Documentation ¶
Index ¶
- Constants
- Variables
- func NewVerifier(provider CryptoProvider) infra.Verifier
- type ASLocalRecurser
- type AuthRouter
- type BaseInserter
- type ChainID
- type ChainRead
- type ChainReq
- type ChainWrite
- type Config
- type CryptoProvider
- type DB
- type DBRead
- type DBWrite
- type DefaultInserter
- type DefaultInspector
- type DefaultRPC
- func (r DefaultRPC) GetCertChain(ctx context.Context, req ChainReq, a net.Addr) ([]byte, error)
- func (r DefaultRPC) GetTRC(ctx context.Context, req TRCReq, a net.Addr) ([]byte, error)
- func (r DefaultRPC) SendCertChain(ctx context.Context, chain []byte, a net.Addr) error
- func (r DefaultRPC) SendTRC(ctx context.Context, trc []byte, a net.Addr) error
- type DefaultResolver
- type ForwardingInserter
- type Inserter
- type Inspector
- type KeyInfo
- type KeyRing
- type LocalOnlyRecurser
- type LocalRouter
- type Messenger
- type Provider
- func (p Provider) AnnounceTRC(ctx context.Context, id TRCID, opts infra.TRCOpts) error
- func (p Provider) GetASKey(ctx context.Context, id ChainID, opts infra.ChainOpts) (scrypto.KeyMeta, error)
- func (p Provider) GetRawChain(ctx context.Context, id ChainID, opts infra.ChainOpts) ([]byte, error)
- func (p Provider) GetRawTRC(ctx context.Context, id TRCID, opts infra.TRCOpts) ([]byte, error)
- func (p Provider) GetTRC(ctx context.Context, id TRCID, opts infra.TRCOpts) (*trc.TRC, error)
- type RPC
- type ReadWrite
- type Recurser
- type Resolver
- type Router
- type Signer
- type SignerConf
- type SignerGen
- type Store
- func (s Store) LoadChains(ctx context.Context, dir string) error
- func (s Store) LoadCryptoMaterial(ctx context.Context, dir string) error
- func (s Store) LoadTRCs(ctx context.Context, dir string) error
- func (s Store) NewChainPushHandler(ia addr.IA) infra.Handler
- func (s Store) NewChainReqHandler(ia addr.IA) infra.Handler
- func (s Store) NewTRCPushHandler(ia addr.IA) infra.Handler
- func (s Store) NewTRCReqHandler(ia addr.IA) infra.Handler
- type TRCID
- type TRCInfo
- type TRCProviderFunc
- type TRCRead
- type TRCReq
- type TRCWrite
- type Transaction
Constants ¶
const AckNotFound string = "not found"
AckNotFound is sent as the error description if the crypto material is not found.
Variables ¶
var ( // ErrNotFound indicates that the queried value was not found in the database. ErrNotFound = serrors.New("not found") // ErrContentMismatch indicates that the crypto material exists with differing content. ErrContentMismatch = serrors.New("content does not match") )
var ( // ErrBaseNotSupported indicates base TRC insertion is not supported. ErrBaseNotSupported = serrors.New("inserting base TRC not supported") // ErrValidation indicates a validation error. ErrValidation = serrors.New("validation error") // ErrVerification indicates a verification error. ErrVerification = serrors.New("verification error") )
var ( // ErrResolveSuperseded indicates that the latest locally available TRC // supersedes the TRC to resolve. ErrResolveSuperseded = serrors.New("latest locally available is newer") // ErrInvalidResponse indicates an invalid response to an RPC call. ErrInvalidResponse = serrors.New("invalid RPC response") )
var ErrInactive = serrors.New("inactive")
ErrInactive indicates that the requested material is inactive.
var ErrRecursionNotAllowed = serrors.New("recursion not allowed")
ErrRecursionNotAllowed indicates that recursion is not allowed.
Functions ¶
func NewVerifier ¶ added in v0.5.0
func NewVerifier(provider CryptoProvider) infra.Verifier
NewVerifier returns a struct that verifies payloads signed with control-plane PKI certificates through infra.Verifier interface.
Types ¶
type ASLocalRecurser ¶ added in v0.5.0
ASLocalRecurser allows AS local addresses to start recursive requests.
func (ASLocalRecurser) AllowRecursion ¶ added in v0.5.0
func (r ASLocalRecurser) AllowRecursion(peer net.Addr) error
AllowRecursion returns an error if address is not part of the local AS (or if the check cannot be made).
type AuthRouter ¶ added in v0.5.0
AuthRouter routes requests for missing crypto material to the authoritative ASes of the appropriate ISD.
TODO(roosd): Add implementation of snet.Router that routes to authoritative AS.
func (AuthRouter) ChooseServer ¶ added in v0.5.0
ChooseServer builds a CS address for crypto with the subject in a given ISD.
- a local authoritative CS if subject is ISD-local.
- a local authoritative CS if subject is in remote ISD, but no active TRC is available.
- a remote authoritative CS otherwise.
type BaseInserter ¶ added in v0.5.0
type BaseInserter struct { DB ReadWrite // Unsafe allows inserts of base TRCs. This is used as a workaround until // TAAC support is implemented. Unsafe bool }
BaseInserter implements the common functionality of the inserters.
type ChainRead ¶ added in v0.5.0
type ChainRead interface { // GetRawChain returns the raw signed certificate chain bytes. If it is not // found, ErrNotFound is returned. GetRawChain(ctx context.Context, id ChainID) ([]byte, error) // ChainExists returns whether the certificate chain is found in the // database and the content matches. ErrContentMismatch is returned if any // of the two certificates exist in the database with differing contents. ChainExists(ctx context.Context, d decoded.Chain) (bool, error) }
ChainRead defines the certificate chain read operations.
type ChainWrite ¶ added in v0.5.0
type ChainWrite interface { // InsertChain inserts the certificate chain. The call returns true in the // first return value, if the certificate chain was inserted, or false if it // already existed and the contents matches. The second return value // indicates whether the issuer certificate was inserted, or it already // existed. ErrContentMismatch is returned if any of the two certificates // exist in the database with differing contents. InsertChain(ctx context.Context, d decoded.Chain) (bool, bool, error) }
ChainWrite defines the certificate chain write operations.
type Config ¶ added in v0.1.1
type Config struct { // MustHaveLocalChain states that chain requests for the trust store's own // IA must always return a valid chain. This is set to true on infra // services BS, CS, PS and false on others. MustHaveLocalChain bool // ServiceType is the type of the service that uses the store. ServiceType proto.ServiceType // Router is used to determine paths to other ASes. Router snet.Router // TopoProvider provides the local topology. TopoProvider topology.Provider }
type CryptoProvider ¶ added in v0.5.0
type CryptoProvider interface { // AnnounceTRC announces the existence of a TRC, it must be called before // verifying a signature based on a certificate chain to ensure the TRC in // the signature source is available to the CryptoProvider. AnnounceTRC(context.Context, TRCID, infra.TRCOpts) error // GetTRC asks the trust store to return a valid and active TRC for isd, // unless inactive TRCs are specifically allowed. The optionally configured // server is queried over the network if the TRC is not available locally. // Otherwise, the default server is queried. How the default server is // determined differs between implementations. GetTRC(context.Context, TRCID, infra.TRCOpts) (*trc.TRC, error) // GetRawTRC behaves the same as GetTRC, except returning the raw signed TRC. GetRawTRC(context.Context, TRCID, infra.TRCOpts) ([]byte, error) // GetRawChain asks the trust store to return a valid and active certificate // chain, unless inactive chains are specifically allowed. The optionally // configured server is queried over the network if the certificate chain is // not available locally. Otherwise, the default server is queried. How the // default server is determined differs between implementations. GetRawChain(context.Context, ChainID, infra.ChainOpts) ([]byte, error) // GetASKey returns from trust store the public key required to verify // signature originated from an AS. GetASKey(context.Context, ChainID, infra.ChainOpts) (scrypto.KeyMeta, error) }
CryptoProvider provides crypto material. A crypto provider can spawn network requests if necessary and permitted.
type DB ¶ added in v0.5.0
type DB interface { ReadWrite // BeginTransaction starts a transaction. BeginTransaction(ctx context.Context, opts *sql.TxOptions) (Transaction, error) db.LimitSetter io.Closer }
DB defines the interface a trust DB must implement.
type DBWrite ¶ added in v0.5.0
type DBWrite interface { TRCWrite ChainWrite }
DBWrite defines the write operations.
type DefaultInserter ¶ added in v0.5.0
type DefaultInserter struct {
BaseInserter
}
DefaultInserter is used to verify and insert trust material into the database.
func (DefaultInserter) InsertChain ¶ added in v0.5.0
func (ins DefaultInserter) InsertChain(ctx context.Context, chain decoded.Chain, trcProvider TRCProviderFunc) error
InsertChain verifies the signed certificate chain and inserts it into the database. The issuing TRC is queried through the provider function, when necessary.
func (DefaultInserter) InsertTRC ¶ added in v0.5.0
func (ins DefaultInserter) InsertTRC(ctx context.Context, decTRC decoded.TRC, trcProvider TRCProviderFunc) error
InsertTRC verifies the signed TRC and inserts it into the database. The previous TRC is queried through the provider function, when necessary.
type DefaultInspector ¶ added in v0.5.0
type DefaultInspector struct {
Provider CryptoProvider
}
DefaultInspector is used to inspect primary ASes.
func (DefaultInspector) ByAttributes ¶ added in v0.5.0
func (i DefaultInspector) ByAttributes(ctx context.Context, isd addr.ISD, opts infra.ASInspectorOpts) ([]addr.IA, error)
ByAttributes returns a list of primary ASes in the specified ISD that hold all the requested attributes.
func (DefaultInspector) HasAttributes ¶ added in v0.5.0
func (i DefaultInspector) HasAttributes(ctx context.Context, ia addr.IA, opts infra.ASInspectorOpts) (bool, error)
HasAttributes indicates whether an AS holds all the specified attributes. The first return value is always false for non-primary ASes.
type DefaultRPC ¶ added in v0.5.0
type DefaultRPC struct {
Msgr Messenger
}
DefaultRPC implements the RPC interface using the given messenger.
func (DefaultRPC) GetCertChain ¶ added in v0.5.0
func (DefaultRPC) SendCertChain ¶ added in v0.5.0
type DefaultResolver ¶ added in v0.5.0
DefaultResolver resolves trust material.
type ForwardingInserter ¶ added in v0.5.0
type ForwardingInserter struct { BaseInserter Router LocalRouter RPC RPC }
ForwardingInserter is an inserter that always forwards the trust material to the certificate server before inserting it into the database. Forwarding must be successful, otherwise the material is not inserted into the database.
func (ForwardingInserter) InsertChain ¶ added in v0.5.0
func (ins ForwardingInserter) InsertChain(ctx context.Context, chain decoded.Chain, trcProvider TRCProviderFunc) error
InsertChain verifies the signed certificate chain and inserts it into the database. The issuing TRC is queried through the provider function, when necessary. Before insertion, the certificate chain is forwarded to the certificate server. If the certificate server does not successfully handle the certificate chain, the insertion fails.
func (ForwardingInserter) InsertTRC ¶ added in v0.5.0
func (ins ForwardingInserter) InsertTRC(ctx context.Context, decTRC decoded.TRC, trcProvider TRCProviderFunc) error
InsertTRC verifies the signed TRC and inserts it into the database. The previous TRC is queried through the provider function, when necessary. Before insertion, the TRC is forwarded to the certificate server. If the certificate server does not successfully handle the TRC, the insertion fails.
type Inserter ¶ added in v0.5.0
type Inserter interface { // InsertTRC verifies the signed TRC and inserts it into the database. // The previous TRC is queried through the provider function, when necessary. InsertTRC(ctx context.Context, decTRC decoded.TRC, trcProvider TRCProviderFunc) error // InsertChain verifies the signed certificate chain and inserts it into the // database. The issuing TRC is queried through the provider function, when // necessary. InsertChain(ctx context.Context, decChain decoded.Chain, trcProvider TRCProviderFunc) error }
Inserter inserts and verifies trust material into the database.
type Inspector ¶ added in v0.5.0
type Inspector interface { // ByAttributes returns a list of primary ASes in the specified ISD that hold // all the requested attributes. ByAttributes(ctx context.Context, isd addr.ISD, opts infra.ASInspectorOpts) ([]addr.IA, error) // HasAttributes indicates whether an AS holds all the specified attributes. // The first return value is always false for non-primary ASes. HasAttributes(ctx context.Context, ia addr.IA, opts infra.ASInspectorOpts) (bool, error) }
Inspector gives insights into the primary ASes of a given ISD.
type KeyInfo ¶ added in v0.5.0
type KeyInfo struct { TRC TRCInfo Version scrypto.KeyVersion }
KeyInfo contains metadata about a primary key.
type KeyRing ¶ added in v0.5.0
type KeyRing interface { // PrivateKey returns the private key for the given usage and version. If it // is not in the key ring, an error is returned. PrivateKey(usage keyconf.Usage, version scrypto.KeyVersion) (keyconf.Key, error) }
KeyRing provides different private keys.
type LocalOnlyRecurser ¶ added in v0.5.0
type LocalOnlyRecurser struct{}
LocalOnlyRecurser returns an error if the address is not nil.
func (LocalOnlyRecurser) AllowRecursion ¶ added in v0.5.0
func (r LocalOnlyRecurser) AllowRecursion(peer net.Addr) error
AllowRecursion returns an error if the address is not nil.
type LocalRouter ¶ added in v0.5.0
LocalRouter routes requests to the local CS.
func (LocalRouter) ChooseServer ¶ added in v0.5.0
ChooseServer always routes to the local CS.
type Messenger ¶ added in v0.5.0
type Messenger interface { GetTRC(ctx context.Context, msg *cert_mgmt.TRCReq, a net.Addr, id uint64) (*cert_mgmt.TRC, error) GetCertChain(ctx context.Context, msg *cert_mgmt.ChainReq, a net.Addr, id uint64) (*cert_mgmt.Chain, error) SendTRC(ctx context.Context, msg *cert_mgmt.TRC, a net.Addr, id uint64) error SendCertChain(ctx context.Context, msg *cert_mgmt.Chain, a net.Addr, id uint64) error }
Messenger is the part of the infra messenger the trust rpc layer uses.
type Provider ¶ added in v0.5.0
Provider provides crypto material. A crypto provider can spawn network requests if necessary and permitted.
func (Provider) AnnounceTRC ¶ added in v0.5.0
AnnounceTRC announces the existence of a TRC, it must be called before verifying a signature based on a certificate chain to ensure the TRC in the signature source is available to the CryptoProvider.
func (Provider) GetASKey ¶ added in v0.5.0
func (p Provider) GetASKey(ctx context.Context, id ChainID, opts infra.ChainOpts) (scrypto.KeyMeta, error)
GetASKey returns from trust store the public key required to verify signature originated from an AS.
func (Provider) GetRawChain ¶ added in v0.5.0
func (p Provider) GetRawChain(ctx context.Context, id ChainID, opts infra.ChainOpts) ([]byte, error)
GetRawChain asks the trust store to return a valid and active certificate chain, unless inactive chains are specifically allowed. The optionally configured server is queried over the network if the certificate chain is not available locally. Otherwise, the default server is queried. How the default server is determined differs between implementations.
func (Provider) GetRawTRC ¶ added in v0.5.0
GetRawTRC behaves the same as GetTRC, except returning the raw signed TRC.
func (Provider) GetTRC ¶ added in v0.5.0
GetTRC asks the trust store to return a valid and active TRC for isd, unless inactive TRCs are specifically allowed. The optionally configured server is queried over the network if the TRC is not available locally. Otherwise, the default server is queried. How the default server is determined differs between implementations.
type RPC ¶ added in v0.5.0
type RPC interface { GetTRC(context.Context, TRCReq, net.Addr) ([]byte, error) GetCertChain(context.Context, ChainReq, net.Addr) ([]byte, error) SendTRC(context.Context, []byte, net.Addr) error SendCertChain(context.Context, []byte, net.Addr) error }
RPC abstracts the RPC calls over the messenger.
type Recurser ¶ added in v0.5.0
type Recurser interface { // AllowRecursion indicates whether the recursion is allowed for the // provided Peer. Recursions started by the local trust store have a nil // address and should generally be allowed. The nil value indicates // recursion is allowed. Non-nil return values indicate that recursion is // not allowed and specify the reason. AllowRecursion(peer net.Addr) error }
Recurser decides whether a recursive request is permitted for a given peer. For infra services use either ASLocalRecurser or LocalOnlyRecurser.
type Resolver ¶ added in v0.5.0
type Resolver interface { // TRC resolves the decoded signed TRC. Missing links in the TRC // verification chain are also requested. TRC(ctx context.Context, req TRCReq, server net.Addr) (decoded.TRC, error) // Chain resolves the raw signed certificate chain. If the issuing TRC is // missing, it is also requested. Chain(ctx context.Context, req ChainReq, server net.Addr) (decoded.Chain, error) }
Resolver resolves verified trust material.
type Router ¶ added in v0.5.0
type Router interface { // ChooseServer determines the remote server for trust material with the // subject in the provided ISD. ChooseServer(ctx context.Context, subjectISD addr.ISD) (net.Addr, error) }
Router builds the CS address for crypto material with the subject in a given ISD.
type Signer ¶ added in v0.5.0
type Signer struct {
// contains filtered or unexported fields
}
Signer is used to sign control plane data authenticated by certificate chains.
func NewSigner ¶ added in v0.5.0
func NewSigner(cfg SignerConf) (*Signer, error)
NewSigner constructs a new signer.
func (*Signer) Meta ¶ added in v0.5.0
func (s *Signer) Meta() infra.SignerMeta
Meta returns the meta data the signer uses when signing.
type SignerConf ¶ added in v0.5.0
type SignerConf struct { ChainVer scrypto.Version TRCVer scrypto.Version Validity scrypto.Validity Key keyconf.Key }
SignerConf holds the configuration of a signer.
func (SignerConf) Validate ¶ added in v0.5.0
func (cfg SignerConf) Validate() error
Validate validates that the signer config is valid.
type SignerGen ¶ added in v0.5.0
type SignerGen struct { IA addr.IA KeyRing KeyRing Provider CryptoProvider }
SignerGen generates signers based on the certificate chains and keys that are available.
type Store ¶
type Store struct { Inspector CryptoProvider Inserter Inserter DB DB }
Store keeps track of the control-plane PKI crypto material.
func (Store) LoadChains ¶ added in v0.5.0
LoadChains loads the certificate chains from the file system. This call ensures that the hashes match for the chains that are already in the database. Before insertion, certificate chains are verified.
func (Store) LoadCryptoMaterial ¶ added in v0.5.0
LoadCryptoMaterial loads the crypto material from the file system and populates the trust database.
func (Store) LoadTRCs ¶ added in v0.5.0
LoadTRCs loads the TRCs from the file system. This call ensures that the hashes match for TRCs that are already in the database. Before insertion, TRCs are verified.
func (Store) NewChainPushHandler ¶ added in v0.1.1
NewChainPushHandler returns an infra.Handler for Certificate Chain pushes coming from a peer, backed by the trust store. Certificate chains are pushed by other ASes during core registration, or the local BSes and PSes. Pushes are allowed from all local ISD sources.
func (Store) NewChainReqHandler ¶
NewChainReqHandler returns an infra.Handler for Certificate Chain requests coming from a peer, backed by the trust store. The configured recurser defines whether the trust store is allowed to issue new TRC and certificate chain requests over the network. This method should only be used when servicing requests coming from remote nodes.
func (Store) NewTRCPushHandler ¶ added in v0.1.1
NewTRCPushHandler returns an infra.Handler for TRC pushes coming from a peer, backed by the trust store. TRCs are pushed by local BSes and PSes. Pushes are allowed from all local AS sources.
func (Store) NewTRCReqHandler ¶
NewTRCReqHandler returns an infra.Handler for TRC requests coming from a peer, backed by the trust store. The configured recurser defines whether the trust store is allowed to issue new TRC requests over the network. This method should only be used when servicing requests coming from remote nodes.
type TRCProviderFunc ¶ added in v0.5.0
TRCProviderFunc provides TRCs. It is used to configure the TRC retrieval method of the inserter.
type TRCRead ¶ added in v0.5.0
type TRCRead interface { // TRCExists returns whether the TRC is found in the database and the // content matches. ErrContentMismatch is returned if the TRC is in the // database with differing contents. TRCExists(ctx context.Context, d decoded.TRC) (bool, error) // GetTRC returns the TRC. If it is not found, ErrNotFound is returned. GetTRC(ctx context.Context, id TRCID) (*trc.TRC, error) // GetRawTRC returns the raw signed TRC bytes. If it is not found, // ErrNotFound is returned. GetRawTRC(ctx context.Context, id TRCID) ([]byte, error) // GetTRCInfo returns the infos for the requested TRC. If it is not found, // ErrNotFound is returned. GetTRCInfo(ctx context.Context, id TRCID) (TRCInfo, error) // GetIssuingGrantKeyInfo returns the infos of the requested AS. If it is // not found, ErrNotFound is returned. GetIssuingGrantKeyInfo(ctx context.Context, ia addr.IA, version scrypto.Version) (KeyInfo, error) }
TRCRead defines the TRC read operations.
type TRCWrite ¶ added in v0.5.0
type TRCWrite interface { // InsertTRC inserts the TRCs. The call returns true if the TRC was // inserter, or false if it already existed and the content matches. // ErrContentMismatch is returned if the TRC is in the database with // differing contents. InsertTRC(ctx context.Context, d decoded.TRC) (bool, error) }
TRCWrite defines the TRC write operations.
type Transaction ¶ added in v0.5.0
type Transaction interface { ReadWrite // Commit commits the transaction. Commit() error // Rollback rollbacks the transaction. Rollback() error }
Transaction represents a trust DB transaction. To end the transaction either Rollback or Commit should be called. Calling Commit or Rollback multiple times will result in an error.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
internal
|
|
Package mock_trust is a generated GoMock package.
|
Package mock_trust is a generated GoMock package. |