fileproxy

package
v0.0.0-...-9db400c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 10, 2015 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package fileproxy is a generated protocol buffer package.

It is generated from these files: 

fileproxy.proto
rollback.proto

It has these top-level messages: 

Message
FileOperation
OperationResult
ResourceMasterInfo
ResourceInfo
PrincipalInfo

Index

Constants

View Source 
const ChallengeContext = "fileproxy-challenge"

ChallengeContext gives a string for the signing context for challenges in fileproxy.

View Source 
const NonceSize = 32

NonceSize is the length in bytes of a nonce.

View Source 
const SymmetricKeySize = 64

The size of a symmetric key is the size of an AES key plus the size of an HMAC key.

Variables

View Source 
var MessageType_name = map[int32]string{
	1:  "AUTH_CERT",
	2:  "NONCE_CHALL",
	3:  "SIGNED_NONCE",
	4:  "OP_RES",
	5:  "CREATE",
	6:  "DELETE",
	7:  "READ",
	8:  "WRITE",
	9:  "FILE_NEXT",
	10: "FILE_LAST",
}
View Source 
var MessageType_value = map[string]int32{
	"AUTH_CERT":    1,
	"NONCE_CHALL":  2,
	"SIGNED_NONCE": 3,
	"OP_RES":       4,
	"CREATE":       5,
	"DELETE":       6,
	"READ":         7,
	"WRITE":        8,
	"FILE_NEXT":    9,
	"FILE_LAST":    10,
}
View Source 
var RollbackMessageType_name = map[int32]string{
	1: "SET_COUNTER",
	2: "GET_COUNTER",
	3: "SET_HASH",
	4: "GET_HASHED_VERIFIER",
	5: "ERROR",
}
View Source 
var RollbackMessageType_value = map[string]int32{
	"SET_COUNTER":         1,
	"GET_COUNTER":         2,
	"SET_HASH":            3,
	"GET_HASHED_VERIFIER": 4,
	"ERROR":               5,
}

Functions

func AuthenticatePrincipal 

func AuthenticatePrincipal(ms *util.MessageStream, key *tao.Keys, derCert []byte) error

AuthenticatePrincipal is a client method used to send a request to a ResourceMaster to authenticate a principal with a given certificate and a given set of keys.

func CreateFile 

func CreateFile(ms *util.MessageStream, ownerCert []byte, name string) error

CreateFile creates a file with a given creator and name.

func EncodeCounter 

func EncodeCounter(counter uint64) []byte

EncodeCounter takes in a counter and returns a slice that exactly encodes a varint representation of this counter.

func EstablishCert 

func EstablishCert(network, addr string, k *tao.Keys, v *tao.Verifier) error

EstablishCert contacts a CA to get a certificate signed by the policy key. It replaces the current delegation and cert on k with the new delegation and cert from the response.

func GetCounter 

func GetCounter(ms *util.MessageStream) (uint64, error)

GetCounter gets the current value of the monotonic counter for a given program name.

func GetFile 

func GetFile(ms *util.MessageStream, dir string, filename string, keys []byte) error

GetFile receives bytes from a sender and optionally encrypts them and adds integrity protection, and writes them to disk.

func GetHashedVerifier 

func GetHashedVerifier(ms *util.MessageStream, item string) ([]byte, error)

GetHashedVerifier gets the hash of the counter and the item hash for a given item.

func ReadFile 

func ReadFile(ms *util.MessageStream, userCert []byte, dir, name, output string) error

ReadFile reads a file from the server and writes it to a local file, using GetFile without any keys to read the file from the network and write it to the disk.

func SendFile 

func SendFile(ms *util.MessageStream, dir string, filename string, keys []byte) error

SendFile reads a file from disk and streams it to a receiver across a MessageStream. If there are sufficient bytes in the keys (at least hmacKeySize+aesKeySize), then it will attempt to check the integrity of the file with HMAC-SHA256 and decrypt it with AES-CTR-128.

func SetCounter 

func SetCounter(ms *util.MessageStream, counter uint64) error

SetCounter sets the remote counter for this program.

func SetHash 

func SetHash(ms *util.MessageStream, item string, hash []byte) error

SetHash sets the value of a hash for a given item for this program.

func WriteFile 

func WriteFile(ms *util.MessageStream, userCert []byte, dir, name string) error

WriteFile writes a local file, using SendFile without any keys to read the file from disk and send it on the MessageStream.

Types

type FileOperation 

type FileOperation struct {
	// The subject is the public key (in certificate form) of the principal taking
	// the action.
	Subject []byte `protobuf:"bytes,1,req,name=subject" json:"subject,omitempty"`
	// The name is the name of the file. The action is already specified by the
	// message type in the containing protobuf.
	Name             *string `protobuf:"bytes,2,req,name=name" json:"name,omitempty"`
	XXX_unrecognized []byte  `json:"-"`
}

A FileOperation contains the information needed to perform a file operation (CREATE, DELETE, READ, WRITE).

func (*FileOperation) GetName 

func (m *FileOperation) GetName() string

func (*FileOperation) GetSubject 

func (m *FileOperation) GetSubject() []byte

func (*FileOperation) ProtoMessage 

func (*FileOperation) ProtoMessage()

func (*FileOperation) Reset 

func (m *FileOperation) Reset()

func (*FileOperation) String 

func (m *FileOperation) String() string

type Message 

type Message struct {
	Type             *MessageType `protobuf:"varint,1,req,name=type,enum=fileproxy.MessageType" json:"type,omitempty"`
	Data             []byte       `protobuf:"bytes,2,req,name=data" json:"data,omitempty"`
	XXX_unrecognized []byte       `json:"-"`
}

A Message is a message sent like an RPC between fileproxy hosts. The data is sometimes simply data and is sometimes a serialized protobuf, depending on the message type.

func (*Message) GetData 

func (m *Message) GetData() []byte

func (*Message) GetType 

func (m *Message) GetType() MessageType

func (*Message) ProtoMessage 

func (*Message) ProtoMessage()

func (*Message) Reset 

func (m *Message) Reset()

func (*Message) String 

func (m *Message) String() string

type MessageType 

type MessageType int32
const (
	MessageType_AUTH_CERT    MessageType = 1
	MessageType_NONCE_CHALL  MessageType = 2
	MessageType_SIGNED_NONCE MessageType = 3
	MessageType_OP_RES       MessageType = 4
	MessageType_CREATE       MessageType = 5
	MessageType_DELETE       MessageType = 6
	MessageType_READ         MessageType = 7
	MessageType_WRITE        MessageType = 8
	MessageType_FILE_NEXT    MessageType = 9
	MessageType_FILE_LAST    MessageType = 10
)

func (MessageType) Enum 

func (x MessageType) Enum() *MessageType

func (MessageType) String 

func (x MessageType) String() string

func (*MessageType) UnmarshalJSON 

func (x *MessageType) UnmarshalJSON(data []byte) error

type OperationResult 

type OperationResult struct {
	Result           *bool  `protobuf:"varint,1,req,name=result" json:"result,omitempty"`
	XXX_unrecognized []byte `json:"-"`
}

An OperationResult is the final return value from a sequence of operations, like the authentication of a principal.

func (*OperationResult) GetResult 

func (m *OperationResult) GetResult() bool

func (*OperationResult) ProtoMessage 

func (*OperationResult) ProtoMessage()

func (*OperationResult) Reset 

func (m *OperationResult) Reset()

func (*OperationResult) String 

func (m *OperationResult) String() string

type Principal 

type Principal struct {
	Name    string
	CertDER []byte
	Cert    *x509.Certificate
	Status  PrincipalStatus
}

A Principal represents a principal authenticated on a channel (or trying to authenticate on a channel).

func (*Principal) DecodePrincipal 

func (p *Principal) DecodePrincipal(in []byte) error

DecodePrincipal deserializes a principal from a protobuf. Note that this would be more idiomatic as a NewPrincipal method that took in a byte slice.

func (*Principal) EncodePrincipal 

func (p *Principal) EncodePrincipal() ([]byte, error)

EncodePrincipal encodes information about a principal into a protobuf.

func (*Principal) PrintPrincipal 

func (p *Principal) PrintPrincipal()

PrintPrincipal prints information about a principal to the log.

type PrincipalInfo 

type PrincipalInfo struct {
	Name             *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"`
	Cert             []byte  `protobuf:"bytes,2,req,name=cert" json:"cert,omitempty"`
	Status           *int32  `protobuf:"varint,3,req,name=status" json:"status,omitempty"`
	XXX_unrecognized []byte  `json:"-"`
}

func (*PrincipalInfo) GetCert 

func (m *PrincipalInfo) GetCert() []byte

func (*PrincipalInfo) GetName 

func (m *PrincipalInfo) GetName() string

func (*PrincipalInfo) GetStatus 

func (m *PrincipalInfo) GetStatus() int32

func (*PrincipalInfo) ProtoMessage 

func (*PrincipalInfo) ProtoMessage()

func (*PrincipalInfo) Reset 

func (m *PrincipalInfo) Reset()

func (*PrincipalInfo) String 

func (m *PrincipalInfo) String() string

type PrincipalStatus 

type PrincipalStatus int

A PrincipalStatus gives the current state of a principal on a channel. 

const (
	Authenticated PrincipalStatus = iota
)

These constants represent the different states of principals.

type ProgramPolicy 

type ProgramPolicy struct {
	TaoName     string
	PolicyCert  []byte
	SigningKey  *tao.Keys
	SymKeys     []byte
	ProgramCert []byte
}

A ProgramPolicy object represents the current domain policy of a program.

func NewProgramPolicy 

func NewProgramPolicy(policyCert []byte, taoName string, signingKey *tao.Keys, symKeys []byte, programCert []byte) *ProgramPolicy

NewProgramPolicy creates a new ProgramPolicy for a given set of keys.

type Resource 

type Resource struct {
	Name              string
	Type              ResourceType
	Status            ResourceStatus
	Location          string
	Size              int
	Owner             string
	DateCreated       time.Time
	DateModified      time.Time
	AuthenticatorType string
	Authenticator     [][]byte
}

A Resource represents a resource managed by a handler.

func (*Resource) DecodeResource 

func (r *Resource) DecodeResource(in []byte) error

DecodeResource fills a resource from the information in a protobuf. Note that this would be more idiomatic as a NewResource method that took in a byte slice.

func (*Resource) EncodeResource 

func (r *Resource) EncodeResource() ([]byte, error)

EncodeResource creates a protobuf that represents a resource. TODO(tmroeder): map the types and statuses to protobuf enums properly.

func (*Resource) PrintResource 

func (r *Resource) PrintResource()

PrintResource prints a resource to the log.

type ResourceInfo 

type ResourceInfo struct {
	Name             *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"`
	Type             *int32  `protobuf:"varint,2,req,name=type" json:"type,omitempty"`
	Status           *int32  `protobuf:"varint,3,req,name=status" json:"status,omitempty"`
	Location         *string `protobuf:"bytes,4,req,name=location" json:"location,omitempty"`
	Size             *int32  `protobuf:"varint,5,opt,name=size" json:"size,omitempty"`
	Owner            *string `protobuf:"bytes,6,opt,name=owner" json:"owner,omitempty"`
	XXX_unrecognized []byte  `json:"-"`
}

func (*ResourceInfo) GetLocation 

func (m *ResourceInfo) GetLocation() string

func (*ResourceInfo) GetName 

func (m *ResourceInfo) GetName() string

func (*ResourceInfo) GetOwner 

func (m *ResourceInfo) GetOwner() string

func (*ResourceInfo) GetSize 

func (m *ResourceInfo) GetSize() int32

func (*ResourceInfo) GetStatus 

func (m *ResourceInfo) GetStatus() int32

func (*ResourceInfo) GetType 

func (m *ResourceInfo) GetType() int32

func (*ResourceInfo) ProtoMessage 

func (*ResourceInfo) ProtoMessage()

func (*ResourceInfo) Reset 

func (m *ResourceInfo) Reset()

func (*ResourceInfo) String 

func (m *ResourceInfo) String() string

type ResourceMaster 

type ResourceMaster struct {
	ProgramName   string
	Guard         tao.Guard
	BaseDirectory string
	Resources     map[string]*Resource
	Principals    map[string]*Principal
	Policy        []string
}

A ResourceMaster manages a set of resources for a set of principals, using a Guard to make authorization decisions.

func NewResourceMaster 

func NewResourceMaster(filepath string) *ResourceMaster

NewResourceMaster creates a ResourceMaster from the static ruleset and initializes it to manage the given directory.

func (*ResourceMaster) AuthenticatePrincipal 

func (m *ResourceMaster) AuthenticatePrincipal(ms *util.MessageStream, msg *Message, programPolicy *ProgramPolicy) ([]byte, error)

AuthenticatePrincipal runs a synchronous protocol to authenticate a single principal on a single channel. In this toy implementation, it is assumed that there are no other principals on the channel and that there are no other simultaneous channels.

func (*ResourceMaster) Create 

func (m *ResourceMaster) Create(ms *util.MessageStream, fop *FileOperation) error

Create creates a file in the resource info in the ResourceMaster, but it doesn't write any bits to disk about this file.

func (*ResourceMaster) DecodeMaster 

func (m *ResourceMaster) DecodeMaster(in []byte) error

DecodeMaster decodes information about a ResourceMaster from a protobuf. TODO(tmroeder): It would be more idiomatic to have this be something like NewResourceMaster and take in something to read the protobuf bytes from.

func (*ResourceMaster) EncodeMaster 

func (m *ResourceMaster) EncodeMaster() ([]byte, error)

EncodeMaster encodes information about a ResourceMaster as a protobuf.

func (*ResourceMaster) FindPrincipal 

func (m *ResourceMaster) FindPrincipal(name string) *Principal

FindPrincipal looks up a Principal by name

func (*ResourceMaster) FindResource 

func (m *ResourceMaster) FindResource(name string) *Resource

FindResource looks up the resource by its name.

func (*ResourceMaster) InitGuard 

func (m *ResourceMaster) InitGuard(rf string) error

InitGuard initializes the datalog guard with a rule file.

func (*ResourceMaster) InsertPrincipal 

func (m *ResourceMaster) InsertPrincipal(name string, cert []byte, authStatus PrincipalStatus) (*Principal, error)

InsertPrincipal adds a given principal with a given certificate to the set of principals. It marks this principal with the given authentication status. Note that if a principal already exists with the same name, then it just returns that principal and makes no attempt to reconcile to the two principals.

func (*ResourceMaster) InsertResource 

func (m *ResourceMaster) InsertResource(dir string, name string, owner string) *Resource

InsertResource adds a resource with a given path, name, and owner.

func (*ResourceMaster) PrintAllPolicy 

func (m *ResourceMaster) PrintAllPolicy()

PrintAllPolicy prints all policy info to the log.

func (*ResourceMaster) PrintMaster 

func (m *ResourceMaster) PrintMaster(printResources bool)

PrintMaster prints the ResourceMaster into the log.

func (*ResourceMaster) Query 

func (m *ResourceMaster) Query(query string) (bool, error)

Query checks the query against the guard to see if it is authorized.

func (*ResourceMaster) Read 

func (m *ResourceMaster) Read(ms *util.MessageStream, fop *FileOperation, key []byte) error

Read causes the bytes of the file to be decrypted and read to the message stream. By the time this function is called, the remote principal has already been authenticated and the operation has already been authorized.

func (*ResourceMaster) RunMessageLoop 

func (m *ResourceMaster) RunMessageLoop(ms *util.MessageStream, programPolicy *ProgramPolicy) error

RunMessageLoop handles messages from a client on a given message stream until it gets an error trying to read a message.

func (*ResourceMaster) Write 

func (m *ResourceMaster) Write(ms *util.MessageStream, fop *FileOperation, key []byte) error

Write causes the bytes of the file to be encrypted and integrity-protected and written to disk as they are read from the MessageStream.

type ResourceMasterInfo 

type ResourceMasterInfo struct {
	PrinName          *string `protobuf:"bytes,1,opt,name=prin_name" json:"prin_name,omitempty"`
	BaseDirectoryName *string `protobuf:"bytes,2,opt,name=base_directory_name" json:"base_directory_name,omitempty"`
	NumFileInfos      *int32  `protobuf:"varint,3,req,name=num_file_infos" json:"num_file_infos,omitempty"`
	XXX_unrecognized  []byte  `json:"-"`
}

func (*ResourceMasterInfo) GetBaseDirectoryName 

func (m *ResourceMasterInfo) GetBaseDirectoryName() string

func (*ResourceMasterInfo) GetNumFileInfos 

func (m *ResourceMasterInfo) GetNumFileInfos() int32

func (*ResourceMasterInfo) GetPrinName 

func (m *ResourceMasterInfo) GetPrinName() string

func (*ResourceMasterInfo) ProtoMessage 

func (*ResourceMasterInfo) ProtoMessage()

func (*ResourceMasterInfo) Reset 

func (m *ResourceMasterInfo) Reset()

func (*ResourceMasterInfo) String 

func (m *ResourceMasterInfo) String() string

type ResourceStatus 

type ResourceStatus int

A ResourceStatus is the state in which a resource finds itself. 

const (
	Created ResourceStatus = iota
)

These constants represent the difference states of resources.

type ResourceType 

type ResourceType int

A ResourceType is the type of resource managed by the handler. 

const (
	File ResourceType = iota
)

These constants represent the different types of resources.

type RollbackHash 

type RollbackHash struct {
	Item             *string `protobuf:"bytes,1,req,name=item" json:"item,omitempty"`
	Hash             []byte  `protobuf:"bytes,2,req,name=hash" json:"hash,omitempty"`
	XXX_unrecognized []byte  `json:"-"`
}

A RollbackHash is a hash for a given item.

func (*RollbackHash) GetHash 

func (m *RollbackHash) GetHash() []byte

func (*RollbackHash) GetItem 

func (m *RollbackHash) GetItem() string

func (*RollbackHash) ProtoMessage 

func (*RollbackHash) ProtoMessage()

func (*RollbackHash) Reset 

func (m *RollbackHash) Reset()

func (*RollbackHash) String 

func (m *RollbackHash) String() string

type RollbackMaster 

type RollbackMaster struct {
	Name     string
	Programs map[string]*RollbackProgram
}

A RollbackMaster stores information about the rollback state of all programs that use the RollbackMaster.

func NewRollbackMaster 

func NewRollbackMaster(name string) *RollbackMaster

NewRollbackMaster creates a new RollbackMaster with the given name.

func (*RollbackMaster) AddRollbackProgram 

func (r *RollbackMaster) AddRollbackProgram(name string) *RollbackProgram

AddRollbackProgram inserts a rollback program with a given name into the table. If there is already a program with this name, then it returns the program that already has that name.

func (*RollbackMaster) FindRollbackProgram 

func (r *RollbackMaster) FindRollbackProgram(name string) *RollbackProgram

FindRollbackProgram finds a given RollbackProgram by name

func (*RollbackMaster) GetCounter 

func (r *RollbackMaster) GetCounter(ms *util.MessageStream, name string) error

GetCounter implements RollbackMessageType_GET_COUNTER and returns the current value of a counter to the requestor.

func (*RollbackMaster) GetHashedVerifier 

func (r *RollbackMaster) GetHashedVerifier(ms *util.MessageStream, name string, item string) error

GetHashedVerifier gets a version of the hash for a given item along with the current monotonic counter.

func (*RollbackMaster) RunMessageLoop 

func (r *RollbackMaster) RunMessageLoop(ms *util.MessageStream, programPolicy *ProgramPolicy, name string) error

RunMessageLoop handles incoming messages for the RollbackMaster and passes them to the appropriate functions.

func (*RollbackMaster) SetCounter 

func (r *RollbackMaster) SetCounter(ms *util.MessageStream, name string, counter uint64) error

SetCounter sets the monotonic counter for a given program to a higher value. It returns an error if the program doesn't exist or if the new value of the counter is less than the current value of the counter.

func (*RollbackMaster) SetHash 

func (r *RollbackMaster) SetHash(ms *util.MessageStream, name string, item string, h []byte) error

SetHash implements RollbackMessageType_SET_HASH by setting the value of the hash for a given item to a given hash value.

type RollbackMessage 

type RollbackMessage struct {
	Type             *RollbackMessageType `protobuf:"varint,1,req,name=type,enum=fileproxy.RollbackMessageType" json:"type,omitempty"`
	Data             []byte               `protobuf:"bytes,2,req,name=data" json:"data,omitempty"`
	XXX_unrecognized []byte               `json:"-"`
}

A RollbackMessage is a message sent like an RPC between fileproxy hosts and a rollback server. The data is sometimes simply data and is sometimes a serialized protobuf, depending on the message type.

func (*RollbackMessage) GetData 

func (m *RollbackMessage) GetData() []byte

func (*RollbackMessage) GetType 

func (m *RollbackMessage) GetType() RollbackMessageType

func (*RollbackMessage) ProtoMessage 

func (*RollbackMessage) ProtoMessage()

func (*RollbackMessage) Reset 

func (m *RollbackMessage) Reset()

func (*RollbackMessage) String 

func (m *RollbackMessage) String() string

type RollbackMessageType 

type RollbackMessageType int32
const (
	RollbackMessageType_SET_COUNTER         RollbackMessageType = 1
	RollbackMessageType_GET_COUNTER         RollbackMessageType = 2
	RollbackMessageType_SET_HASH            RollbackMessageType = 3
	RollbackMessageType_GET_HASHED_VERIFIER RollbackMessageType = 4
	RollbackMessageType_ERROR               RollbackMessageType = 5
)

func (RollbackMessageType) Enum 

func (x RollbackMessageType) Enum() *RollbackMessageType

func (RollbackMessageType) String 

func (x RollbackMessageType) String() string

func (*RollbackMessageType) UnmarshalJSON 

func (x *RollbackMessageType) UnmarshalJSON(data []byte) error

type RollbackProgram 

type RollbackProgram struct {
	MasterInfoSaveFile string
	HashSaveFile       string
	Name               string
	MonotonicCounter   uint64
	Hashes             map[string][]byte
}

A RollbackProgram stores the rollback information for a given program.

func (*RollbackProgram) AddRollbackHashEntry 

func (pi *RollbackProgram) AddRollbackHashEntry(name string, newHash []byte) error

AddRollbackHashEntry adds a given name/hash pair to the map and updates the hash if this name already exists.

func (*RollbackProgram) FindRollbackHashEntry 

func (pi *RollbackProgram) FindRollbackHashEntry(name string) []byte

FindRollbackHashEntry looks up the hash for a given item name in a rollback program. Note that it returns the default value of a slice (nil) if the name doesn't exist.

type RollbackResponse 

type RollbackResponse struct {
	Type             *RollbackMessageType `protobuf:"varint,1,req,name=type,enum=fileproxy.RollbackMessageType" json:"type,omitempty"`
	Data             []byte               `protobuf:"bytes,2,req,name=data" json:"data,omitempty"`
	XXX_unrecognized []byte               `json:"-"`
}

A RollbackResponse is the value received from the rollback server in response to a RollbackMessage.

func (*RollbackResponse) GetData 

func (m *RollbackResponse) GetData() []byte

func (*RollbackResponse) GetType 

func (m *RollbackResponse) GetType() RollbackMessageType

func (*RollbackResponse) ProtoMessage 

func (*RollbackResponse) ProtoMessage()

func (*RollbackResponse) Reset 

func (m *RollbackResponse) Reset()

func (*RollbackResponse) String 

func (m *RollbackResponse) String() string

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.