Documentation ¶
Overview ¶
Package loglist allows parsing and searching of the master CT Log list.
Index ¶
- Constants
- type Log
- type LogList
- func (ll *LogList) ActiveLogs() LogList
- func (ll *LogList) CheckBranch(branch *LogList) []string
- func (ll *LogList) Compatible(cert *x509.Certificate, certRoot *x509.Certificate, roots LogRoots) LogList
- func (ll *LogList) FindLogByKey(key []byte) *Log
- func (ll *LogList) FindLogByKeyHash(keyhash [sha256.Size]byte) *Log
- func (ll *LogList) FindLogByKeyHashPrefix(prefix string) []*Log
- func (ll *LogList) FindLogByName(name string) []*Log
- func (ll *LogList) FindLogByURL(url string) *Log
- func (ll *LogList) FuzzyFindLog(input string) []*Log
- func (ll *LogList) OperatorIDSet() map[int]string
- type LogRoots
- type Operator
- type STH
Constants ¶
const ( // LogListURL has the master URL for Google Chrome's log list. LogListURL = "https://www.gstatic.com/ct/log_list/log_list.json" // LogListSignatureURL has the URL for the signature over Google Chrome's log list. LogListSignatureURL = "https://www.gstatic.com/ct/log_list/log_list.sig" // AllLogListURL has the URL for the list of all known logs (which isn't signed). AllLogListURL = "https://www.gstatic.com/ct/log_list/all_logs_list.json" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Log ¶
type Log struct { Description string `json:"description"` Key []byte `json:"key"` MaximumMergeDelay int `json:"maximum_merge_delay"` // seconds OperatedBy []int `json:"operated_by"` // List of log operators URL string `json:"url"` FinalSTH *STH `json:"final_sth,omitempty"` DisqualifiedAt int `json:"disqualified_at,omitempty"` DNSAPIEndpoint string `json:"dns_api_endpoint,omitempty"` // DNS API endpoint for the log }
Log describes a log.
func (*Log) GoogleOperated ¶ added in v1.1.0
GoogleOperated returns whether Log is operated by Google. Rough logic.
type LogList ¶
LogList holds a collection of logs and their operators
func NewFromJSON ¶ added in v1.0.13
NewFromJSON creates a LogList from JSON encoded data.
func NewFromSignedJSON ¶ added in v1.0.13
NewFromSignedJSON creates a LogList from JSON encoded data, checking a signature along the way. The signature data should be provided as the raw signature data.
func (*LogList) ActiveLogs ¶ added in v1.1.0
ActiveLogs creates a new LogList containing only non-disqualified non-frozen logs from the original.
func (*LogList) CheckBranch ¶ added in v1.1.0
CheckBranch checks edited version of LogList against a master one for edit restrictions: consistency across operators, matching functionality of mutual logs. Returns slice of warnings if any.
func (*LogList) Compatible ¶ added in v1.1.0
func (ll *LogList) Compatible(cert *x509.Certificate, certRoot *x509.Certificate, roots LogRoots) LogList
Compatible creates a new LogList containing only the logs of original LogList that are compatible with the provided cert, according to the passed in collection of per-log roots. Logs that are missing from the collection are treated as always compatible and included, even if an empty cert root is passed in. Cert-root when provided is expected to be CA-cert.
func (*LogList) FindLogByKey ¶
FindLogByKey finds the log with the given DER-encoded key.
func (*LogList) FindLogByKeyHash ¶
FindLogByKeyHash finds the log with the given key hash.
func (*LogList) FindLogByKeyHashPrefix ¶ added in v1.0.20
FindLogByKeyHashPrefix finds all logs whose key hash starts with the prefix.
func (*LogList) FindLogByName ¶
FindLogByName returns all logs whose names contain the given string.
func (*LogList) FindLogByURL ¶
FindLogByURL finds the log with the given URL.
func (*LogList) FuzzyFindLog ¶
FuzzyFindLog tries to find logs that match the given unspecified input, whose format is unspecified. This generally returns a single log, but if text input that matches multiple log descriptions is provided, then multiple logs may be returned.
func (*LogList) OperatorIDSet ¶ added in v1.1.0
OperatorIDSet is a helper op, creates set of operators for LogList.
type LogRoots ¶ added in v1.1.0
type LogRoots map[string]*x509util.PEMCertPool
LogRoots maps Log-URLs (stated at LogList) to the pools of their accepted root-certificates.