Deprecated: use github.com/katzenpost/katzenpost instead.

pki

package

v0.0.16 Latest Latest Go to latest Published: Oct 21, 2023 License: AGPL-3.0 Imports: 7 Imported by: 39

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/katzenpost/core

Links

Open Source Insights

Documentation ¶

Overview ¶

Package pki provides the mix network PKI related interfaces.

Constants ¶

View Source

const LayerProvider = 255

LayerProvider is the Layer that providers list in their MixDescriptors.

Variables ¶

View Source

var (
	// ErrNoDocument is the error returned when there never will be a document
	// for a given epoch.
	ErrNoDocument = errors.New("pki: requested epoch will never get a document")

	// ErrInvalidPostEpoch is the error returned when the server rejects a
	// descriptor upload for a given epoch due to time reasons.
	ErrInvalidPostEpoch = errors.New("pki: post for epoch will never succeeed")
)

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client interface {
	// Get returns the PKI document along with the raw serialized form for the provided epoch.
	Get(ctx context.Context, epoch uint64) (*Document, []byte, error)

	// Post posts the node's descriptor to the PKI for the provided epoch.
	Post(ctx context.Context, epoch uint64, signingKey *eddsa.PrivateKey, d *MixDescriptor) error

	// Deserialize returns PKI document given the raw bytes.
	Deserialize(raw []byte) (*Document, error)
}

Client is the abstract interface used for PKI interaction.

type Document ¶

type Document struct {
	// Epoch is the epoch for which this Document instance is valid for.
	Epoch uint64

	// GenesisEpoch is the epoch on which authorities started consensus
	GenesisEpoch uint64

	// SendRatePerMinute is the number of packets per minute a client can send.
	SendRatePerMinute uint64

	// Mu is the inverse of the mean of the exponential distribution
	// that the Sphinx packet per-hop mixing delay will be sampled from.
	Mu float64

	// MuMaxDelay is the maximum Sphinx packet per-hop mixing delay in
	// milliseconds.
	MuMaxDelay uint64

	// LambdaP is the inverse of the mean of the exponential distribution
	// that clients will sample to determine the time interval between sending
	// messages from it's FIFO egress queue or drop decoy messages if the queue
	// is empty.
	LambdaP float64

	// LambdaPMaxDelay is the maximum time interval in milliseconds.
	LambdaPMaxDelay uint64

	// LambdaL is the inverse of the mean of the exponential distribution
	// that clients will sample to determine the time interval between sending
	// decoy loop messages.
	LambdaL float64

	// LambdaLMaxDelay is the maximum time interval in milliseconds.
	LambdaLMaxDelay uint64

	// LambdaD is the inverse of the mean of the exponential distribution
	// that clients will sample to determine the time interval between sending
	// decoy drop messages.
	LambdaD float64

	// LambdaDMaxDelay is the maximum time interval in milliseconds.
	LambdaDMaxDelay uint64

	// LambdaM is the inverse of the mean of the exponential distribution
	// that mixes will sample to determine send timing of mix loop decoy traffic.
	LambdaM float64

	// LambdaMMaxDelay is the maximum send interval in milliseconds.
	LambdaMMaxDelay uint64

	// Topology is the mix network topology, excluding providers.
	Topology [][]*MixDescriptor

	// Providers is the list of providers that can interact with the mix
	// network.
	Providers []*MixDescriptor

	// SharedRandomCommit used by the voting process.
	SharedRandomCommit []byte

	// SharedRandomValue produced by voting process.
	SharedRandomValue []byte

	// PriorSharedRandom used by applications that need a longer lived SRV.
	PriorSharedRandom [][]byte
}

Document is a PKI document.

func (*Document) GetMix ¶

func (d *Document) GetMix(name string) (*MixDescriptor, error)

GetMix returns the MixDescriptor for the given mix Name.

func (*Document) GetMixByKey ¶

func (d *Document) GetMixByKey(key []byte) (*MixDescriptor, error)

GetMixByKey returns the specific mix descriptor corresponding to the specified IdentityKey.

func (*Document) GetMixesInLayer ¶

func (d *Document) GetMixesInLayer(layer uint8) ([]*MixDescriptor, error)

GetMixesInLayer returns all the mix descriptors for a given layer.

func (*Document) GetNode ¶

func (d *Document) GetNode(name string) (*MixDescriptor, error)

GetNode returns the specific descriptor corresponding to the specified node Name.

func (*Document) GetNodeByKey ¶

func (d *Document) GetNodeByKey(key []byte) (*MixDescriptor, error)

GetNodeByKey returns the specific descriptor corresponding to the specified IdentityKey.

func (*Document) GetProvider ¶

func (d *Document) GetProvider(name string) (*MixDescriptor, error)

GetProvider returns the MixDescriptor for the given provider Name.

func (*Document) GetProviderByKey ¶

func (d *Document) GetProviderByKey(key []byte) (*MixDescriptor, error)

GetProviderByKey returns the specific provider descriptor corresponding to the specified IdentityKey.

func (*Document) String ¶

func (d *Document) String() string

String returns a string representation of a Document.

type MixDescriptor ¶

type MixDescriptor struct {
	// Name is the human readable (descriptive) node identifier.
	Name string

	// IdentityKey is the node's identity (signing) key.
	IdentityKey *eddsa.PublicKey

	// LinkKey is the node's wire protocol public key.
	LinkKey *ecdh.PublicKey

	// MixKeys is a map of epochs to Sphinx keys.
	MixKeys map[uint64]*ecdh.PublicKey

	// Addresses is the map of transport to address combinations that can
	// be used to reach the node.
	Addresses map[Transport][]string

	// Kaetzchen is the map of provider autoresponder agents by capability
	// to parameters.
	Kaetzchen map[string]map[string]interface{} `json:",omitempty"`

	// RegistrationHTTPAddresses is a slice of HTTP URLs used for Provider
	// user registration. Providers of course may choose to set this to nil.
	RegistrationHTTPAddresses []string

	// Layer is the topology layer.
	Layer uint8

	// LoadWeight is the node's load balancing weight (unused).
	LoadWeight uint8
}

MixDescriptor is a description of a given Mix or Provider (node).

type Transport ¶

type Transport string

Transport is a link transport protocol.

var (
	// TransportInvalid is the invalid transport.
	TransportInvalid Transport

	// TransportTCP is TCP, with the IP version determined by the results of
	// a name server lookup.
	TransportTCP Transport = "tcp"

	// TransportTCPv4 is TCP over IPv4.
	TransportTCPv4 Transport = "tcp4"

	// TransportTCPv6 is TCP over IPv6.
	TransportTCPv6 Transport = "tcp6"

	// InternalTransports is the list of transports used for non-client related
	// communications.
	InternalTransports = []Transport{TransportTCPv4, TransportTCPv6}

	// ClientTransports is the list of transports used by default for client
	// to provider communication.
	ClientTransports = []Transport{TransportTCP, TransportTCPv4, TransportTCPv6}
)

Source Files ¶

View all Source files

pki.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL