Documentation ¶
Overview ¶
Package keychain implements signing and verification on NDN packets.
Index ¶
- Variables
- func ExportSafeBag(pvt PrivateKey, cert *Certificate, passphrase []byte) (wire []byte, e error)
- func ImportSafeBag(wire, passphrase []byte) (pvt PrivateKey, cert *Certificate, e error)
- func IsCertName(name ndn.Name) bool
- func IsKeyName(name ndn.Name) bool
- func MarshalCert(cert *Certificate) ([]byte, error)
- func MarshalKey(key PrivateKey) ([]byte, error)
- func NewECDSAKeyPair(name ndn.Name) (PrivateKey, PublicKey, error)
- func NewEd25519KeyPair(name ndn.Name) (PrivateKey, PublicKey, error)
- func NewRSAKeyPair(name ndn.Name) (PrivateKey, PublicKey, error)
- func ToCertName(input ndn.Name) ndn.Name
- func ToKeyName(input ndn.Name) ndn.Name
- func ToSubjectName(input ndn.Name) ndn.Name
- type Certificate
- func (cert Certificate) Data() ndn.Data
- func (cert Certificate) Issuer() ndn.Name
- func (cert Certificate) Name() ndn.Name
- func (cert Certificate) PublicKey() PublicKey
- func (cert Certificate) SelfSigned() bool
- func (cert Certificate) SubjectName() ndn.Name
- func (cert Certificate) Validity() ValidityPeriod
- type MakeCertOptions
- type PrivateKey
- func NewECDSAPrivateKey(keyName ndn.Name, key *ecdsa.PrivateKey) (PrivateKey, error)
- func NewEd25519PrivateKey(keyName ndn.Name, key ed25519.PrivateKey) (PrivateKey, error)
- func NewRSAPrivateKey(keyName ndn.Name, key *rsa.PrivateKey) (PrivateKey, error)
- func UnmarshalKey(wire []byte) (PrivateKey, error)
- type PublicKey
- type ValidityPeriod
Constants ¶
This section is empty.
Variables ¶
var ( ErrCertContentType = errors.New("bad certificate ContentType") ErrValidityPeriod = errors.New("bad ValidityPeriod") ErrX509PublicKey = errors.New("bad X509PublicKey") )
Error conditions for certificate.
var ( ComponentKEY = ndn.MakeNameComponent(an.TtGenericNameComponent, []byte("KEY")) ComponentSelfIssuer = ndn.MakeNameComponent(an.TtGenericNameComponent, []byte("self")) ComponentDefaultIssuer = ndn.MakeNameComponent(an.TtGenericNameComponent, []byte("NDNgo")) )
Name components for certificate naming.
var ( ErrKeyName = errors.New("bad key name") ErrCertName = errors.New("bad certificate name") )
Error conditions for certificate naming.
var MaxValidityPeriod = ValidityPeriod{time.Unix(540109800, 0), time.Unix(253402300799, 0)}
MaxValidityPeriod is a very long ValidityPeriod.
Functions ¶
func ExportSafeBag ¶
func ExportSafeBag(pvt PrivateKey, cert *Certificate, passphrase []byte) (wire []byte, e error)
ExportSafeBag exports a private key to ndn-cxx exported credentials. https://docs.named-data.net/ndn-cxx/0.8.1/specs/safe-bag.html
func ImportSafeBag ¶
func ImportSafeBag(wire, passphrase []byte) (pvt PrivateKey, cert *Certificate, e error)
ImportSafeBag imports a private key from ndn-cxx exported credentials. https://docs.named-data.net/ndn-cxx/0.8.1/specs/safe-bag.html
func IsCertName ¶
IsCertName determines if the input is a certificate name.
func MarshalCert ¶
func MarshalCert(cert *Certificate) ([]byte, error)
MarshalCert serializes a certificate to an internal format.
func MarshalKey ¶
func MarshalKey(key PrivateKey) ([]byte, error)
MarshalKey serializes a private key to an internal format.
func NewECDSAKeyPair ¶
func NewECDSAKeyPair(name ndn.Name) (PrivateKey, PublicKey, error)
NewECDSAKeyPair creates a key pair for SigSha256WithEcdsa signature type.
func NewEd25519KeyPair ¶
func NewEd25519KeyPair(name ndn.Name) (PrivateKey, PublicKey, error)
NewEd25519KeyPair creates a key pair for SigEd25519 signature type.
func NewRSAKeyPair ¶
func NewRSAKeyPair(name ndn.Name) (PrivateKey, PublicKey, error)
NewRSAKeyPair creates a key pair for SigSha256WithRsa signature type.
func ToCertName ¶
ToCertName extracts or builds certificate name from subject name, key name, or certificate name. If the input is a subject name, the keyID component is randomly generated. If the input is a subject name or key name, the issuerID is set to 'NDNgo', and the version component is derived from current time.
Types ¶
type Certificate ¶
type Certificate struct {
// contains filtered or unexported fields
}
Certificate represents an NDN certificate packet.
func CertFromData ¶
func CertFromData(data ndn.Data) (cert *Certificate, e error)
CertFromData parses a Data packet as certificate.
func MakeCert ¶
func MakeCert(pub PublicKey, signer ndn.Signer, opts MakeCertOptions) (cert *Certificate, e error)
MakeCert generates a certificate of the given public key, signed by the given signer.
func UnmarshalCert ¶
func UnmarshalCert(wire []byte) (*Certificate, error)
UnmarshalCert deserializes a certificate from the result of MarshalCert.
func (Certificate) Data ¶
func (cert Certificate) Data() ndn.Data
Data returns the certificate Data packet.
func (Certificate) Issuer ¶
func (cert Certificate) Issuer() ndn.Name
Issuer returns certificate issuer name, as it appears in the KeyLocator Name field. Returns nil if KeyLocator Name is absent.
func (Certificate) Name ¶
func (cert Certificate) Name() ndn.Name
Name returns the certificate name.
func (Certificate) PublicKey ¶
func (cert Certificate) PublicKey() PublicKey
PublicKey returns the enclosed public key.
func (Certificate) SelfSigned ¶
func (cert Certificate) SelfSigned() bool
SelfSigned determines whether the certificate is self-signed.
func (Certificate) SubjectName ¶
func (cert Certificate) SubjectName() ndn.Name
SubjectName returns the subject name.
func (Certificate) Validity ¶
func (cert Certificate) Validity() ValidityPeriod
Validity returns certificate ValidityPeriod.
type MakeCertOptions ¶
type MakeCertOptions struct { IssuerID ndn.NameComponent Version ndn.NameComponent Freshness time.Duration Validity ValidityPeriod }
MakeCertOptions contains arguments to MakeCert function.
type PrivateKey ¶
type PrivateKey interface { ndn.Signer // Name returns key name. Name() ndn.Name // WithKeyLocator creates a new Signer that uses a different KeyLocator. // This may be used to put certificate name in KeyLocator. WithKeyLocator(klName ndn.Name) ndn.Signer }
PrivateKey represents a named private key.
func NewECDSAPrivateKey ¶
func NewECDSAPrivateKey(keyName ndn.Name, key *ecdsa.PrivateKey) (PrivateKey, error)
NewECDSAPrivateKey creates a private key for SigSha256WithEcdsa signature type.
func NewEd25519PrivateKey ¶
func NewEd25519PrivateKey(keyName ndn.Name, key ed25519.PrivateKey) (PrivateKey, error)
NewEd25519PrivateKey creates a private key for SigEd25519 signature type.
func NewRSAPrivateKey ¶
func NewRSAPrivateKey(keyName ndn.Name, key *rsa.PrivateKey) (PrivateKey, error)
NewRSAPrivateKey creates a private key for SigSha256WithRsa signature type.
func UnmarshalKey ¶
func UnmarshalKey(wire []byte) (PrivateKey, error)
UnmarshalKey deserializes a private key from the result of MarshalKey.
type PublicKey ¶
type PublicKey interface { ndn.Verifier // Name returns key name. Name() ndn.Name // SPKI returns public key in SubjectPublicKeyInfo format as used in NDN certificate. SPKI() (spki []byte, e error) }
PublicKey represents a named public key.
func NewECDSAPublicKey ¶
NewECDSAPublicKey creates a public key for SigSha256WithEcdsa signature type.
func NewEd25519PublicKey ¶
NewEd25519PublicKey creates a public key for SigEd25519 signature type.
type ValidityPeriod ¶
ValidityPeriod represents ValidityPeriod element in an NDN certificate.
func (ValidityPeriod) Field ¶
func (vp ValidityPeriod) Field() tlv.Field
Field implements tlv.Fielder interface.
func (ValidityPeriod) Includes ¶
func (vp ValidityPeriod) Includes(t time.Time) bool
Includes determines whether the given timestamp is within validity period.
func (*ValidityPeriod) UnmarshalBinary ¶
func (vp *ValidityPeriod) UnmarshalBinary(wire []byte) (e error)
UnmarshalBinary decodes from TLV-VALUE.
func (ValidityPeriod) Valid ¶
func (vp ValidityPeriod) Valid() bool
Valid checks whether fields are valid.