ctrl

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 27, 2018 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Overview

Package ctrl handles SCION control-plane payloads, which are encoded as capnp proto messages. Each ctrl payload has a 4B length field prefixed to the start of the capnp message.

Index

Constants

View Source
const (
	// SrcDefaultPrefix is the default prefix for proto.SignS.Src.
	SrcDefaultPrefix = "DEFAULT: "
	// SrcDefaultFmt is the default format for proto.SignS.Src.
	SrcDefaultFmt = `^` + SrcDefaultPrefix + `IA: (\S+) CHAIN: (\d+) TRC: (\d+)$`
)
View Source
const LenSize = 4
View Source
const SignatureValidity = 2 * time.Second

Variables

This section is empty.

Functions

func GetChainForSign added in v0.1.1

func GetChainForSign(ctx context.Context, s *SignSrcDef,
	tStore infra.TrustStore) (*cert.Chain, error)

func VerifySig

func VerifySig(ctx context.Context, p *SignedPld, sigV SigVerifier) error

VerifySig does some sanity checks on p, and then verifies the signature using sigV.

Types

type BasicSigVerifier

type BasicSigVerifier struct {
	// contains filtered or unexported fields
}

BasicSigVerifier is a SigVerifier that ignores signatures on cert_mgmt.TRC and cert_mgmt.Chain messages, to avoid dependency cycles.

func NewBasicSigVerifier

func NewBasicSigVerifier(tStore infra.TrustStore) *BasicSigVerifier

func (*BasicSigVerifier) Verify

func (v *BasicSigVerifier) Verify(ctx context.Context, p *SignedPld) error

type BasicSigner

type BasicSigner struct {
	// contains filtered or unexported fields
}

BasicSigner is a simple implementation of Signer.

func NewBasicSigner

func NewBasicSigner(s *proto.SignS, key common.RawBytes) *BasicSigner

NewBasicSigner creates a Signer that uses the supplied s and key to sign Pld's.

func (*BasicSigner) Sign

func (b *BasicSigner) Sign(pld *Pld) (*SignedPld, error)

type Data

type Data struct {
	ReqId   uint64
	TraceId common.RawBytes
}

Data holds all non-union entries from CtrlPld

type Pld

type Pld struct {
	*Data
	// contains filtered or unexported fields
}

func NewCertMgmtPld

func NewCertMgmtPld(u proto.Cerealizable, certD *cert_mgmt.Data, ctrlD *Data) (*Pld, error)

NewCertMgmtPld creates a new control payload, containing a new cert_mgmt payload, which in turn contains the supplied Cerealizable instance.

func NewPathMgmtPld

func NewPathMgmtPld(u proto.Cerealizable, pathD *path_mgmt.Data, ctrlD *Data) (*Pld, error)

NewPathMgmtPld creates a new control payload, containing a new path_mgmt payload, which in turn contains the supplied Cerealizable instance.

func NewPld

func NewPld(u proto.Cerealizable, d *Data) (*Pld, error)

NewPld creates a new control payload, containing the supplied Cerealizable instance.

func NewPldFromRaw

func NewPldFromRaw(b common.RawBytes) (*Pld, error)

func (*Pld) Copy

func (p *Pld) Copy() (common.Payload, error)

func (*Pld) GetCertMgmt

func (p *Pld) GetCertMgmt() (*cert_mgmt.Pld, *Data, error)

GetCertMgmt returns the CertMgmt payload and the CtrlPld's non-union Data. If the union type is not CertMgmt, an error is returned.

func (*Pld) GetPathMgmt

func (p *Pld) GetPathMgmt() (*path_mgmt.Pld, *Data, error)

GetCertMgmt returns the PathMgmt payload and the CtrlPld's non-union Data. If the union type is not PathMgmt, an error is returned.

func (*Pld) Len

func (p *Pld) Len() int

func (*Pld) PackPld

func (p *Pld) PackPld() (common.RawBytes, error)

func (*Pld) ProtoId

func (p *Pld) ProtoId() proto.ProtoIdType

func (*Pld) SignedPld

func (p *Pld) SignedPld(signer Signer) (*SignedPld, error)

func (*Pld) String

func (p *Pld) String() string

func (*Pld) Union

func (p *Pld) Union() (proto.Cerealizable, error)

func (*Pld) Write

func (p *Pld) Write(b common.RawBytes) (int, error)

func (*Pld) WritePld

func (p *Pld) WritePld(b common.RawBytes) (int, error)

type SigVerifier

type SigVerifier interface {
	Verify(context.Context, *SignedPld) error
}

SigVerifier verifies the signature of a SignedPld.

var NullSigVerifier SigVerifier = &nullSigVerifier{}

NullSigVerifier ignores signatures on all messages.

type SignSrcDef

type SignSrcDef struct {
	IA       addr.IA
	ChainVer uint64
	TRCVer   uint64
}

func NewSignSrcDefFromRaw

func NewSignSrcDefFromRaw(b common.RawBytes) (*SignSrcDef, error)

func (*SignSrcDef) Pack

func (s *SignSrcDef) Pack() common.RawBytes

func (*SignSrcDef) String

func (s *SignSrcDef) String() string

type SignedPld

type SignedPld struct {
	Blob common.RawBytes
	Sign *proto.SignS
	// contains filtered or unexported fields
}

func NewSignedPldFromRaw

func NewSignedPldFromRaw(b common.RawBytes) (*SignedPld, error)

func (*SignedPld) Copy

func (sp *SignedPld) Copy() (common.Payload, error)

func (*SignedPld) Len

func (sp *SignedPld) Len() int

func (*SignedPld) PackPld

func (sp *SignedPld) PackPld() (common.RawBytes, error)

func (*SignedPld) Pld

func (sp *SignedPld) Pld() (*Pld, error)

func (*SignedPld) ProtoId

func (sp *SignedPld) ProtoId() proto.ProtoIdType

func (*SignedPld) SetPld

func (sp *SignedPld) SetPld(p *Pld) error

func (*SignedPld) String

func (sp *SignedPld) String() string

func (*SignedPld) WritePld

func (sp *SignedPld) WritePld(b common.RawBytes) (int, error)

type Signer

type Signer interface {
	Sign(*Pld) (*SignedPld, error)
}

Signer takes a Pld and signs it, producing a SignedPld.

var NullSigner Signer = NewBasicSigner(nil, nil)

NullSigner is a Signer that creates SignedPld's with no signature.

Directories

Path Synopsis
Package ctrl_msg implements a layer for sending SCION Ctrl payload requests/notifications via the infra dispatcher, including integrated signing and signature verification of ctrl payloads.
Package ctrl_msg implements a layer for sending SCION Ctrl payload requests/notifications via the infra dispatcher, including integrated signing and signature verification of ctrl payloads.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL