client

package
v0.0.0-...-efbb1c2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 21, 2016 License: Apache-2.0 Imports: 15 Imported by: 9

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrRegistrationDisabled = fmt.Errorf("registration disabled")
	ErrInviteInvalid        = fmt.Errorf("invite not valid")
	ErrInviteUsed           = fmt.Errorf("invite already used")
	ErrNotAuthorized        = fmt.Errorf("not authorized")
	ErrCouldntVerify        = fmt.Errorf("could not verify the correctness of the response")
)
View Source
var (
	DefaultVerifiers          = map[string]*Verifier{"mit-pilot": &Verifier{"CiCheFqDmJ0Pg+j+lypkmmiHrFmRn50rlDi5X0l4+lJRFA=="}}
	DefaultServers            = map[string]*Server{"dename.mit.edu:6263": &Server{TransportPublicKey: "4f2i+j65JCE2xNKhxE3RPurAYALx9GRy0Pm9c6J7eDY="}}
	DefaultTimeout            = "10s"
	DefaultFreshnessThreshold = "60s"
	DefaultFreshness          = Freshness{SignaturesRequired: len(DefaultVerifiers), Threshold: DefaultFreshnessThreshold}
	DefaultConfig             = Config{Verifier: DefaultVerifiers, Lookup: DefaultServers, Update: DefaultServers}
	DefaultDialer             = proxy.FromEnvironment()
)

Functions

func ClearProfileField

func ClearProfileField(profile *Profile, field int32)

func FieldByName

func FieldByName(fieldName string) (fieldNumber int32, err error)

func GetProfileField

func GetProfileField(profile *Profile, field int32) ([]byte, error)

func IsErrOutOfDate

func IsErrOutOfDate(err error) bool

func MakeOperation

func MakeOperation(name string, profile *Profile) *SignedProfileOperation

Low-level convenience function to create a SignedProfileOperation with no signatures. You probably want to use Register, Modify or Transfer instead.

func NewProfile

func NewProfile(rnd io.Reader, expirationTime *time.Time) (profile *Profile,
	sk *[ed25519.PrivateKeySize]byte, err error)

func NewSign

func NewSign(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) *SignedProfileOperation

Gives the new owner's signature for op using sk

func OldSign

func OldSign(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) *SignedProfileOperation

Gives the old owner's signature for op using sk

func SetProfileField

func SetProfileField(profile *Profile, field int32, value []byte) error

func TransferProposal

func TransferProposal(sk *[ed25519.PrivateKeySize]byte, name string,
	profile *Profile) *SignedProfileOperation

Creates a signed operation structure to transfer name to profile. To make this change take effect, the recipient has to call AcceptTransfer with the secret key whose public counterpart is in profile.

func VerifyResolveAgainstRoot

func VerifyResolveAgainstRoot(rootHash []byte, name string, resolve []*ClientReply_MerklemapNode, testing ...testing.TB) (
	profile []byte, err error)

VerifyResolveAgainstRoot decodes a profile from a resolve structure and verifies that it is indeed a part of a mrklemap with rootHash. resolve contains nodes of a binary trie, except that each pointer has been replaced with a cryptographic hash of its target. As a binary trie lookup only uses nodes on one branch of the tree, all other nodes are omitted. Furthermore, hashes of nodes that /are/ present are implicit: if a node's child hash is nil, we can find it by hashing the next given node. This function assumes that the hash of the root has been authenticated externally and verifies that 1) all provided nodes indeed lie in their claimed positions in the trie by recomputing the hash of the root from the provided nodes and 2) that the parts of the trie contained in resolve unambiguously determine the result of the lookup of name by running the binary trie tree lookup algorithm on these nodes.

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

func NewClient

func NewClient(cfg *Config, dialer proxy.Dialer, now func() time.Time) (c *Client, err error)

func (*Client) AcceptTransfer

func (c *Client) AcceptTransfer(sk *[ed25519.PrivateKeySize]byte, op *SignedProfileOperation) error

AcceptTransfer uses the new secret key and the transfer operation generated using the old secret key to associate the op.Name with op.NewProfile.

func (*Client) Enact

func (c *Client) Enact(op *SignedProfileOperation, invite []byte) (err error)

Enact is a low-level function that completes an already complete profile operation at any known server. You probably want to use Register, Modify or Transfer instead.

func (*Client) Lookup

func (c *Client) Lookup(name string) (profile *Profile, err error)

Lookup retrieves the profile that corresponds to name from any server in the client's config. It is guaranteed that at least SignaturesRequired of the servers have confirmed the correctness of the (name, profile) mapping and that Freshness.SignaturesRequired have done this within Freshness.Threshold.

func (*Client) LookupFromReply

func (c *Client) LookupFromReply(name string, reply *ClientReply) (profile *Profile, err error)

func (*Client) LookupReply

func (c *Client) LookupReply(name string) (profile *Profile, reply *ClientReply, err error)

func (*Client) Modify

func (c *Client) Modify(sk *[ed25519.PrivateKeySize]byte, name string, profile *Profile) error

Modify uses a secret key to associate name with profile. The caller must ensure that profile.Version is strictly greater than the version of the currently registered profile; it is usually good practice to increase the version by exactly one. In many cases it is also desireable to bump to expiration time to just slightly less than one year into the future.

func (*Client) Register

func (c *Client) Register(sk *[ed25519.PrivateKeySize]byte, name string, profile *Profile, invite []byte) error

Register associates a profile with a name. The invite is used to convince the server that we are indeed allowed a new name, it is not associated with the profile in any way. If profile.Version is set, it must be 0.

func (*Client) VerifyConsensus

func (c *Client) VerifyConsensus(signedHashOfStateMsgs []*SignedServerMessage) (
	rootHash []byte, err error)

VerifiyConsensus performs the low-level checks to see whether a set of statements made by the servers is sufficient to consider the state contained by them to be canonical.

type Config

type Config struct {
	Consensus
	Freshness
	Verifier map[string]*Verifier
	Update   map[string]*Server
	Lookup   map[string]*Server
}

type Consensus

type Consensus struct {
	SignaturesRequired int
}

type Freshness

type Freshness struct {
	SignaturesRequired int
	Threshold          string
}

type Server

type Server struct {
	Timeout            string
	TransportPublicKey string
}

type Verifier

type Verifier struct {
	PublicKey string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL