security

package
v2.0.437+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 5, 2018 License: AGPL-3.0 Imports: 23 Imported by: 24

Documentation

Index

Constants

View Source 
const (
	ChannelInvalid = uint8(iota)
	ChannelStatic
	ChannelWildcard
)

Channel types

View Source 
const (
	ContractStateUnknown = uint8(iota)
	ContractStateAllowed
	ContractStateRefused
)

The contract's state possible values.

View Source 
const (
	AllowNone      = uint32(0)              // Key has no privileges.
	AllowMaster    = uint32(1 << 0)         // Key should be allowed to generate other keys.
	AllowRead      = uint32(1 << 1)         // Key should be allowed to subscribe to the target channel.
	AllowWrite     = uint32(1 << 2)         // Key should be allowed to publish to the target channel.
	AllowStore     = uint32(1 << 3)         // Key should be allowed to write to the message history of the target channel.
	AllowLoad      = uint32(1 << 4)         // Key should be allowed to write to read the message history of the target channel.
	AllowPresence  = uint32(1 << 5)         // Key should be allowed to query the presence on the target channel.
	AllowReadWrite = AllowRead | AllowWrite // Key should be allowed to read and write to the target channel.
	AllowStoreLoad = AllowStore | AllowLoad // Key should be allowed to read and write the message history.
)

Access types for a security key.

View Source 
const (
	LicenseTypeUnknown = iota
	LicenseTypeCloud
	LicenseTypeOnPremise
)

Various license types

Variables

View Source 
var (
	ErrTargetInvalid = errors.New("channel should end with `/` for strict types or `/#/` for multi level wildcard")
	ErrTargetTooLong = errors.New("channel can not have more than 23 parts")
)

Key errors

Functions

func NewLicenseAndMaster 

func NewLicenseAndMaster() (string, string)

NewLicenseAndMaster generates a new license and master key.

Types

type Channel 

type Channel struct {
	Key         []byte          // Gets or sets the API key of the channel.
	Channel     []byte          // Gets or sets the channel string.
	Query       []uint32        // Gets or sets the full ssid.
	Options     []ChannelOption // Gets or sets the options.
	ChannelType uint8
}

Channel represents a parsed MQTT topic.

func ParseChannel 

func ParseChannel(text []byte) (channel *Channel)

ParseChannel attempts to parse the channel from the underlying slice.

func (*Channel) Last 

func (c *Channel) Last() (uint32, bool)

Last returns the 'last' option

func (*Channel) TTL 

func (c *Channel) TTL() (uint32, bool)

TTL returns a Time-To-Live option

func (*Channel) Target 

func (c *Channel) Target() uint32

Target returns the channel target (first element of the query, second element of an SSID)

type ChannelOption 

type ChannelOption struct {
	Key   string
	Value string
}

ChannelOption represents a key/value pair option.

type Cipher 

type Cipher struct {
	// contains filtered or unexported fields
}

Cipher represents a security cipher which can encrypt/decrypt security keys.

func NewCipher 

func NewCipher(value string) (*Cipher, error)

NewCipher creates a new cipher.

func (*Cipher) DecryptKey 

func (c *Cipher) DecryptKey(buffer []byte) (Key, error)

DecryptKey decrypts the security key from a base64 encoded string.

func (*Cipher) EncryptKey 

func (c *Cipher) EncryptKey(k Key) (string, error)

EncryptKey encrypts the key and return a base-64 encoded string.

func (*Cipher) GenerateKey 

func (c *Cipher) GenerateKey(masterKey Key, channel string, permissions uint32, expires time.Time, maxRandSalt int16) (string, error)

GenerateKey generates a new key.

type Contract 

type Contract interface {
	Validate(key Key) bool // Validate checks the security key with the contract.
	Stats() usage.Meter    // Gets the usage statistics.
}

Contract represents an interface for a contract.

type ContractProvider 

type ContractProvider interface {
	config.Provider

	Create() (Contract, error)
	Get(id uint32) (Contract, bool)
}

ContractProvider represents an interface for a contract provider.

type HTTPContractProvider 

type HTTPContractProvider struct {
	// contains filtered or unexported fields
}

HTTPContractProvider provides contracts over http.

func NewHTTPContractProvider 

func NewHTTPContractProvider(license *License, metering usage.Metering) *HTTPContractProvider

NewHTTPContractProvider creates a new single contract provider.

func (*HTTPContractProvider) Configure 

func (p *HTTPContractProvider) Configure(config map[string]interface{}) (err error)

Configure configures the provider.

func (*HTTPContractProvider) Create 

func (p *HTTPContractProvider) Create() (Contract, error)

Create creates a contract, the HTTPContractProvider way.

func (*HTTPContractProvider) Get 

func (p *HTTPContractProvider) Get(id uint32) (Contract, bool)

Get returns a ContractData fetched by its id.

func (*HTTPContractProvider) Name 

func (p *HTTPContractProvider) Name() string

Name returns the name of the provider.

type ID 

type ID uint64

ID represents a process-wide unique ID.

func NewID 

func NewID() ID

NewID generates a new, process-wide unique ID.

func (ID) String 

func (id ID) String() string

String converts the ID to a string representation.

func (ID) Unique 

func (id ID) Unique(prefix uint64, salt string) string

Unique generates unique id based on the current id with a prefix and salt.

type Key 

type Key []byte

Key represents a security key.

func (Key) Contract 

func (k Key) Contract() uint32

Contract gets the contract id.

func (Key) Expires 

func (k Key) Expires() time.Time

Expires gets the expiration date for the key.

func (Key) HasPermission 

func (k Key) HasPermission(flag uint32) bool

HasPermission check whether the key provides some permission.

func (Key) IsEmpty 

func (k Key) IsEmpty() bool

IsEmpty checks whether the key is empty or not.

func (Key) IsExpired 

func (k Key) IsExpired() bool

IsExpired gets whether the key has expired or not.

func (Key) IsMaster 

func (k Key) IsMaster() bool

IsMaster gets whether the key is a master key..

func (Key) Master 

func (k Key) Master() uint16

Master gets the master key id.

func (Key) Permissions 

func (k Key) Permissions() uint32

Permissions gets the permission flags.

func (Key) Salt 

func (k Key) Salt() uint16

Salt gets the random salt of the key

func (Key) SetContract 

func (k Key) SetContract(value uint32)

SetContract sets the contract id.

func (Key) SetExpires 

func (k Key) SetExpires(value time.Time)

SetExpires sets the expiration date for the key.

func (Key) SetMaster 

func (k Key) SetMaster(value uint16)

SetMaster sets the master key id.

func (Key) SetPermissions 

func (k Key) SetPermissions(value uint32)

SetPermissions sets the permission flags.

func (Key) SetSalt 

func (k Key) SetSalt(value uint16)

SetSalt sets the random salt of the key.

func (Key) SetSignature 

func (k Key) SetSignature(value uint32)

SetSignature sets the signature of the contract.

func (Key) SetTarget 

func (k Key) SetTarget(channel string) error

SetTarget sets the target channel for the key.

func (Key) Signature 

func (k Key) Signature() uint32

Signature gets the signature of the contract.

func (Key) ValidateChannel 

func (k Key) ValidateChannel(ch *Channel) bool

ValidateChannel validates the channel string.

type License 

type License struct {
	EncryptionKey string    // Gets or sets the encryption key.
	Contract      uint32    // Gets or sets the contract id.
	Signature     uint32    // Gets or sets the signature of the contract.
	Expires       time.Time // Gets or sets the expiration date for the license.
	Type          uint32    // Gets or sets the license type.
}

License represents a security license for the service.

func NewLicense 

func NewLicense() *License

NewLicense generates a new crypto-random license.

func ParseLicense 

func ParseLicense(data string) (*License, error)

ParseLicense decrypts the license and verifies it.

func (*License) Cipher 

func (l *License) Cipher() (*Cipher, error)

Cipher creates a new cipher for the licence

func (*License) NewMasterKey 

func (l *License) NewMasterKey(id uint16) (Key, error)

NewMasterKey generates a new master key.

func (*License) String 

func (l *License) String() string

String converts the license to string.

type NoopContractProvider 

type NoopContractProvider struct{}

NoopContractProvider does not provide a contract.

func NewNoopContractProvider 

func NewNoopContractProvider() *NoopContractProvider

NewNoopContractProvider creates a new no-op contract provider.

func (*NoopContractProvider) Configure 

func (p *NoopContractProvider) Configure(config map[string]interface{}) error

Configure configures the provider.

func (*NoopContractProvider) Create 

func (p *NoopContractProvider) Create() (Contract, error)

Create creates a contract, the SingleContractProvider way.

func (*NoopContractProvider) Get 

func (p *NoopContractProvider) Get(id uint32) (Contract, bool)

Get returns a ContractData fetched by its id.

func (*NoopContractProvider) Name 

func (p *NoopContractProvider) Name() string

Name returns the name of the provider.

type SingleContractProvider 

type SingleContractProvider struct {
	// contains filtered or unexported fields
}

SingleContractProvider provides contracts on premise.

func NewSingleContractProvider 

func NewSingleContractProvider(license *License, metering usage.Metering) *SingleContractProvider

NewSingleContractProvider creates a new single contract provider.

func (*SingleContractProvider) Configure 

func (p *SingleContractProvider) Configure(config map[string]interface{}) error

Configure configures the provider.

func (*SingleContractProvider) Create 

func (p *SingleContractProvider) Create() (Contract, error)

Create creates a contract, the SingleContractProvider way.

func (*SingleContractProvider) Get 

func (p *SingleContractProvider) Get(id uint32) (Contract, bool)

Get returns a ContractData fetched by its id.

func (*SingleContractProvider) Name 

func (p *SingleContractProvider) Name() string

Name returns the name of the provider.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.