Documentation
¶
Index ¶
Constants ¶
const ( ErrKeyChanged common.ErrMsg = "Verifying key has changed in the meantime" ErrNotACustomer common.ErrMsg = "ISD-AS not in customer mapping" )
Errors
const (
HandlerTimeout = 5 * time.Second
)
Variables ¶
var ( // SleepAfterFailure is the base time to sleep after a failed attempt to push the chain. // The actual sleep time is: attempts * SleepAfterFailure. SleepAfterFailure = time.Second // DefaultTryTimeout is the default timeout for one sync try if the context // has no deadline set. DefaultTryTimeout = 20 * time.Second )
Functions ¶
This section is empty.
Types ¶
type CorePusher ¶
CorePusher is a periodic.Task that pushes the local chain to all core CSes in the ISD. The interval this task is run in is expected to be rather large (e.g. 1h).
func (*CorePusher) Run ¶
func (p *CorePusher) Run(ctx context.Context)
Run makes sure all core CS have the chain of the local AS.
type Handler ¶
Handler handles certificate chain reissue requests.
Reissue requests are sent by non-issuer ASes to issuer ASes. The request needs to be signed with the private key associated with the newest verifying key in the customer mapping. Certificate chains are issued automatically by the issuer ASes.
type Requester ¶
type Requester struct {
Msgr infra.Messenger
State *config.State
IA addr.IA
LeafTime time.Duration
CorePusher *periodic.Runner
Caller string
}
Requester requests reissued certificate chains before expiration of the currently active certificate chain.
type Self ¶
type Self struct {
// Msgr is used to propagate key updates to the messenger, and not for network traffic
Msgr infra.Messenger
State *config.State
IA addr.IA
IssTime time.Duration
LeafTime time.Duration
CorePusher *periodic.Runner
Caller string
}
Self periodically issues self-signed certificate chains on an issuer AS before the old one expires.
Source Files