GO-2022-0270: Insufficient Granularity of Access Control in github.com/google/exposure-notifications-verification-server

rotation

package

v0.31.0 Latest Latest Go to latest Published: Jun 21, 2021 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/exposure-notifications-verification-server

Links

Open Source Insights

Documentation ¶

Overview ¶

Package rotation implements periodic secret rotation.

Index ¶

Variables
type Controller
- func New(cfg *config.RotationConfig, db *database.Database, ...) *Controller

Constants ¶

This section is empty.

Variables ¶

View Source

var RotationActor database.Auditable = new(rotationActor)

RotationActor is the actor in the database for rotation events.

Functions ¶

This section is empty.

Types ¶

type Controller ¶

type Controller struct {
	// contains filtered or unexported fields
}

func New ¶

func New(cfg *config.RotationConfig, db *database.Database, keyManager keys.SigningKeyManager, secretManager secrets.SecretVersionManager, h *render.Renderer) *Controller

func (*Controller) HandleRotateSecrets ¶ added in v0.27.0

func (c *Controller) HandleRotateSecrets() http.Handler

HandleRotateSecrets handles secrets rotation.

func (*Controller) HandleRotateTokenSigningKey ¶ added in v0.27.0

func (c *Controller) HandleRotateTokenSigningKey() http.Handler

HandleRotateTokenSigningKey handles key rotation.

func (*Controller) HandleRotateVerificationKeys ¶ added in v0.27.0

func (c *Controller) HandleRotateVerificationKeys() http.Handler

HandleRotateVerificationKeys handles verification certificate key rotation.

func (*Controller) RotateSecrets ¶ added in v0.27.0

func (c *Controller) RotateSecrets(ctx context.Context) error

RotateSecrets triggers a secret rotation. It does not take out a lock nor does it return an HTTP response. This is primarily used so other functions can perform initials ecrets bootstrapping.

func (*Controller) RotateTokenSigningKey ¶ added in v0.27.0

func (c *Controller) RotateTokenSigningKey(ctx context.Context) error

RotateTokenSigningKey rotates the signing key. It does not acquire a lock.

func (*Controller) RotateVerificationKeys ¶ added in v0.27.0

func (c *Controller) RotateVerificationKeys(ctx context.Context) error

RotateVerificationKeys rotates each realm's verification keys. It does not acquire a database lock.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL