ctconfig

package

v0.0.0-...-3baac6f Latest Latest Go to latest Published: Nov 15, 2024 License: MPL-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/letsencrypt/boulder

Documentation ¶

Index ¶

type CTConfig
type CTGroup
type LogDescription
- func (ld LogDescription) Info(exp time.Time) (string, string, error)
type LogID
type LogShard
type TemporalSet
- func (ts *TemporalSet) Setup() error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CTConfig ¶

type CTConfig struct {
	// Stagger is duration (e.g. "200ms") indicating how long to wait for a log
	// from one operator group to accept a certificate before attempting
	// submission to a log run by a different operator instead.
	Stagger config.Duration
	// LogListFile is a path to a JSON log list file. The file must match Chrome's
	// schema: https://www.gstatic.com/ct/log_list/v3/log_list_schema.json
	LogListFile string `validate:"required"`
	// SCTLogs is a list of CT log names to submit precerts to in order to get SCTs.
	SCTLogs []string `validate:"min=1,dive,required"`
	// InfoLogs is a list of CT log names to submit precerts to on a best-effort
	// basis. Logs are included here for the sake of wider distribution of our
	// precerts, and to exercise logs that in the qualification process.
	InfoLogs []string
	// FinalLogs is a list of CT log names to submit final certificates to.
	// This may include duplicates from the lists above, to submit both precerts
	// and final certs to the same log.
	FinalLogs []string
}

CTConfig is the top-level config object expected to be embedded in an executable's JSON config struct.

type CTGroup ¶

type CTGroup struct {
	Name string
	Logs []LogDescription
}

CTGroup represents a group of CT Logs. Although capable of holding logs grouped by any arbitrary feature, is today primarily used to hold logs which are all operated by the same legal entity.

type LogDescription ¶

type LogDescription struct {
	URI             string
	Key             string
	SubmitFinalCert bool

	*TemporalSet
}

LogDescription contains the information needed to submit certificates to a CT log and verify returned receipts. If TemporalSet is non-nil then URI and Key should be empty.

func (LogDescription) Info ¶

func (ld LogDescription) Info(exp time.Time) (string, string, error)

Info returns the URI and key of the log, either from a plain log description or from the earliest valid shard from a temporal log set

type LogID ¶

type LogID struct {
	Name        string
	ID          string
	SubmitFinal bool
}

LogID holds enough information to uniquely identify a CT Log: its log_id (the base64-encoding of the SHA-256 hash of its public key) and its human- readable name/description. This is used to extract other log parameters (such as its URL and public key) from the Chrome Log List.

type LogShard ¶

type LogShard struct {
	URI         string
	Key         string
	WindowStart time.Time
	WindowEnd   time.Time
}

LogShard describes a single shard of a temporally sharded CT log

type TemporalSet ¶

type TemporalSet struct {
	Name   string
	Shards []LogShard
}

TemporalSet contains a set of temporal shards of a single log

func (*TemporalSet) Setup ¶

func (ts *TemporalSet) Setup() error

Setup initializes the TemporalSet by parsing the start and end dates and verifying WindowEnd > WindowStart

Source Files ¶

View all Source files

ctconfig.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL