Documentation
¶
Index ¶
- Constants
- func GenerateOrgKeys(rotateOptional bool) (map[string]ezn.CryptoString, error)
- func GenerateUserKeys() (map[string]ezn.CryptoString, error)
- func IsExpirationValid(timestr string) error
- func IsTimestampValid(timestr string) error
- type Entry
- func (entry *Entry) Chain(key ezn.CryptoString, rotateOptional bool) (*Entry, map[string]ezn.CryptoString, error)
- func (entry *Entry) Duplicate() *Entry
- func (entry *Entry) GenerateHash(algorithm string) error
- func (entry Entry) GetSignature(sigtype string) (string, error)
- func (entry Entry) IsCompliant() bool
- func (entry *Entry) IsDataCompliant() bool
- func (entry Entry) IsExpired() (bool, error)
- func (entry Entry) MakeByteString(siglevel int) []byte
- func (entry Entry) Save(path string, clobber bool) error
- func (entry *Entry) Set(data []byte) error
- func (entry *Entry) SetExpiration(numdays int16) error
- func (entry *Entry) SetField(fieldName string, fieldValue string) error
- func (entry *Entry) SetFields(fields map[string]string)
- func (entry *Entry) Sign(signingKey ezn.CryptoString, sigtype string) error
- func (entry Entry) VerifyChain(previous *Entry) (bool, error)
- func (entry Entry) VerifySignature(verifyKey ezn.CryptoString, sigtype string) (bool, error)
- type KeyInfo
- type Keycard
- type SigInfo
- type SigInfoList
Constants ¶
const SigInfoHash uint8 = 1
SigInfoHash - signature field is a hash
const SigInfoSignature uint8 = 2
SigInfoSignature - signature field is a cryptographic signature
Variables ¶
This section is empty.
Functions ¶
func GenerateOrgKeys ¶
func GenerateOrgKeys(rotateOptional bool) (map[string]ezn.CryptoString, error)
GenerateOrgKeys generates a set of cryptographic keys for user entries, optionally including non-required keys
func GenerateUserKeys ¶
func GenerateUserKeys() (map[string]ezn.CryptoString, error)
GenerateUserKeys generates a set of cryptographic keys for user entries, optionally including non-required keys
func IsExpirationValid ¶
IsExpirationValid returns true if the expiration for the entry is valid
func IsTimestampValid ¶
IsTimestampValid returns true if the timestamp for the entry is valid
Types ¶
type Entry ¶
type Entry struct {
Type string
Fields map[string]string
FieldNames gostringlist.StringList
RequiredFields gostringlist.StringList
Signatures map[string]string
SignatureInfo SigInfoList
PrevHash string
Hash string
Keys []KeyInfo
}
Entry contains the common functionality for keycard entries
func NewEntryFromData ¶
NewEntryFromData creates a new entry from a text block of entry information which includes the header and footer. The type of entry created is based on the information in the text block
func (*Entry) Chain ¶
func (entry *Entry) Chain(key ezn.CryptoString, rotateOptional bool) (*Entry, map[string]ezn.CryptoString, error)
Chain creates a new Entry object with new keys and a custody signature. It requires the previous contact request signing key passed as an ezn.ezn. The new keys are returned with the string '.private' or '.public' appended to the key's field name, e.g. Primary-Encryption-Key.public.
Note that a user's public encryption keys and an organization's alternate verification key are not required to be updated during entry rotation so that they can be rotated on a different schedule from the other keys.
func (*Entry) GenerateHash ¶
GenerateHash generates a hash containing the expected signatures and the previous hash, if it exists. The supported hash algorithms are 'BLAKE3-256', 'BLAKE2B-256', 'SHA-256', and 'SHA3-256'.
func (Entry) GetSignature ¶
GetSignature - get the specified signature
func (Entry) IsCompliant ¶
IsCompliant returns true if the object meets spec compliance (required fields, etc.)
func (*Entry) IsDataCompliant ¶
IsDataCompliant checks only the data fields of the entry to ensure that they are valid
func (Entry) MakeByteString ¶
MakeByteString converts the entry to a string of bytes to ensure that signatures are not invalidated by automatic line ending handling
func (*Entry) SetExpiration ¶
SetExpiration enables custom expiration dates, the standard being 90 days for user entries and 1 year for organizations.
func (*Entry) Sign ¶
func (entry *Entry) Sign(signingKey ezn.CryptoString, sigtype string) error
Sign cryptographically signs an entry. The supported types and expected order of the signature is defined by subclasses using the SigInfo instances in the object's SignatureInfo property. Adding a particular signature causes those that must follow it to be cleared. The Entry's cryptographic hash counts as a signature in this matter. Thus, if an Organization signature is added to the entry, the instance's hash and User signatures are both cleared.
func (Entry) VerifyChain ¶
VerifyChain verifies the chain of custody between the provided previous entry and the current one.
func (Entry) VerifySignature ¶
VerifySignature cryptographically verifies the entry against the key provided, given the specific signature to verify.
type Keycard ¶
Keycard - class which houses a list of entries into a hash-linked chain
type SigInfo ¶
SigInfo contains descriptive information about the signatures for an entry. The Level property indicates order. For example, a signature with a level of 2 is attached to the entry after a level 1 signature.
type SigInfoList ¶
type SigInfoList struct {
Items []SigInfo
}
SigInfoList is a specialized list container for SigInfo structure instances
func (SigInfoList) Contains ¶
func (sil SigInfoList) Contains(name string) bool
Contains returns true if one of the SigInfo items has the specified name
func (SigInfoList) GetItem ¶
func (sil SigInfoList) GetItem(name string) (bool, *SigInfo)
GetItem returns the item matching the specified name or nil if it doesn't exist
func (SigInfoList) IndexOf ¶
func (sil SigInfoList) IndexOf(name string) int
IndexOf returns the index of the item named and -1 if it doesn't exist
Source Files