ctpolicy

package
v0.0.0-...-5b94510 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 17, 2024 License: MPL-2.0 Imports: 10 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CTPolicy

type CTPolicy struct {
	// contains filtered or unexported fields
}

CTPolicy is used to hold information about SCTs required from various groupings

func New

func New(pub pubpb.PublisherClient, sctLogs loglist.List, infoLogs loglist.List, finalLogs loglist.List, stagger time.Duration, log blog.Logger, stats prometheus.Registerer) *CTPolicy

New creates a new CTPolicy struct

func (*CTPolicy) GetSCTs

func (ctp *CTPolicy) GetSCTs(ctx context.Context, cert core.CertDER, expiration time.Time) (core.SCTDERs, error)

GetSCTs retrieves exactly two SCTs from the total collection of configured log groups, with at most one SCT coming from each group. It expects that all logs run by a single operator (e.g. Google) are in the same group, to guarantee that SCTs from logs in different groups do not end up coming from the same operator. As such, it enforces Google's current CT Policy, which requires that certs have two SCTs from logs run by different operators.

func (*CTPolicy) SubmitFinalCert

func (ctp *CTPolicy) SubmitFinalCert(cert core.CertDER, expiration time.Time)

SubmitFinalCert submits finalized certificates created from precertificates to any configured "final" logs, but does not care about success.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL