Documentation ¶
Index ¶
- Constants
- func Marshal(p Payload) ([]byte, error)
- type Option
- func WithReferenceTime(t time.Time) Option
- func WithServerMode(b bool) Option
- func WithTTL(d time.Duration) Option
- func WithTimestamp(t time.Time) Option
- func WithValidateDataSize(b bool) Option
- func WithValidateEndpoint(e string) Option
- func WithValidateExpiration(b bool) Option
- func WithValidateFuture(b bool) Option
- func WithValidatePayloadSize(b bool) Option
- func WithValidateTTL(b bool) Option
- func WithValidateVersion(b bool) Option
- func WithVersion(v Version) Option
- type Payload
- func (p Payload) Endpoint() string
- func (p Payload) IsExpired(t time.Time) bool
- func (p Payload) IsInFuture(t time.Time) bool
- func (p Payload) PubKeyBytes() []byte
- func (p Payload) PubKeyHash() []byte
- func (p Payload) SigningBytes() []byte
- func (p Payload) ValidDataSize() bool
- func (p Payload) ValidEndpoint(e string) bool
- func (p Payload) ValidPayloadSize() bool
- func (p Payload) ValidTTL() bool
- func (p Payload) ValidVersion() bool
- func (p Payload) Verify(options ...Option) error
- func (p Payload) VerifySignatures() bool
- func (p Payload) WithinSubmitWindow(t time.Time) bool
- type Version
Constants ¶
const ( // MaxSigBundleCount is the upper limit of signatures // allowed for a single payload MaxSigBundleCount = 4 // MaxPayloadSize is intended to by used by a LimitedReader // to enforce a strict upper limit on payload size MaxPayloadSize = 128 * 1024 // 128 KB // MaxMessageSize Payload.Data MaxMessageSize = 512 // bytes // MaxSubmitWindow is the time drift allow between a submission // to hashmap server and the time reflected on a signed payload MaxSubmitWindow = 5 * time.Second // MinTTL is the minimum value of a TTL for a payload MinTTL = 0 * time.Second // MaxTTL is the maximum value of a TTL for a payload MaxTTL = 24 * 7 * time.Hour // 1 week )
const ( // DefaultTTL is set to 24 hours DefaultTTL = 24 * time.Hour )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Option ¶
type Option func(*options)
Option is used for interacting with Context when setting options for Generate and Verify
func WithReferenceTime ¶
WithReferenceTime sets time for options.validate.referenceTime and is used for the Verify method. referenceTime defaults to time.Now
func WithServerMode ¶
WithServerMode sets options.validate.submitTime boolean. Defaults to false. Setting to false will skip validation when using the payload Verify method
func WithTimestamp ¶
WithTimestamp takes a time.Time and returns an Option
func WithValidateDataSize ¶
WithValidateDataSize sets options.validate.dataSize boolean. Defaults to true. Setting to false will skip validation when using the payload Verify method
func WithValidateEndpoint ¶
WithValidateEndpoint sets the endpoint string for options.validate.endpoint and is used for the Verify method. endpoint defaults to and empty string.
func WithValidateExpiration ¶
WithValidateExpiration sets options.validate.expiration boolean. Defaults to true. Setting to false will skip validation when using the payload Verify method
func WithValidateFuture ¶
WithValidateFuture sets options.validate.futureTime boolean. Defaults to true. Setting to false will skip validation when using the payload Verify method
func WithValidatePayloadSize ¶
WithValidatePayloadSize sets options.validate.payloadSize boolean. Defaults to true. Setting to false will skip validation when using the payload Verify method
func WithValidateTTL ¶
WithValidateTTL sets options.validate.ttl boolean. Defaults to true. Setting to false will skip validation when using the payload Verify method
func WithValidateVersion ¶
WithValidateVersion sets options.validate.version boolean. Defaults to true. Setting to false will skip validation when using the payload Verify method
func WithVersion ¶
WithVersion takes a Version and returns an Option
type Payload ¶
type Payload struct { Version Version Timestamp time.Time TTL time.Duration SigBundles []sig.Bundle Data []byte }
Payload holds all information related to a Hashmap Payload that will be handled for signing and validation. This struct is used by both client and server and includes all necessary methods for encoding, decoding, signing, an verifying itself.
func Generate ¶
Generate takes a message, signers, and a set of options and returns a payload or error. This function defaults to time.Now() and the default TTL of 24 hours. Generate Requires at least one signer, but can sign with many signers. Sort order is important though, The unique order of the signers pubkeys are what is responsible for generating the endpoint hash.
func Unmarshal ¶
Unmarshal takes a byte slice and attempts to decode the protobuf wire format into a Payload. This does not apply any Payload verification. Verification should happen after Unmarshalling.
func (Payload) IsExpired ¶
IsExpired checks the reference time t against the timestamp and TTL of a payload and returns a boolean value on whether or not the TTL has been exceeded
func (Payload) IsInFuture ¶
IsInFuture checks if the payload timestamp is too far into the future based on the reference time t plus the MaxSubmitWindow.
func (Payload) PubKeyBytes ¶
PubKeyBytes returns a byte slice of all pubkeys concatenated in the index order of the slice of sig.Bundles. This is intended to be used with a hash function to derive the unique endpoint for a payload on hashmap server.
func (Payload) PubKeyHash ¶
PubKeyHash returns a byte slice of the blake2b-512 hash of PubKeyBytes
func (Payload) SigningBytes ¶
SigningBytes returns a byte slice of version|timestamp|ttl|len|data used as the message to be signed by a Signer.
func (Payload) ValidDataSize ¶
ValidDataSize checks that the length of Payload.Data is less than or equal to the MaxMessageSize and returns a boolean value.
func (Payload) ValidEndpoint ¶
ValidEndpoint takes a string and attempts to match the URL safe base64 string encoded PubKeyHash and returns a boolean
func (Payload) ValidPayloadSize ¶
ValidPayloadSize checks that the wire protocol bytes are less than or equal to the MaxPayloadSize allowed and returns a boolean value.
func (Payload) ValidVersion ¶
ValidVersion returns whether version is supported by Hashmap Currently only V1 is supported.
func (Payload) VerifySignatures ¶
VerifySignatures checks all signatures in the sigBundles. If all signatures are valid, it returns `true`.