Documentation
¶
Overview ¶
Package pkg implements a Private Key Generator (PKG) for Identity-Based Encryption (IBE).
Index ¶
- func IdentityToUsername(identity *[64]byte) string
- func UsernameToIdentity(username string) (*[64]byte, error)
- func ValidUsernameToIdentity(username string) *[64]byte
- func ValidateUsername(username string) error
- type Attestation
- type Client
- type Config
- type CoordinatorClient
- type Error
- type ErrorCode
- type ExtractResult
- type PublicServerConfig
- type RegTokenHandler
- type RevealReply
- type RoundSettings
- type Server
- type UserEvent
- type UserEventLog
- type UserEventType
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IdentityToUsername ¶
func UsernameToIdentity ¶
UsernameToIdentity converts a username to an identity that can be used with IBE. An error is returned if the username is not valid.
func ValidUsernameToIdentity ¶
ValidUsernameToIdentity converts a valid username to an identity. The result is undefined if username is invalid.
func ValidateUsername ¶
ValidateUsername returns nil if username is a valid username, otherwise returns an error that explains why the username is invalid.
Types ¶
type Attestation ¶
type Attestation struct {
// AttestKey is included in the attestation message to satisfy the
// BLS requirement that messages must be distinct.
AttestKey *bls.PublicKey
UserIdentity *[64]byte
UserLongTermKey ed25519.PublicKey
}
An Attestation attests that UserLongTermKey belongs to UserIdentity. The attestation is signed using the AttestKey from a PKG server.
func (*Attestation) Marshal ¶
func (a *Attestation) Marshal() []byte
type Client ¶
type Client struct {
// Username is identity in Identity-Based Encryption.
Username string
// LoginKey is used to authenticate to the PKG server.
LoginKey ed25519.PrivateKey
// UserLongTermKey is the user's long-term signing key. The
// PKG server attests to this key during extraction.
UserLongTermKey ed25519.PublicKey
HTTPClient *edhttp.Client
}
A Client connects to a PKG server to extract private keys. Before a client can extract keys, it must register the username and login key with the PKG server. The client must then verify ownership of the username, unless the PKG server is running in first-come-first-serve mode.
func (*Client) CheckStatus ¶
func (c *Client) CheckStatus(server PublicServerConfig) error
func (*Client) Extract ¶
func (c *Client) Extract(server PublicServerConfig, round uint32) (*ExtractResult, error)
Extract obtains the user's IBE private key for the given round from the PKG.
type Config ¶
type Config struct {
// DBPath is the path to the Badger database.
DBPath string
// SigningKey is the PKG server's long-term signing key.
SigningKey ed25519.PrivateKey
// CoordinatorKey is the key that's authorized to start new PKG rounds.
CoordinatorKey ed25519.PublicKey
// RegistrarKey is the key that's authorized to check user availability.
RegistrarKey ed25519.PublicKey
// Logger is the logger used to write log messages. The standard logger
// is used if Logger is nil.
Logger *log.Logger
// RegTokenHandler is the function used to verify registration tokens.
RegTokenHandler RegTokenHandler
}
A Config is used to configure a PKG server.
type CoordinatorClient ¶
type CoordinatorClient struct {
CoordinatorKey ed25519.PrivateKey
// contains filtered or unexported fields
}
func (*CoordinatorClient) NewRound ¶
func (c *CoordinatorClient) NewRound(pkgs []PublicServerConfig, round uint32) (RoundSettings, error)
type ExtractResult ¶
type ExtractResult struct {
PrivateKey *ibe.IdentityPrivateKey
IdentitySig bls.Signature
}
type PublicServerConfig ¶
func (PublicServerConfig) MarshalEasyJSON ¶
func (v PublicServerConfig) MarshalEasyJSON(w *jwriter.Writer)
MarshalEasyJSON supports easyjson.Marshaler interface
func (PublicServerConfig) MarshalJSON ¶
func (v PublicServerConfig) MarshalJSON() ([]byte, error)
MarshalJSON supports json.Marshaler interface
func (*PublicServerConfig) UnmarshalEasyJSON ¶
func (v *PublicServerConfig) UnmarshalEasyJSON(l *jlexer.Lexer)
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*PublicServerConfig) UnmarshalJSON ¶
func (v *PublicServerConfig) UnmarshalJSON(data []byte) error
UnmarshalJSON supports json.Unmarshaler interface
type RegTokenHandler ¶
func ExternalVerifier ¶
func ExternalVerifier(verifyURL string) RegTokenHandler
type RevealReply ¶
type RevealReply struct {
MasterPublicKey *ibe.MasterPublicKey
BLSPublicKey *bls.PublicKey
// Signature signs the commitments in RevealArgs.
Signature []byte
}
type RoundSettings ¶
type RoundSettings map[string]RevealReply
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
A Server is a Private Key Generator (PKG).
func (*Server) GetUserLog ¶
func (srv *Server) GetUserLog(identity *[64]byte) (UserEventLog, error)
func (*Server) RegisteredUsernames ¶
type UserEvent ¶
type UserEvent struct {
Time time.Time
Type UserEventType
LoginKey ed25519.PublicKey
}
type UserEventLog ¶
type UserEventLog []UserEvent
A UserEventLog contains the major updates to a user's account.
func (UserEventLog) Marshal ¶
func (e UserEventLog) Marshal() []byte
func (*UserEventLog) Unmarshal ¶
func (e *UserEventLog) Unmarshal(data []byte) error
Source Files