Documentation ¶
Index ¶
- Variables
- func ClearProfileField(profile *Profile, field int32)
- func FieldByName(fieldName string) (fieldNumber int32, err error)
- func GetProfileField(profile *Profile, field int32) ([]byte, error)
- func IsErrOutOfDate(err error) bool
- func MakeOperation(name string, profile *Profile) *SignedProfileOperation
- func NewProfile(rnd io.Reader, expirationTime *time.Time) (profile *Profile, sk *[ed25519.PrivateKeySize]byte, err error)
- func NewSign(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) *SignedProfileOperation
- func OldSign(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) *SignedProfileOperation
- func SetProfileField(profile *Profile, field int32, value []byte) error
- func TransferProposal(sk *[ed25519.PrivateKeySize]byte, name string, profile *Profile) *SignedProfileOperation
- func VerifyResolveAgainstRoot(rootHash []byte, name string, resolve []*ClientReply_MerklemapNode, ...) (profile []byte, err error)
- type Client
- func (c *Client) AcceptTransfer(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) error
- func (c *Client) Enact(op *SignedProfileOperation, invite []byte) (err error)
- func (c *Client) Lookup(name string) (profile *Profile, err error)
- func (c *Client) LookupFromReply(name string, reply *ClientReply) (profile *Profile, err error)
- func (c *Client) LookupReply(name string) (profile *Profile, reply *ClientReply, err error)
- func (c *Client) Modify(sk *[ed25519.PrivateKeySize]byte, name string, profile *Profile) error
- func (c *Client) Register(sk *[ed25519.PrivateKeySize]byte, name string, profile *Profile, invite []byte) error
- func (c *Client) VerifyConsensus(signedHashOfStateMsgs []*SignedServerMessage) (rootHash []byte, err error)
- type Config
- type Consensus
- type Freshness
- type Server
- type Verifier
Constants ¶
This section is empty.
Variables ¶
var ( ErrRegistrationDisabled = fmt.Errorf("registration disabled") ErrInviteInvalid = fmt.Errorf("invite not valid") ErrInviteUsed = fmt.Errorf("invite already used") ErrNotAuthorized = fmt.Errorf("not authorized") ErrCouldntVerify = fmt.Errorf("could not verify the correctness of the response") )
var ( DefaultVerifiers = map[string]*Verifier{"mit-pilot": &Verifier{"CiCheFqDmJ0Pg+j+lypkmmiHrFmRn50rlDi5X0l4+lJRFA=="}} DefaultServers = map[string]*Server{"dename.mit.edu:6263": &Server{TransportPublicKey: "4f2i+j65JCE2xNKhxE3RPurAYALx9GRy0Pm9c6J7eDY="}} DefaultTimeout = "10s" DefaultFreshnessThreshold = "60s" DefaultFreshness = Freshness{SignaturesRequired: len(DefaultVerifiers), Threshold: DefaultFreshnessThreshold} DefaultConfig = Config{Verifier: DefaultVerifiers, Lookup: DefaultServers, Update: DefaultServers} DefaultDialer = proxy.FromEnvironment() )
Functions ¶
func ClearProfileField ¶
func ClearProfileField(profile *Profile, field int32)
func FieldByName ¶
func GetProfileField ¶
func IsErrOutOfDate ¶
func MakeOperation ¶
func MakeOperation(name string, profile *Profile) *SignedProfileOperation
Low-level convenience function to create a SignedProfileOperation with no signatures. You probably want to use Register, Modify or Transfer instead.
func NewProfile ¶
func NewSign ¶
func NewSign(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) *SignedProfileOperation
Gives the new owner's signature for op using sk
func OldSign ¶
func OldSign(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) *SignedProfileOperation
Gives the old owner's signature for op using sk
func SetProfileField ¶
func TransferProposal ¶
func TransferProposal(sk *[ed25519.PrivateKeySize]byte, name string, profile *Profile) *SignedProfileOperation
Creates a signed operation structure to transfer name to profile. To make this change take effect, the recipient has to call AcceptTransfer with the secret key whose public counterpart is in profile.
func VerifyResolveAgainstRoot ¶
func VerifyResolveAgainstRoot(rootHash []byte, name string, resolve []*ClientReply_MerklemapNode, testing ...testing.TB) ( profile []byte, err error)
VerifyResolveAgainstRoot decodes a profile from a resolve structure and verifies that it is indeed a part of a mrklemap with rootHash. resolve contains nodes of a binary trie, except that each pointer has been replaced with a cryptographic hash of its target. As a binary trie lookup only uses nodes on one branch of the tree, all other nodes are omitted. Furthermore, hashes of nodes that /are/ present are implicit: if a node's child hash is nil, we can find it by hashing the next given node. This function assumes that the hash of the root has been authenticated externally and verifies that 1) all provided nodes indeed lie in their claimed positions in the trie by recomputing the hash of the root from the provided nodes and 2) that the parts of the trie contained in resolve unambiguously determine the result of the lookup of name by running the binary trie tree lookup algorithm on these nodes.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func (*Client) AcceptTransfer ¶
func (c *Client) AcceptTransfer(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) error
AcceptTransfer uses the new secret key and the transfer operation generated using the old secret key to associate the op.Name with op.NewProfile.
func (*Client) Enact ¶
Enact is a low-level function that completes an already complete profile operation at any known server. You probably want to use Register, Modify or Transfer instead.
func (*Client) Lookup ¶
Lookup retrieves the profile that corresponds to name from any server in the client's config. It is guaranteed that at least SignaturesRequired of the servers have confirmed the correctness of the (name, profile) mapping and that Freshness.SignaturesRequired have done this within Freshness.Threshold.
func (*Client) LookupFromReply ¶
func (*Client) LookupReply ¶
func (*Client) Modify ¶
Modify uses a secret key to associate name with profile. The caller must ensure that profile.Version is strictly greater than the version of the currently registered profile; it is usually good practice to increase the version by exactly one. In many cases it is also desireable to bump to expiration time to just slightly less than one year into the future.
func (*Client) Register ¶
func (c *Client) Register(sk *[ed25519.PrivateKeySize]byte, name string, profile *Profile, invite []byte) error
Register associates a profile with a name. The invite is used to convince the server that we are indeed allowed a new name, it is not associated with the profile in any way. If profile.Version is set, it must be 0.
func (*Client) VerifyConsensus ¶
func (c *Client) VerifyConsensus(signedHashOfStateMsgs []*SignedServerMessage) ( rootHash []byte, err error)
VerifiyConsensus performs the low-level checks to see whether a set of statements made by the servers is sufficient to consider the state contained by them to be canonical.