client

package

v0.0.0-...-a1a22e4 Latest Latest Go to latest Published: Feb 21, 2017 License: MPL-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jcjones/certificatetransparency

Links

Open Source Insights

Documentation ¶

Overview ¶

Package client is a CT log client implementation and contains types and code for interacting with RFC6962-compliant CT Log instances. See http://tools.ietf.org/html/rfc6962 for details

Index ¶

Constants
type GetEntriesResponse
type GetProofByHashResponse
type LeafEntry
type LogClient
- func New(uri string, hc *http.Client, opts jsonclient.Options) (*LogClient, error)

Constants ¶

View Source

const (
	AddChainPath          = "/ct/v1/add-chain"
	AddPreChainPath       = "/ct/v1/add-pre-chain"
	AddJSONPath           = "/ct/v1/add-json"
	GetSTHPath            = "/ct/v1/get-sth"
	GetEntriesPath        = "/ct/v1/get-entries"
	GetProofByHashPath    = "/ct/v1/get-proof-by-hash"
	GetSTHConsistencyPath = "/ct/v1/get-sth-consistency"
	GetRootsPath          = "/ct/v1/get-roots"
)

URI paths for CT Log endpoints

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type GetEntriesResponse ¶

type GetEntriesResponse struct {
	Entries []LeafEntry `json:"entries"` // the list of returned entries
}

GetEntriesResponse respresents the JSON response to the CT get-entries method.

type GetProofByHashResponse ¶

type GetProofByHashResponse struct {
	LeafIndex int64    `json:"leaf_index"` // The 0-based index of the end entity corresponding to the "hash" parameter.
	AuditPath [][]byte `json:"audit_path"` // An array of base64-encoded Merkle Tree nodes proving the inclusion of the chosen certificate.
}

GetProofByHashResponse represents the JSON response to the CT get-proof-by-hash method.

type LogClient ¶

type LogClient struct {
	jsonclient.JSONClient
}

LogClient represents a client for a given CT Log instance

func New ¶

func New(uri string, hc *http.Client, opts jsonclient.Options) (*LogClient, error)

New constructs a new LogClient instance. |uri| is the base URI of the CT log instance to interact with, e.g. http://ct.googleapis.com/pilot |hc| is the underlying client to be used for HTTP requests to the CT log. |opts| can be used to provide a customer logger interface and a public key for signature verification.

func (*LogClient) AddChain ¶

func (c *LogClient) AddChain(ctx context.Context, chain []ct.ASN1Cert) (*ct.SignedCertificateTimestamp, error)

AddChain adds the (DER represented) X509 |chain| to the log.

func (*LogClient) AddJSON ¶

func (c *LogClient) AddJSON(ctx context.Context, data interface{}) (*ct.SignedCertificateTimestamp, error)

AddJSON submits arbitrary data to to XJSON server.

func (*LogClient) AddPreChain ¶

func (c *LogClient) AddPreChain(ctx context.Context, chain []ct.ASN1Cert) (*ct.SignedCertificateTimestamp, error)

AddPreChain adds the (DER represented) Precertificate |chain| to the log.

func (*LogClient) GetAcceptedRoots ¶

func (c *LogClient) GetAcceptedRoots(ctx context.Context) ([]ct.ASN1Cert, error)

GetAcceptedRoots retrieves the set of acceptable root certificates for a log.

func (*LogClient) GetEntries ¶

func (c *LogClient) GetEntries(start, end int64) ([]ct.LogEntry, error)

GetEntries attempts to retrieve the entries in the sequence [|start|, |end|] from the CT log server. (see section 4.6.) Returns a slice of LeafInputs or a non-nil error.

func (*LogClient) GetProofByHash ¶

func (c *LogClient) GetProofByHash(ctx context.Context, hash []byte, treeSize uint64) (*GetProofByHashResponse, error)

GetProofByHash returns an audit path for the hash of an SCT.

func (*LogClient) GetRawEntries ¶

func (c *LogClient) GetRawEntries(ctx context.Context, start, end int64) (*GetEntriesResponse, error)

GetRawEntries exposes the /ct/v1/get-entries result with only the JSON parsing done.

func (*LogClient) GetSTH ¶

func (c *LogClient) GetSTH(ctx context.Context) (sth *ct.SignedTreeHead, err error)

GetSTH retrieves the current STH from the log. Returns a populated SignedTreeHead, or a non-nil error.

func (*LogClient) GetSTHConsistency ¶

func (c *LogClient) GetSTHConsistency(ctx context.Context, first, second uint64) ([][]byte, error)

GetSTHConsistency retrieves the consistency proof between two snapshots.

func (*LogClient) VerifySCTSignature ¶

func (c *LogClient) VerifySCTSignature(sct ct.SignedCertificateTimestamp, ctype ct.LogEntryType, certData []ct.ASN1Cert) error

VerifySCTSignature checks the signature in sct for the given LogEntryType, with associated certificate chain.

func (*LogClient) VerifySTHSignature ¶

func (c *LogClient) VerifySTHSignature(sth ct.SignedTreeHead) error

VerifySTHSignature checks the signature in sth, returning any error encountered or nil if verification is successful.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
ctclient

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL