authority: github.com/katzenpost/authority/internal/s11n Index | Files

package s11n

import "github.com/katzenpost/authority/internal/s11n"

Package s11n implements serialization routines for the various PKI data structures.

Index

Package Files

descriptor.go document.go

Constants

const (
    // DocumentVersion is the string identifying the format of the Document
    DocumentVersion = "document-v0"
    // SharedRandomLength is the length in bytes of a SharedRandomCommit.
    SharedRandomLength = 40
    // SharedRandomValueLength is the length in bytes of a SharedRandomValue.
    SharedRandomValueLength = 32
)

Variables

var (
    // CertificateExpiration is the time a descriptor certificate will be valid for.
    CertificateExpiration = (epochtime.Period * 3) + (time.Minute * 10)
)
var (
    // ErrInvalidEpoch is the error to return when the document epoch is
    // invalid.
    ErrInvalidEpoch = errors.New("invalid document epoch")
)

func GetVerifierFromDescriptor Uses

func GetVerifierFromDescriptor(rawDesc []byte) (cert.Verifier, error)

GetVerifierFromDescriptor returns a verifier for the given mix descriptor certificate.

func IsDescriptorWellFormed Uses

func IsDescriptorWellFormed(d *pki.MixDescriptor, epoch uint64) error

IsDescriptorWellFormed validates the descriptor and returns a descriptive error iff there are any problems that would make it unusable as part of a PKI Document.

func IsDocumentWellFormed Uses

func IsDocumentWellFormed(d *pki.Document) error

IsDocumentWellFormed validates the document and returns a descriptive error iff there are any problems that invalidates the document.

func MultiSignDocument Uses

func MultiSignDocument(signer cert.Signer, peerSignatures []*cert.Signature, verifiers map[string]cert.Verifier, d *Document) ([]byte, error)

MultiSignDocument signs and serializes the document with the provided signing key, adding the signature to the existing signatures.

func SignDescriptor Uses

func SignDescriptor(signer cert.Signer, base *pki.MixDescriptor) ([]byte, error)

SignDescriptor signs and serializes the descriptor with the provided signing key.

func SignDocument Uses

func SignDocument(signer cert.Signer, d *Document) ([]byte, error)

SignDocument signs and serializes the document with the provided signing key.

func VerifyAndParseDescriptor Uses

func VerifyAndParseDescriptor(verifier cert.Verifier, b []byte, epoch uint64) (*pki.MixDescriptor, error)

VerifyAndParseDescriptor verifies the signature and deserializes the descriptor. MixDescriptors returned from this routine are guaranteed to have been correctly self signed by the IdentityKey listed in the MixDescriptor.

func VerifyAndParseDocument Uses

func VerifyAndParseDocument(b []byte, verifier cert.Verifier) (*pki.Document, error)

VerifyAndParseDocument verifies the signature and deserializes the document.

type Document Uses

type Document struct {
    // Version uniquely identifies the document format as being for the
    // specified version so that it can be rejected if the format changes.
    Version           string
    Epoch             uint64
    GenesisEpoch      uint64
    SendRatePerMinute uint64

    Mu              float64
    MuMaxDelay      uint64
    LambdaP         float64
    LambdaPMaxDelay uint64
    LambdaL         float64
    LambdaLMaxDelay uint64
    LambdaD         float64
    LambdaDMaxDelay uint64
    LambdaM         float64
    LambdaMMaxDelay uint64

    Topology  [][][]byte
    Providers [][]byte

    SharedRandomCommit []byte
    SharedRandomValue  []byte
    PriorSharedRandom  [][]byte
}

Document is the on-the-wire representation of a PKI Document.

func FromPayload Uses

func FromPayload(verifier cert.Verifier, payload []byte) (*Document, error)

FromPayload deserializes, then verifies a Document, and returns the Document or error.

Package s11n imports 12 packages (graph) and is imported by 4 packages. Updated 2020-07-11. Refresh now. Tools for package owners.