GO-2022-0381: Import of incorrectly embargoed keys could cause early publication in github.com/google/exposure-notifications-server

verification

package

v0.5.0 Latest Latest Go to latest Published: Aug 24, 2020 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/exposure-notifications-server

Links

Open Source Insights

Documentation ¶

Overview ¶

Package verification provides the ability to verify the diagnosis certificates (JWTs) coming from public health authorities that are responsible for verifying diagnosis pin codes and ceritfying the TEKs.

Index ¶

type Config
type VerifiedClaims
type Verifier
- func New(db *database.HealthAuthorityDB, config *Config) (*Verifier, error)
- func (v *Verifier) VerifyDiagnosisCertificate(ctx context.Context, authApp *aamodel.AuthorizedApp, ...) (*VerifiedClaims, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	CacheDuration time.Duration `env:"VERIFICATION_CACHE_DURATION, default=5m"`
}

Config represents the available configuration for the public health authority verification piece.

type VerifiedClaims ¶

type VerifiedClaims struct {
	HealthAuthorityID    int64
	ReportType           string // blank indicates no report type was present.
	SymptomOnsetInterval uint32 // 0 indicates no symptom onset interval present. This should be checked for "reasonable" value before application.
}

VerifiedClaims represents the relevant claims extracted from a verified certificate that may need to be applied.

type Verifier ¶

type Verifier struct {
	// contains filtered or unexported fields
}

Verifier can be used to verify public health authority diagnosis verification certificates.

func New ¶

func New(db *database.HealthAuthorityDB, config *Config) (*Verifier, error)

New creates a new verifier, based on this DB handle.

func (*Verifier) VerifyDiagnosisCertificate ¶

func (v *Verifier) VerifyDiagnosisCertificate(ctx context.Context, authApp *aamodel.AuthorizedApp, publish *verifyapi.Publish) (*VerifiedClaims, error)

VerifyDiagnosisCertificate accepts a publish request (from which is extracts the JWT), fully verifies the JWT and signture against what the passed in authorrized app is allowed to use. Returns any transmission risk overrides if they are present.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
database Package database is a database interface to health authorities.	Package database is a database interface to health authorities.
model Package model is a model abstraction of health authorities.	Package model is a model abstraction of health authorities.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL