.2.1

func (e *EntitySecrets) NameDeclarationRevocationDetails(nd *NameDeclaration) ([]byte, LocationSchemeInstance, wve.WVE)

func (*EntitySecrets) PrimarySigningKey

func (e *EntitySecrets) PrimarySigningKey() EntitySecretKeySchemeInstance

func (*EntitySecrets) WR1BodyKey

func (e *EntitySecrets) WR1BodyKey(ctx context.Context, slots [][]byte, delegable bool) (SlottedSecretKey, error)

func (*EntitySecrets) WR1DirectDecryptionKey

func (e *EntitySecrets) WR1DirectDecryptionKey(ctx context.Context) (EntitySecretKeySchemeInstance, error)

func (*EntitySecrets) WR1LabelKey

func (e *EntitySecrets) WR1LabelKey(ctx context.Context, namespace []byte) (EntitySecretKeySchemeInstance, error)

type ExtensionSchemeInstance

type ExtensionSchemeInstance interface {
	Scheme
	IsCritical() bool
}

type GetResult added in v0.2.0

type GetResult struct {
	Attestation     *Attestation
	NameDeclaration *NameDeclaration
}

type HashScheme

type HashScheme interface {
	Scheme
	//Digest(ctx context.Context, input []byte) ([]byte, error)
	Instance(input []byte) HashSchemeInstance
	OID() asn1.ObjectIdentifier
}

func HashSchemeFor

func HashSchemeFor(h asn1.External) HashScheme

type HashSchemeInstance

type HashSchemeInstance interface {
	Scheme
	//For curried hash scheme instances
	Value() []byte
	Multihash() []byte
	MultihashString() string
	CanonicalForm() *asn1.External
	OID() asn1.ObjectIdentifier
}

func HashSchemeInstanceFor

func HashSchemeInstanceFor(h *asn1.External) HashSchemeInstance
func NewHashScheme(oid asn1.ObjectIdentifier) HashScheme {
	panic("ni")
}

func HashSchemeInstanceFromMultihash

func HashSchemeInstanceFromMultihash(mh []byte) HashSchemeInstance

type HashSchemeInstance_Keccak_256

type HashSchemeInstance_Keccak_256 struct {
	Val []byte
}

func (*HashSchemeInstance_Keccak_256) CanonicalForm

func (hs *HashSchemeInstance_Keccak_256) CanonicalForm() *asn1.External

func (*HashSchemeInstance_Keccak_256) Multihash

func (hs *HashSchemeInstance_Keccak_256) Multihash() []byte

func (*HashSchemeInstance_Keccak_256) MultihashString

func (hs *HashSchemeInstance_Keccak_256) MultihashString() string

func (*HashSchemeInstance_Keccak_256) OID

func (*HashSchemeInstance_Keccak_256) Supported

func (hs *HashSchemeInstance_Keccak_256) Supported() bool

func (*HashSchemeInstance_Keccak_256) Value

func (hs *HashSchemeInstance_Keccak_256) Value() []byte

type HashSchemeInstance_Sha3_256

type HashSchemeInstance_Sha3_256 struct {
	Val []byte
}

func (*HashSchemeInstance_Sha3_256) CanonicalForm

func (hs *HashSchemeInstance_Sha3_256) CanonicalForm() *asn1.External

func (*HashSchemeInstance_Sha3_256) Multihash

func (hs *HashSchemeInstance_Sha3_256) Multihash() []byte

func (*HashSchemeInstance_Sha3_256) MultihashString

func (hs *HashSchemeInstance_Sha3_256) MultihashString() string

func (*HashSchemeInstance_Sha3_256) OID

func (*HashSchemeInstance_Sha3_256) Supported

func (hs *HashSchemeInstance_Sha3_256) Supported() bool

func (*HashSchemeInstance_Sha3_256) Value

func (hs *HashSchemeInstance_Sha3_256) Value() []byte

type HashScheme_Keccak_256

type HashScheme_Keccak_256 struct{}

func (*HashScheme_Keccak_256) Instance

func (hs *HashScheme_Keccak_256) Instance(input []byte) HashSchemeInstance

func (*HashScheme_Keccak_256) OID

func (*HashScheme_Keccak_256) Supported

func (hs *HashScheme_Keccak_256) Supported() bool

type HashScheme_Sha3_256

type HashScheme_Sha3_256 struct{}

func (*HashScheme_Sha3_256) Instance

func (hs *HashScheme_Sha3_256) Instance(input []byte) HashSchemeInstance

func (*HashScheme_Sha3_256) OID

func (*HashScheme_Sha3_256) Supported

func (hs *HashScheme_Sha3_256) Supported() bool

type InterestingEntityResult

type InterestingEntityResult struct {
	Entity *Entity
	Err    error
}

type KeyPoolDecryptionContext

type KeyPoolDecryptionContext struct {
	// contains filtered or unexported fields
}

func NewKeyPoolDecryptionContext

func NewKeyPoolDecryptionContext() *KeyPoolDecryptionContext

func (*KeyPoolDecryptionContext) AddDomainVisibilityID

func (kpd *KeyPoolDecryptionContext) AddDomainVisibilityID(id []byte)

func (*KeyPoolDecryptionContext) AddEntity

func (kpd *KeyPoolDecryptionContext) AddEntity(e *Entity)

func (*KeyPoolDecryptionContext) AddEntitySecret

func (kpd *KeyPoolDecryptionContext) AddEntitySecret(es *EntitySecrets, delegatedOnly bool)

func (*KeyPoolDecryptionContext) AddEntitySecretsLabelOnly added in v0.2.0

func (kpd *KeyPoolDecryptionContext) AddEntitySecretsLabelOnly(es *EntitySecrets)

func (*KeyPoolDecryptionContext) EntityByHashLoc

func (*KeyPoolDecryptionContext) SetUnderlyingContext added in v0.2.1

func (kpd *KeyPoolDecryptionContext) SetUnderlyingContext(ctx KeyPoolUnderlyingContext)

func (*KeyPoolDecryptionContext) SetWR1ProverBodyKey

func (kpd *KeyPoolDecryptionContext) SetWR1ProverBodyKey(atv []byte)

func (*KeyPoolDecryptionContext) SetWR1VerifierBodyKey

func (kpd *KeyPoolDecryptionContext) SetWR1VerifierBodyKey(atv []byte)

func (*KeyPoolDecryptionContext) WR1AttesterDirectDecryptionKey added in v0.2.1

func (kpd *KeyPoolDecryptionContext) WR1AttesterDirectDecryptionKey(ctx context.Context, onResult func(k EntitySecretKeySchemeInstance) bool) error

func (*KeyPoolDecryptionContext) WR1DirectDecryptionKey

func (kpd *KeyPoolDecryptionContext) WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error

func (*KeyPoolDecryptionContext) WR1EntityFromHash added in v0.2.1

func (*KeyPoolDecryptionContext) WR1IBEKeysForPartitionLabel

func (kpd *KeyPoolDecryptionContext) WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error

func (*KeyPoolDecryptionContext) WR1OAQUEKeysForContent

func (kpd *KeyPoolDecryptionContext) WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, delegable bool, slots [][]byte, onResult func(k SlottedSecretKey) bool) error

func (*KeyPoolDecryptionContext) WR1ProverBodyKey

func (kpd *KeyPoolDecryptionContext) WR1ProverBodyKey(ctx context.Context) []byte

func (*KeyPoolDecryptionContext) WR1VerifierBodyKey

func (kpd *KeyPoolDecryptionContext) WR1VerifierBodyKey(ctx context.Context) []byte

type KeyPoolUnderlyingContext added in v0.2.1

type KeyPoolUnderlyingContext interface {
	EntityByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE)
}

type KeyValue

type KeyValue struct {
	Key   string
	Value []byte
}

type KeyringPlaintext

type KeyringPlaintext struct {
	SerdesForm *asn1.External
}

func (*KeyringPlaintext) DecryptKeyring

func (kr *KeyringPlaintext) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)

func (*KeyringPlaintext) EncryptKeyring

func (kr *KeyringPlaintext) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)

func (*KeyringPlaintext) Supported

func (kr *KeyringPlaintext) Supported() bool

type LocationResult

type LocationResult struct {
	Location LocationSchemeInstance
	Err      error
}

type LocationSchemeInstance

type LocationSchemeInstance interface {
	Scheme
	CanonicalForm() *asn1.External
	IdHash() [32]byte
	Equal(l LocationSchemeInstance) bool
}

func LocationSchemeInstanceFor

func LocationSchemeInstanceFor(e *asn1.External) LocationSchemeInstance

func NewLocationSchemeInstanceURL

func NewLocationSchemeInstanceURL(url string, version int) LocationSchemeInstance

type LocationSchemeInstanceURL

type LocationSchemeInstanceURL struct {
	SerdesForm *serdes.LocationURL
	// contains filtered or unexported fields
}

func (*LocationSchemeInstanceURL) CanonicalForm

func (ls *LocationSchemeInstanceURL) CanonicalForm() *asn1.External

func (*LocationSchemeInstanceURL) Equal

func (*LocationSchemeInstanceURL) IdHash

func (ls *LocationSchemeInstanceURL) IdHash() [32]byte

func (*LocationSchemeInstanceURL) Supported

func (ls *LocationSchemeInstanceURL) Supported() bool

type LookupFromFilter

type LookupFromFilter struct {
	Valid     *bool
	Namespace []byte
	GlobalNS  *bool
}

type LookupFromResult

type LookupFromResult struct {
	Attestation *Attestation
	Err         error
}

type LowLevelStorage

type LowLevelStorage interface {
	//If the key does not exist, return nil value and nil err
	Load(ctx context.Context, key string) (val []byte, err error)
	//For both of these functions, you either have to fully consume the value channel,
	//or cancel the context.
	LoadPrefix(ctx context.Context, key string) (results chan KeyValue, err chan error)
	//Values will be nil
	LoadPrefixKeys(ctx context.Context, key string) (results chan KeyValue, err chan error)
	Store(ctx context.Context, key string, val []byte) (err error)
	//Removes key, no error if it does not exist
	Remove(ctx context.Context, key string) (err error)
}

type NameDeclaration added in v0.2.0

type NameDeclaration struct {
	CanonicalForm    *serdes.WaveNameDeclaration
	DecryptedBody    *serdes.NameDeclarationBody
	Attester         HashSchemeInstance
	AttesterLocation LocationSchemeInstance
	Subject          HashSchemeInstance
	SubjectLocation  LocationSchemeInstance
	Name             string
	Revocations      []RevocationSchemeInstance
	WR1Extra         *WR1Extra
}

func (*NameDeclaration) ArrayKeccak256 added in v0.2.0

func (nd *NameDeclaration) ArrayKeccak256() [32]byte

func (*NameDeclaration) DER added in v0.2.0

func (nd *NameDeclaration) DER() ([]byte, wve.WVE)

func (*NameDeclaration) Decoded added in v0.2.0

func (nd *NameDeclaration) Decoded() bool

func (*NameDeclaration) Hash added in v0.2.0

func (*NameDeclaration) IsNameValid added in v0.2.0

func (nd *NameDeclaration) IsNameValid() bool

func (*NameDeclaration) Keccak256 added in v0.2.0

func (nd *NameDeclaration) Keccak256() []byte

func (*NameDeclaration) Keccak256HI added in v0.2.0

func (nd *NameDeclaration) Keccak256HI() HashSchemeInstance

func (*NameDeclaration) SetCanonicalForm added in v0.2.0

func (nd *NameDeclaration) SetCanonicalForm(cf *serdes.WaveNameDeclaration) wve.WVE

func (*NameDeclaration) SetDecryptedBody added in v0.2.0

func (nd *NameDeclaration) SetDecryptedBody(db *serdes.NameDeclarationBody) wve.WVE

type OuterSignatureBindingScheme

type OuterSignatureBindingScheme interface {
	Scheme
	VerifyBinding(ctx context.Context, att *Attestation, attester *Entity) wve.WVE
}

func OuterSignatureBindingSchemeFor

func OuterSignatureBindingSchemeFor(e *asn1.External) OuterSignatureBindingScheme

type OuterSignatureBindingScheme_SignedOuterKey

type OuterSignatureBindingScheme_SignedOuterKey struct {
}

func (*OuterSignatureBindingScheme_SignedOuterKey) Supported

func (*OuterSignatureBindingScheme_SignedOuterKey) VerifyBinding

func (sbs *OuterSignatureBindingScheme_SignedOuterKey) VerifyBinding(ctx context.Context, att *Attestation, attester *Entity) wve.WVE

type OuterSignatureScheme

type OuterSignatureScheme interface {
	Scheme
	VerifySignature(ctx context.Context, canonicalForm *serdes.WaveAttestation) wve.WVE
}

func OuterSignatureSchemeFor

func OuterSignatureSchemeFor(e *asn1.External) OuterSignatureScheme

type OuterSignatureScheme_EphemeralEd25519

type OuterSignatureScheme_EphemeralEd25519 struct {
}

func (*OuterSignatureScheme_EphemeralEd25519) Supported

func (*OuterSignatureScheme_EphemeralEd25519) VerifySignature

func (os *OuterSignatureScheme_EphemeralEd25519) VerifySignature(ctx context.Context, canonicalForm *serdes.WaveAttestation) wve.WVE

type PCompactProof added in v0.2.1

type PCompactProof struct {
	DER []byte
}

type PCreateAttestation

type PCreateAttestation struct {
	Policy            PolicySchemeInstance
	HashScheme        HashScheme
	BodyScheme        AttestationBodyScheme
	EncryptionContext BodyEncryptionContext

	Attester         *EntitySecrets
	AttesterLocation LocationSchemeInstance

	Subject         *Entity
	SubjectLocation LocationSchemeInstance

	//If not specified, defaults to Now
	ValidFrom *time.Time
	//If not specified defaults to Now+30 days
	ValidUntil *time.Time
}

type PCreateNameDeclaration added in v0.2.0

type PCreateNameDeclaration struct {
	Attester         *EntitySecrets
	AttesterLocation LocationSchemeInstance
	Subject          *Entity
	SubjectLocation  LocationSchemeInstance
	Name             string

	//If not specified, defaults to Now
	ValidFrom *time.Time
	//If not specified defaults to Now+5 years
	ValidUntil *time.Time

	//If present, an encrypted declaration will be made
	Namespace         *Entity
	NamespaceLocation LocationSchemeInstance
	Partition         [][]byte
}

type PDecryptMessage added in v0.2.0

type PDecryptMessage struct {
	Decryptor  *EntitySecrets
	Ciphertext []byte
	Dctx       WR1MessageDecryptionContext
}

type PEncryptMessage added in v0.2.0

type PEncryptMessage struct {
	//Direct encryption key
	Subject *Entity
	//OAQUE encryption
	Namespace         *Entity
	NamespaceLocation LocationSchemeInstance
	Resource          string
	ValidAfter        *time.Time
	ValidBefore       *time.Time
	Content           []byte
}

type PNewEntity

type PNewEntity struct {
	//If not specified, defaults to Now
	ValidFrom *time.Time
	//If not specified defaults to Now+30 days
	ValidUntil                   *time.Time
	CommitmentRevocationLocation LocationSchemeInstance
	Passphrase                   *string
}

type PParseAttestation

type PParseAttestation struct {
	//Either specify DER or specify Attestation (to further decrypt a partially
	//decrypted DOT)
	DER               []byte
	Attestation       *Attestation
	DecryptionContext BodyDecryptionContext
}

type PParseEntity

type PParseEntity struct {
	DER []byte
}

type PParseEntitySecrets

type PParseEntitySecrets struct {
	DER        []byte
	Passphrase *string
}

type PParseNameDeclaration added in v0.2.0

type PParseNameDeclaration struct {
	DER             []byte
	NameDeclaration *NameDeclaration
	Dctx            WR1NameDeclarationDecryptionContext
}

type PSKBodyDecryptionContext

type PSKBodyDecryptionContext interface {
	GetDecryptPSK(ctx context.Context, dst HashScheme, public EntityKeySchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
}

type PSKBodyEncryptionContext

type PSKBodyEncryptionContext interface {
	GetEncryptPSK(ctx context.Context, body *serdes.WaveAttestation, onResult func(k EntitySecretKeySchemeInstance) bool) error
}

type PSKBodyScheme

type PSKBodyScheme struct {
	CanonicalForm *asn1.External
}

func (*PSKBodyScheme) DecryptBody

func (psk *PSKBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation) (decodedForm *serdes.AttestationBody, extra interface{}, err error)

func (*PSKBodyScheme) EncryptBody

func (psk *PSKBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, intermediateForm *serdes.WaveAttestation) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)

func (*PSKBodyScheme) Supported

func (psk *PSKBodyScheme) Supported() bool

type PSKExtra

type PSKExtra struct {
	VerifierBodyKey []byte
}

type PVerifyRTreeProof

type PVerifyRTreeProof struct {
	DER  []byte
	VCtx VerificationContext
}

type PVerifySignature added in v0.2.1

type PVerifySignature struct {
	DER            []byte
	Content        []byte
	Signer         HashSchemeInstance
	SignerLocation LocationSchemeInstance
	VCtx           VerificationContext
}

type PendingAttestation

type PendingAttestation struct {
	Err         error
	Attestation *Attestation
	Keccak256   []byte
	//Only for pending without partition
	LabelKeyIndex *int
}

type PendingNameDeclaration added in v0.2.0

type PendingNameDeclaration struct {
	Err             error
	NameDeclaration *NameDeclaration
	Keccak256       []byte
	LabelKeyIndex   *int
}

type PlaintextBodyScheme

type PlaintextBodyScheme struct {
}

func NewPlaintextBodyScheme

func NewPlaintextBodyScheme() *PlaintextBodyScheme

func (*PlaintextBodyScheme) DecryptBody

func (pt *PlaintextBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation, inextra interface{}) (decodedForm *serdes.AttestationBody, extra interface{}, err error)

func (*PlaintextBodyScheme) EncryptBody

func (pt *PlaintextBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, attester *EntitySecrets, subject *Entity, intermediateForm *serdes.WaveAttestation, policy PolicySchemeInstance) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)

func (*PlaintextBodyScheme) Supported

func (pt *PlaintextBodyScheme) Supported() bool

type PolicyAddendumSchemeInstance

type PolicyAddendumSchemeInstance interface {
	Scheme
}

type PolicySchemeInstance

type PolicySchemeInstance interface {
	Scheme
	CanonicalForm() *asn1.External
	//These are required for WR1 support
	WR1DomainEntity() HashSchemeInstance
	//The first 12 elements used in the final partition
	WR1PartitionPrefix(e2ee bool) [][]byte
	CheckValid() error
}

func PolicySchemeInstanceFor

func PolicySchemeInstanceFor(e *asn1.External) (PolicySchemeInstance, error)

type RCompactProof added in v0.2.1

type RCompactProof struct {
	DER []byte
}

func CompactProof added in v0.2.1

func CompactProof(ctx context.Context, p *PCompactProof) (*RCompactProof, wve.WVE)

type RCreateAttestation

type RCreateAttestation struct {
	DER         []byte
	VerifierKey []byte
	ProverKey   []byte
}

func CreateAttestation

func CreateAttestation(ctx context.Context, p *PCreateAttestation) (*RCreateAttestation, wve.WVE)

type RCreateNameDeclaration added in v0.2.0

type RCreateNameDeclaration struct {
	NameDeclaration *NameDeclaration
	DER             []byte
}

func CreateNameDeclaration added in v0.2.0

func CreateNameDeclaration(ctx context.Context, p *PCreateNameDeclaration) (*RCreateNameDeclaration, wve.WVE)

type RDecryptMessage added in v0.2.0

type RDecryptMessage struct {
	Content []byte
}

func DecryptMessage added in v0.2.0

func DecryptMessage(ctx context.Context, p *PDecryptMessage) (*RDecryptMessage, wve.WVE)

type REncryptMessage added in v0.2.0

type REncryptMessage struct {
	Ciphertext []byte
}

func EncryptMessage added in v0.2.0

func EncryptMessage(ctx context.Context, p *PEncryptMessage) (*REncryptMessage, wve.WVE)

type RNewEntity

type RNewEntity struct {
	PublicDER []byte
	SecretDER []byte
}

func NewEntity

func NewEntity(ctx context.Context, p *PNewEntity) (*RNewEntity, wve.WVE)

Creates a new WR1 entity object and returns the public and secret canonical representations

type RParseAttestation

type RParseAttestation struct {
	Attestation *Attestation
	IsMalformed bool
	ExtraInfo   interface{}
}

func NewParsedAttestation

func NewParsedAttestation(ctx context.Context, p *PCreateAttestation) (*RParseAttestation, wve.WVE)

This is obviously of limited use, only an Att with no encryption will fully parse

func ParseAttestation

func ParseAttestation(ctx context.Context, p *PParseAttestation) (*RParseAttestation, wve.WVE)

type RParseEntity

type RParseEntity struct {
	Entity *Entity
}

func ParseEntity

func ParseEntity(ctx context.Context, p *PParseEntity) (*RParseEntity, wve.WVE)

type RParseEntitySecrets

type RParseEntitySecrets struct {
	Entity        *Entity
	EntitySecrets *EntitySecrets
}

func NewParsedEntitySecrets

func NewParsedEntitySecrets(ctx context.Context, p *PNewEntity) (*RParseEntitySecrets, wve.WVE)

type RParseNameDeclaration added in v0.2.0

type RParseNameDeclaration struct {
	Result      *NameDeclaration
	IsMalformed bool
}

func ParseNameDeclaration added in v0.2.0

func ParseNameDeclaration(ctx context.Context, p *PParseNameDeclaration) (*RParseNameDeclaration, wve.WVE)

type RTreePolicy

type RTreePolicy struct {
	SerdesForm    serdes.RTreePolicy
	VisibilityURI [][]byte
}

func NewRTreePolicyScheme

func NewRTreePolicyScheme(policy serdes.RTreePolicy, visuri [][]byte) (*RTreePolicy, error)

func (*RTreePolicy) CanonicalForm

func (ps *RTreePolicy) CanonicalForm() *asn1.External

func (*RTreePolicy) CheckValid

func (ps *RTreePolicy) CheckValid() error

This is only valid for attestation policies not derived policies from intersections

func (*RTreePolicy) Intersect

func (lhs *RTreePolicy) Intersect(rhs *RTreePolicy) (result *RTreePolicy, okay bool, message string, err error)

The intersection of two RTreePolicies is the set of permissions that they would grant if they appeared in succession in an attestation chain This function does not check indirections This function assumes the policy has been checked

func (*RTreePolicy) IsSubsetOf

func (lhs *RTreePolicy) IsSubsetOf(superset *RTreePolicy) bool

func (*RTreePolicy) Supported

func (ps *RTreePolicy) Supported() bool

func (*RTreePolicy) Union

func (lhs *RTreePolicy) Union(rhs *RTreePolicy) (result *RTreePolicy, okay bool, message string, err error)

func (*RTreePolicy) WR1DomainEntity

func (ps *RTreePolicy) WR1DomainEntity() HashSchemeInstance

func (*RTreePolicy) WR1PartitionPrefix added in v0.2.0

func (ps *RTreePolicy) WR1PartitionPrefix(e2ee bool) [][]byte

type RVerifyRTreeProof

type RVerifyRTreeProof struct {
	Policy          *RTreePolicy
	Expires         time.Time
	Attestations    []*Attestation
	Paths           [][]int
	Subject         HashSchemeInstance
	SubjectLocation LocationSchemeInstance
}

func VerifyRTreeProof

func VerifyRTreeProof(ctx context.Context, p *PVerifyRTreeProof) (*RVerifyRTreeProof, wve.WVE)

type RVerifySignature added in v0.2.1

type RVerifySignature struct {
	Okay bool
}

func VerifySignature added in v0.2.1

func VerifySignature(ctx context.Context, p *PVerifySignature) (*RVerifySignature, wve.WVE)

type ResolveResult added in v0.2.0

type ResolveResult struct {
	NameDeclaration *NameDeclaration
	Err             error
}

type RevocationSchemeInstance added in v0.2.1

type RevocationSchemeInstance interface {
	Scheme
	CanonicalForm() serdes.RevocationOption
	IsRevoked(ctx context.Context, s StorageInterface) (bool, wve.WVE)
	Critical() bool
	Id() string
}

func RevocationSchemeInstanceFor added in v0.2.1

func RevocationSchemeInstanceFor(op *serdes.RevocationOption) RevocationSchemeInstance

type Scheme

type Scheme interface {
	Supported() bool
}

type SlottedSecretKey

type SlottedSecretKey interface {
	EntitySecretKeySchemeInstance
	Slots() [][]byte
	IdHash() [32]byte
}
var XXKey SlottedSecretKey

type State

type State struct {
	ValidActive bool
	Expired     bool
	Revoked     bool
	EntRevoked  bool
}

type StorageDriverCharacteristics

type StorageDriverCharacteristics struct {
	//In WAVE a perspective is a particular view of the global graph that
	//is defined by a perspective entity. If the storage provider requires
	//a distinct instantiation per perspective, set this to true. Regardless
	//of this setting, the perspective entity is available via
	//  ctx.Value(consts.PerspectiveKey).(*iapi.EntitySecrets)
	// default is False
	PerspectiveDependant *bool

	// When generating the default config file for the user,
	// what are the default config options
	DefaultConfiguration map[string]string

	// If there is no specific hash scheme (the provider is agnostic)
	// then leave this nil
	PreferredHashScheme HashScheme
}

type StorageDriverInterface

type StorageDriverInterface interface {

	//This will be called on a specific instantiation of the driver to
	//work out which storage requests to route its way
	Location(context.Context) LocationSchemeInstance

	//When constructing an attestation with a particular location in mind,
	//the entity hashes used within the attestation should match the scheme of
	//the storage. This method enables the engine to know the hash in advance
	PreferredHashScheme() HashScheme

	//Given a set of key/value options from the user's configuration file,
	//create an instance of this storage driver. Initialize will be called
	//on an empty struct instance (e.g (&MyStorage{}).Initialize(cfg))
	Initialize(ctx context.Context, name string, config map[string]string) error

	//Retrieve the status of this storage driver (ready for use etc)
	//You should only return an error on context timeout, any other
	//error is probably indicative of an non-operational status and should be
	//returned as such
	Status(ctx context.Context) (operational bool, info map[string]string, err error)

	//Put the given object into storage. This does not queue any notifications
	//It should return the Hash of the object using the providers preferred
	//hash scheme. It should only return when the object
	Put(ctx context.Context, content []byte) (HashSchemeInstance, error)

	//Get the given object from storage. A nonexistant object should return
	//ErrObjectNotFound.
	Get(ctx context.Context, hash HashSchemeInstance) (content []byte, err error)

	//Place the given object into the given queue.
	Enqueue(ctx context.Context, queueId HashSchemeInstance, object HashSchemeInstance) error

	//Iterate over the given queue. Returns nil, "", ErrNoMore if there are no more
	//entries. Must accept "" as iteratorToken to mean the first entry
	IterateQueue(ctx context.Context, queueId HashSchemeInstance, iteratorToken string) (object HashSchemeInstance, nextToken string, err error)
}

type StorageDriverStatus

type StorageDriverStatus struct {
	Operational bool
	Info        map[string]string
}

type StorageInterface

type StorageInterface interface {
	PutBlob(ctx context.Context, loc LocationSchemeInstance, content []byte) (HashSchemeInstance, error)
	GetBlob(ctx context.Context, loc LocationSchemeInstance, hash HashSchemeInstance) ([]byte, error)
	GetEntity(ctx context.Context, loc LocationSchemeInstance, hash HashSchemeInstance) (*Entity, error)
	PutEntity(ctx context.Context, loc LocationSchemeInstance, ent *Entity) (HashSchemeInstance, error)
	GetAttestation(ctx context.Context, loc LocationSchemeInstance, hash HashSchemeInstance) (*Attestation, error)
	GetAttestationOrDeclaration(ctx context.Context, loc LocationSchemeInstance, hash HashSchemeInstance) (*GetResult, error)
	PutNameDeclaration(ctx context.Context, loc LocationSchemeInstance, nd *NameDeclaration) (HashSchemeInstance, error)
	PutAttestation(ctx context.Context, loc LocationSchemeInstance, att *Attestation) (HashSchemeInstance, error)
	IterateQeueue(ctx context.Context, loc LocationSchemeInstance, queueId HashSchemeInstance, token string) (object HashSchemeInstance, nextToken string, err error)
	Enqueue(ctx context.Context, loc LocationSchemeInstance, queueId HashSchemeInstance, object HashSchemeInstance) error
	HashSchemeFor(loc LocationSchemeInstance) (HashScheme, error)
	Status(ctx context.Context) (map[string]StorageDriverStatus, error)
	RegisteredLocations(ctx context.Context) (map[string]LocationSchemeInstance, error)
	DefaultLocation(ctx context.Context) LocationSchemeInstance
	LocationByName(ctx context.Context, name string) (LocationSchemeInstance, error)
}

func SI

func SI() StorageInterface

type TrustLevelPolicy

type TrustLevelPolicy struct {
	SerdesForm asn1.External
	Trust      int
}

func NewTrustLevelPolicy

func NewTrustLevelPolicy(trust int) (*TrustLevelPolicy, error)

func (*TrustLevelPolicy) CanonicalForm

func (ps *TrustLevelPolicy) CanonicalForm() *asn1.External

func (*TrustLevelPolicy) CheckValid added in v0.2.1

func (ps *TrustLevelPolicy) CheckValid() error

func (*TrustLevelPolicy) Supported

func (ps *TrustLevelPolicy) Supported() bool

func (*TrustLevelPolicy) WR1DomainEntity

func (ps *TrustLevelPolicy) WR1DomainEntity() HashSchemeInstance

func (*TrustLevelPolicy) WR1PartitionPrefix added in v0.2.0

func (ps *TrustLevelPolicy) WR1PartitionPrefix(bool) [][]byte

type UnsupportedBodyScheme

type UnsupportedBodyScheme struct {
}

func (*UnsupportedBodyScheme) DecryptBody

func (u *UnsupportedBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation, inextra interface{}) (decodedForm *serdes.AttestationBody, extra interface{}, err error)

func (*UnsupportedBodyScheme) EncryptBody

func (u *UnsupportedBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, attester *EntitySecrets, subject *Entity, intermediateForm *serdes.WaveAttestation, policy PolicySchemeInstance) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)

func (*UnsupportedBodyScheme) Supported

func (u *UnsupportedBodyScheme) Supported() bool

type UnsupportedHashScheme

type UnsupportedHashScheme struct{}

func (*UnsupportedHashScheme) Instance

func (hs *UnsupportedHashScheme) Instance(input []byte) HashSchemeInstance

func (*UnsupportedHashScheme) OID

func (*UnsupportedHashScheme) Supported

func (hs *UnsupportedHashScheme) Supported() bool

type UnsupportedHashSchemeInstance

type UnsupportedHashSchemeInstance struct{}

func (*UnsupportedHashSchemeInstance) CanonicalForm

func (hs *UnsupportedHashSchemeInstance) CanonicalForm() *asn1.External

func (*UnsupportedHashSchemeInstance) Multihash

func (hs *UnsupportedHashSchemeInstance) Multihash() []byte

func (*UnsupportedHashSchemeInstance) MultihashString

func (hs *UnsupportedHashSchemeInstance) MultihashString() string

func (*UnsupportedHashSchemeInstance) OID

func (*UnsupportedHashSchemeInstance) Supported

func (hs *UnsupportedHashSchemeInstance) Supported() bool

func (*UnsupportedHashSchemeInstance) Value

func (hs *UnsupportedHashSchemeInstance) Value() []byte

type UnsupportedKeyScheme

type UnsupportedKeyScheme struct {
	SerdesForm *serdes.EntityPublicKey
}

func (*UnsupportedKeyScheme) CanonicalForm

func (k *UnsupportedKeyScheme) CanonicalForm() *serdes.EntityPublicKey

func (*UnsupportedKeyScheme) EncryptMessage

func (k *UnsupportedKeyScheme) EncryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)

func (*UnsupportedKeyScheme) GenerateChildKey

func (k *UnsupportedKeyScheme) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)

func (*UnsupportedKeyScheme) HasCapability

func (k *UnsupportedKeyScheme) HasCapability(c Capability) bool

func (*UnsupportedKeyScheme) IdentifyingBlob

func (k *UnsupportedKeyScheme) IdentifyingBlob(ctx context.Context) (string, error)

func (*UnsupportedKeyScheme) Supported

func (k *UnsupportedKeyScheme) Supported() bool

func (*UnsupportedKeyScheme) SystemIdentifyingBlob added in v0.2.1

func (k *UnsupportedKeyScheme) SystemIdentifyingBlob(ctx context.Context) (string, error)

func (*UnsupportedKeyScheme) VerifyAttestation

func (k *UnsupportedKeyScheme) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error

func (*UnsupportedKeyScheme) VerifyCertify

func (k *UnsupportedKeyScheme) VerifyCertify(ctx context.Context, data []byte, signature []byte) error

func (*UnsupportedKeyScheme) VerifyMessage

func (k *UnsupportedKeyScheme) VerifyMessage(ctx context.Context, data []byte, signature []byte) error

type UnsupportedKeyringScheme

type UnsupportedKeyringScheme struct {
}

func (*UnsupportedKeyringScheme) DecryptKeyring

func (kr *UnsupportedKeyringScheme) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)

func (*UnsupportedKeyringScheme) EncryptKeyring

func (kr *UnsupportedKeyringScheme) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)

func (*UnsupportedKeyringScheme) Supported

func (kr *UnsupportedKeyringScheme) Supported() bool

type UnsupportedLocationSchemeInstance

type UnsupportedLocationSchemeInstance struct {
}

func (*UnsupportedLocationSchemeInstance) CanonicalForm

func (ls *UnsupportedLocationSchemeInstance) CanonicalForm() *asn1.External

func (*UnsupportedLocationSchemeInstance) Equal

func (*UnsupportedLocationSchemeInstance) IdHash

func (ls *UnsupportedLocationSchemeInstance) IdHash() [32]byte

func (*UnsupportedLocationSchemeInstance) Supported

func (ls *UnsupportedLocationSchemeInstance) Supported() bool

type UnsupportedOuterSignatureBindingScheme

type UnsupportedOuterSignatureBindingScheme struct {
}

func (*UnsupportedOuterSignatureBindingScheme) Supported

func (*UnsupportedOuterSignatureBindingScheme) VerifyBinding

func (sbs *UnsupportedOuterSignatureBindingScheme) VerifyBinding(ctx context.Context, att *Attestation, attester *Entity) wve.WVE

type UnsupportedOuterSignatureScheme

type UnsupportedOuterSignatureScheme struct {
}

func (*UnsupportedOuterSignatureScheme) Supported

func (os *UnsupportedOuterSignatureScheme) Supported() bool

func (*UnsupportedOuterSignatureScheme) VerifySignature

func (os *UnsupportedOuterSignatureScheme) VerifySignature(ctx context.Context, canonicalForm *serdes.WaveAttestation) wve.WVE

type UnsupportedPolicySchemeInstance

type UnsupportedPolicySchemeInstance struct {
	SerdesForm asn1.External
}

func (*UnsupportedPolicySchemeInstance) CanonicalForm

func (ps *UnsupportedPolicySchemeInstance) CanonicalForm() *asn1.External

func (*UnsupportedPolicySchemeInstance) CheckValid added in v0.2.1

func (ps *UnsupportedPolicySchemeInstance) CheckValid() error

func (*UnsupportedPolicySchemeInstance) Supported

func (ps *UnsupportedPolicySchemeInstance) Supported() bool

func (*UnsupportedPolicySchemeInstance) WR1DomainEntity

func (*UnsupportedPolicySchemeInstance) WR1PartitionPrefix added in v0.2.0

func (ps *UnsupportedPolicySchemeInstance) WR1PartitionPrefix(bool) [][]byte

type UnsupportedRevocationSchemeInstance added in v0.2.1

type UnsupportedRevocationSchemeInstance struct {
	SerdesForm *serdes.RevocationOption
}

func (*UnsupportedRevocationSchemeInstance) CanonicalForm added in v0.2.1

func (*UnsupportedRevocationSchemeInstance) Critical added in v0.2.1

func (*UnsupportedRevocationSchemeInstance) Id added in v0.2.1

func (*UnsupportedRevocationSchemeInstance) IsRevoked added in v0.2.1

func (*UnsupportedRevocationSchemeInstance) Supported added in v0.2.1

func (rs *UnsupportedRevocationSchemeInstance) Supported() bool

type UnsupportedSecretKeyScheme

type UnsupportedSecretKeyScheme struct {
	SerdesForm *serdes.EntityKeyringEntry
}

func (*UnsupportedSecretKeyScheme) CanonicalForm

func (*UnsupportedSecretKeyScheme) DecryptMessage

func (k *UnsupportedSecretKeyScheme) DecryptMessage(ctx context.Context, data []byte) ([]byte, error)

func (*UnsupportedSecretKeyScheme) DecryptMessageAsChild

func (k *UnsupportedSecretKeyScheme) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)

func (*UnsupportedSecretKeyScheme) Equal

func (*UnsupportedSecretKeyScheme) GenerateChildSecretKey

func (k *UnsupportedSecretKeyScheme) GenerateChildSecretKey(ctx context.Context, identity interface{}, delegable bool) (EntitySecretKeySchemeInstance, error)

func (*UnsupportedSecretKeyScheme) HasCapability

func (ek *UnsupportedSecretKeyScheme) HasCapability(c Capability) bool

func (*UnsupportedSecretKeyScheme) Public

func (*UnsupportedSecretKeyScheme) SecretCanonicalForm

func (k *UnsupportedSecretKeyScheme) SecretCanonicalForm() *serdes.EntityKeyringEntry

func (*UnsupportedSecretKeyScheme) SignAttestation

func (k *UnsupportedSecretKeyScheme) SignAttestation(ctx context.Context, content []byte) ([]byte, error)

func (*UnsupportedSecretKeyScheme) SignCertify

func (k *UnsupportedSecretKeyScheme) SignCertify(ctx context.Context, content []byte) ([]byte, error)

func (*UnsupportedSecretKeyScheme) SignMessage

func (k *UnsupportedSecretKeyScheme) SignMessage(ctx context.Context, content []byte) ([]byte, error)

func (*UnsupportedSecretKeyScheme) Supported

func (ek *UnsupportedSecretKeyScheme) Supported() bool

type VerificationContext added in v0.2.1

type VerificationContext interface {
	EntityByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE)
	AttestationByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Attestation, wve.WVE)
}

type WR1BodyEncryptionContext added in v0.2.1

type WR1BodyEncryptionContext interface {
	BodyEncryptionContext
	WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, delegable bool, slots [][]byte, onResult func(k SlottedSecretKey) bool) error
	WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
	WR1EntityFromHash(ctx context.Context, hash HashSchemeInstance, loc LocationSchemeInstance) (*Entity, error)
}

type WR1BodyScheme

type WR1BodyScheme struct {
}

func (*WR1BodyScheme) DecryptBody

func (w *WR1BodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation, inextra interface{}) (decodedForm *serdes.AttestationBody, extra interface{}, err error)

func (*WR1BodyScheme) EncryptBody

func (w *WR1BodyScheme) EncryptBody(ctx context.Context, ecp BodyEncryptionContext, attester *EntitySecrets, subject *Entity, intermediateForm *serdes.WaveAttestation, policy PolicySchemeInstance) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)

func (*WR1BodyScheme) Supported

func (w *WR1BodyScheme) Supported() bool

type WR1DecryptionContext

type WR1DecryptionContext interface {
	WR1VerifierBodyKey(ctx context.Context) []byte
	WR1ProverBodyKey(ctx context.Context) []byte
	//WR1EntityFromHash(ctx context.Context, hash HashSchemeInstance, loc LocationSchemeInstance) (*Entity, error)
	WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, delegable bool, slots [][]byte, onResult func(k SlottedSecretKey) bool) error
	WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
	WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
	WR1AttesterDirectDecryptionKey(ctx context.Context, onResult func(k EntitySecretKeySchemeInstance) bool) error
}

wr1

type WR1Extra

type WR1Extra struct {
	Partition       [][]byte
	VerifierBodyKey []byte
	ProverBodyKey   []byte

	EnvelopeKey []byte
	//For NameDecl only
	Namespace         HashSchemeInstance
	NamespaceLocation LocationSchemeInstance
}

type WR1MessageDecryptionContext added in v0.2.0

type WR1MessageDecryptionContext interface {
	WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, delegable bool, slots [][]byte, onResult func(k SlottedSecretKey) bool) error
	WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
	WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
}

type WR1NameDeclarationDecryptionContext added in v0.2.0

type WR1NameDeclarationDecryptionContext interface {
	EntityByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE)
	WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, delegable bool, slots [][]byte, onResult func(k SlottedSecretKey) bool) error
	WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
	WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
}

type WaveState

type WaveState interface {

	//Set the last checked time for the given revocation option id
	AddRevocationCheck(ctx context.Context, id string, ts int64) error
	//Get the last checked time for the given revocation id, if available
	GetRevocationCheck(ctx context.Context, id string) (*int64, error)

	//This is idempotent, an entity in any state other than unknown will
	//be ignored by this function
	MoveEntityInterestingP(ctx context.Context, ent *Entity, loc LocationSchemeInstance) error
	//This does not return revoked or expired entities, even though the
	//function above considers them "interesting"
	GetInterestingEntitiesP(ctx context.Context) chan InterestingEntityResult
	IsEntityInterestingP(ctx context.Context, hash HashSchemeInstance) (bool, error)

	//TODO ensure channel stops if context is cancelled
	LocationsForEntity(ctx context.Context, ent *Entity) ([]LocationSchemeInstance, error)

	//This is a key that decrypts the partition label (WR1 uses IBE)
	GetPartitionLabelKeyP(ctx context.Context, subject HashSchemeInstance, index int) (EntitySecretKeySchemeInstance, error)
	InsertPartitionLabelKeyP(ctx context.Context, attester HashSchemeInstance, key EntitySecretKeySchemeInstance) (new bool, err error)

	//Return true from callback to continue iterating
	WR1KeysForP(ctx context.Context, subject HashSchemeInstance, slots [][]byte, onResult func(k SlottedSecretKey) bool) error
	//TODO this must be idempotenty, like don't add in a secret if we have a more
	//powerful one already
	InsertWR1KeysForP(ctx context.Context, attester HashSchemeInstance, k SlottedSecretKey) error

	MoveAttestationPendingP(ctx context.Context, at *Attestation, labelKeyIndex int) error
	//Assume dot already inserted into pending, but update the labelKeyIndex
	UpdateAttestationPendingP(ctx context.Context, at *Attestation, labelKeyIndex int) error
	MoveAttestationLabelledP(ctx context.Context, at *Attestation) error
	MoveAttestationActiveP(ctx context.Context, at *Attestation) error
	MoveAttestationExpiredP(ctx context.Context, at *Attestation) error
	MoveAttestationEntRevokedP(ctx context.Context, at *Attestation) error
	MoveAttestationMalformedP(ctx context.Context, HashSchemeInstance HashSchemeInstance) error
	GetLabelledAttestationsP(ctx context.Context, subject HashSchemeInstance, partition [][]byte) chan PendingAttestation
	//If possible, only return pending dots with a secret index less than siLT
	GetPendingAttestationsP(ctx context.Context, subject HashSchemeInstance, lkiLT int) chan PendingAttestation

	//Like attestations, but for namedecl
	MoveNameDeclarationPendingP(ctx context.Context, nd *NameDeclaration, labelKeyIndex int) error
	//Assume dot already inserted into pending, but update the labelKeyIndex
	UpdateNameDeclarationPendingP(ctx context.Context, nd *NameDeclaration, labelKeyIndex int) error
	MoveNameDeclarationLabelledP(ctx context.Context, nd *NameDeclaration) error
	MoveNameDeclarationActiveP(ctx context.Context, nd *NameDeclaration) error
	MoveNameDeclarationExpiredP(ctx context.Context, nd *NameDeclaration) error
	MoveNameDeclarationMalformedP(ctx context.Context, HashSchemeInstance HashSchemeInstance) error
	GetLabelledNameDeclarationsP(ctx context.Context, namespace HashSchemeInstance, partition [][]byte) chan PendingNameDeclaration
	//If possible, only return pending dots with a secret index less than siLT
	GetPendingNameDeclarationP(ctx context.Context, namespace HashSchemeInstance, lkiLT int) chan PendingNameDeclaration
	MoveNameDeclarationRevokedP(ctx context.Context, nd *NameDeclaration) error

	//Interact with active namedecls
	//Results should be sorted with the latest start date appearing first
	ResolveNameDeclarationsP(ctx context.Context, attester HashSchemeInstance, name string) chan ResolveResult
	ResolveReverseName(ctx context.Context, hi HashSchemeInstance) (name string, err error)
	InsertReverseName(ctx context.Context, name string, hi HashSchemeInstance) (err error)
	GetNameDeclarationP(ctx context.Context, hi HashSchemeInstance) (nd *NameDeclaration, err error)

	GetEntityPartitionLabelKeyIndexP(ctx context.Context, entHashSchemeInstance HashSchemeInstance) (bool, int, error)
	GetAttestationP(ctx context.Context, HashSchemeInstance HashSchemeInstance) (at *Attestation, s *State, err error)
	GetActiveAttestationsFromP(ctx context.Context, attester HashSchemeInstance, filter *LookupFromFilter) chan LookupFromResult
	GetActiveAttestationsToP(ctx context.Context, subject HashSchemeInstance, filter *LookupFromFilter) chan LookupFromResult
	GetEntityQueueTokenP(ctx context.Context, loc LocationSchemeInstance, hsh HashSchemeInstance) (okay bool, token string, err error)
	SetEntityQueueTokenP(ctx context.Context, loc LocationSchemeInstance, hsh HashSchemeInstance, token string) error

	//Global (non perspective) functions
	MoveEntityRevokedG(ctx context.Context, ent *Entity) error
	MoveEntityExpiredG(ctx context.Context, ent *Entity) error
	MoveAttestationRevokedG(ctx context.Context, at *Attestation) error

	//This only returns entities we happen to have because they were interesting
	//to someone, so the caller must handle a nil,nil result and go hit the chain
	GetEntityByHashSchemeInstanceP(ctx context.Context, hsh HashSchemeInstance) (*Entity, *State, error)

	GetEntityByHashSchemeInstanceG(ctx context.Context, hsh HashSchemeInstance) (*Entity, error)

	InsertGlobalEntity(ctx context.Context, e *Entity) error
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL