Documentation ¶
Index ¶
- Constants
- Variables
- func AnalyzeSuffix(uri string) (valid, hasStar, hasPlus bool)
- func Bool(b bool) *bool
- func CalculateEmptyKeyBundleEntries(startDat time.Time, endDat time.Time, userPrefix [][]byte) ([][][]byte, []serdes.BN256OAQUEKeyringBundleEntry, wve.WVE)
- func CalculateKeyBundlePartitions(startDat time.Time, endDat time.Time, userPrefix [][]byte) ([][][]byte, wve.WVE)
- func CalculateWR1Partition(validFrom time.Time, validUntil time.Time, userPrefix [][]byte) ([][]byte, wve.WVE)
- func DecodeKeyBundleEntries(be []serdes.BN256OAQUEKeyringBundleEntry) ([][][]byte, wve.WVE)
- func HashSchemeInstanceEqual(lhs HashSchemeInstance, rhs HashSchemeInstance) bool
- func InjectStorageInterface(si StorageInterface)
- func Int(i int) *int
- func IsNameDeclarationValid(s string) bool
- func ParseWR1Partition(p [][]byte) (start *DateRange, end *DateRange, user [][]byte, err wve.WVE)
- func Partition(s ...string) [][]byte
- func Partition20(s ...string) [][]byte
- func RestrictBy(from string, by string) (string, bool)
- func String(s string) *string
- func Time(t time.Time) *time.Time
- func ToArr32(b []byte) [32]byte
- func WR1PartitionToIntString(p [][]byte) string
- func WR1PartitionToString(p [][]byte) string
- type AESKeyring
- func (kr *AESKeyring) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)
- func (kr *AESKeyring) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)
- func (kr *AESKeyring) Supported() bool
- type Attestation
- func (e *Attestation) ArrayKeccak256() [32]byte
- func (e *Attestation) Attester() (HashSchemeInstance, LocationSchemeInstance, error)
- func (e *Attestation) DER() ([]byte, error)
- func (e *Attestation) Expired() (bool, error)
- func (e *Attestation) Hash(scheme HashScheme) HashSchemeInstance
- func (e *Attestation) Keccak256() []byte
- func (e *Attestation) Keccak256HI() HashSchemeInstance
- func (e *Attestation) Namespace() (HashSchemeInstance, LocationSchemeInstance, bool, error)
- func (e *Attestation) Subject() (HashSchemeInstance, LocationSchemeInstance)
- func (e *Attestation) WR1DomainVisibilityKeys() []EntitySecretKeySchemeInstance
- func (e *Attestation) WR1SecretSlottedKeys() []SlottedSecretKey
- type AttestationBodyScheme
- type AttestationVerifierBodyKeySchemeInstance
- type BodyDecryptionContext
- type BodyEncryptionContext
- type Capability
- type CommitmentRevocationSchemeInstance
- func (rs *CommitmentRevocationSchemeInstance) CanonicalForm() serdes.RevocationOption
- func (rs *CommitmentRevocationSchemeInstance) Critical() bool
- func (rs *CommitmentRevocationSchemeInstance) Id() string
- func (rs *CommitmentRevocationSchemeInstance) IsRevoked(ctx context.Context, s StorageInterface) (bool, wve.WVE)
- func (rs *CommitmentRevocationSchemeInstance) Supported() bool
- type DateRange
- type Entity
- func (e *Entity) ArrayKeccak256() [32]byte
- func (e *Entity) DER() ([]byte, error)
- func (e *Entity) Expired() bool
- func (e *Entity) Hash(scheme HashScheme) HashSchemeInstance
- func (e *Entity) Keccak256() []byte
- func (e *Entity) Keccak256HI() HashSchemeInstance
- func (e *Entity) MessageVerifyingKey() EntityKeySchemeInstance
- func (e *Entity) WR1_BodyParams() (EntityKeySchemeInstance, error)
- func (e *Entity) WR1_DirectEncryptionKey() (EntityKeySchemeInstance, error)
- func (e *Entity) WR1_DomainVisiblityParams() (EntityKeySchemeInstance, error)
- type EntityKeySchemeInstance
- type EntityKey_Curve25519
- func (ek *EntityKey_Curve25519) CanonicalForm() *serdes.EntityPublicKey
- func (ek *EntityKey_Curve25519) EncryptMessage(ctx context.Context, data []byte) ([]byte, error)
- func (ek *EntityKey_Curve25519) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
- func (ek *EntityKey_Curve25519) HasCapability(c Capability) bool
- func (ek *EntityKey_Curve25519) IdentifyingBlob(ctx context.Context) (string, error)
- func (ek *EntityKey_Curve25519) Supported() bool
- func (ek *EntityKey_Curve25519) SystemIdentifyingBlob(ctx context.Context) (string, error)
- func (ek *EntityKey_Curve25519) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error
- func (ek *EntityKey_Curve25519) VerifyCertify(ctx context.Context, data []byte, signature []byte) error
- func (ek *EntityKey_Curve25519) VerifyMessage(ctx context.Context, data []byte, signature []byte) error
- type EntityKey_Ed25519
- func (ek *EntityKey_Ed25519) CanonicalForm() *serdes.EntityPublicKey
- func (ek *EntityKey_Ed25519) EncryptMessage(ctx context.Context, data []byte) ([]byte, error)
- func (ek *EntityKey_Ed25519) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
- func (ek *EntityKey_Ed25519) HasCapability(c Capability) bool
- func (ek *EntityKey_Ed25519) IdentifyingBlob(ctx context.Context) (string, error)
- func (ek *EntityKey_Ed25519) Supported() bool
- func (ek *EntityKey_Ed25519) SystemIdentifyingBlob(ctx context.Context) (string, error)
- func (ek *EntityKey_Ed25519) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error
- func (ek *EntityKey_Ed25519) VerifyCertify(ctx context.Context, data []byte, signature []byte) error
- func (ek *EntityKey_Ed25519) VerifyMessage(ctx context.Context, data []byte, signature []byte) error
- type EntityKey_IBE_BN256
- func (k *EntityKey_IBE_BN256) CanonicalForm() *serdes.EntityPublicKey
- func (k *EntityKey_IBE_BN256) EncryptMessage(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntityKey_IBE_BN256) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
- func (ek *EntityKey_IBE_BN256) GobDecode(ba []byte) error
- func (ek *EntityKey_IBE_BN256) GobEncode() ([]byte, error)
- func (k *EntityKey_IBE_BN256) HasCapability(c Capability) bool
- func (k *EntityKey_IBE_BN256) IdentifyingBlob(ctx context.Context) (string, error)
- func (k *EntityKey_IBE_BN256) Supported() bool
- func (k *EntityKey_IBE_BN256) SystemIdentifyingBlob(ctx context.Context) (string, error)
- func (k *EntityKey_IBE_BN256) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error
- func (k *EntityKey_IBE_BN256) VerifyCertify(ctx context.Context, data []byte, signature []byte) error
- func (k *EntityKey_IBE_BN256) VerifyMessage(ctx context.Context, data []byte, signature []byte) error
- type EntityKey_IBE_Params_BN256
- func (ek *EntityKey_IBE_Params_BN256) CanonicalForm() *serdes.EntityPublicKey
- func (ek *EntityKey_IBE_Params_BN256) EncryptMessage(ctx context.Context, data []byte) ([]byte, error)
- func (k *EntityKey_IBE_Params_BN256) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
- func (ek *EntityKey_IBE_Params_BN256) GobDecode(ba []byte) error
- func (ek *EntityKey_IBE_Params_BN256) GobEncode() ([]byte, error)
- func (ek *EntityKey_IBE_Params_BN256) HasCapability(c Capability) bool
- func (ek *EntityKey_IBE_Params_BN256) IdentifyingBlob(ctx context.Context) (string, error)
- func (ek *EntityKey_IBE_Params_BN256) Supported() bool
- func (ek *EntityKey_IBE_Params_BN256) SystemIdentifyingBlob(ctx context.Context) (string, error)
- func (ek *EntityKey_IBE_Params_BN256) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error
- func (ek *EntityKey_IBE_Params_BN256) VerifyCertify(ctx context.Context, data []byte, signature []byte) error
- func (ek *EntityKey_IBE_Params_BN256) VerifyMessage(ctx context.Context, data []byte, signature []byte) error
- type EntityKey_OAQUE_BN256_S20
- func (k *EntityKey_OAQUE_BN256_S20) CanonicalForm() *serdes.EntityPublicKey
- func (k *EntityKey_OAQUE_BN256_S20) EncryptMessage(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntityKey_OAQUE_BN256_S20) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
- func (ek *EntityKey_OAQUE_BN256_S20) GobDecode(ba []byte) error
- func (ek *EntityKey_OAQUE_BN256_S20) GobEncode() ([]byte, error)
- func (k *EntityKey_OAQUE_BN256_S20) HasCapability(c Capability) bool
- func (k *EntityKey_OAQUE_BN256_S20) IdentifyingBlob(ctx context.Context) (string, error)
- func (k *EntityKey_OAQUE_BN256_S20) Supported() bool
- func (k *EntityKey_OAQUE_BN256_S20) SystemIdentifyingBlob(ctx context.Context) (string, error)
- func (k *EntityKey_OAQUE_BN256_S20) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error
- func (k *EntityKey_OAQUE_BN256_S20) VerifyCertify(ctx context.Context, data []byte, signature []byte) error
- func (k *EntityKey_OAQUE_BN256_S20) VerifyMessage(ctx context.Context, data []byte, signature []byte) error
- type EntityKey_OAQUE_BN256_S20_Params
- func (k *EntityKey_OAQUE_BN256_S20_Params) CanonicalForm() *serdes.EntityPublicKey
- func (k *EntityKey_OAQUE_BN256_S20_Params) EncryptMessage(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntityKey_OAQUE_BN256_S20_Params) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
- func (ek *EntityKey_OAQUE_BN256_S20_Params) GobDecode(ba []byte) error
- func (ek *EntityKey_OAQUE_BN256_S20_Params) GobEncode() ([]byte, error)
- func (k *EntityKey_OAQUE_BN256_S20_Params) HasCapability(c Capability) bool
- func (k *EntityKey_OAQUE_BN256_S20_Params) IdentifyingBlob(ctx context.Context) (string, error)
- func (k *EntityKey_OAQUE_BN256_S20_Params) Supported() bool
- func (k *EntityKey_OAQUE_BN256_S20_Params) SystemIdentifyingBlob(ctx context.Context) (string, error)
- func (k *EntityKey_OAQUE_BN256_S20_Params) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error
- func (k *EntityKey_OAQUE_BN256_S20_Params) VerifyCertify(ctx context.Context, data []byte, signature []byte) error
- func (k *EntityKey_OAQUE_BN256_S20_Params) VerifyMessage(ctx context.Context, data []byte, signature []byte) error
- type EntityKeyringSchemeInstance
- type EntitySecretKeySchemeInstance
- type EntitySecretKey_Curve25519
- func (ek *EntitySecretKey_Curve25519) CanonicalForm() *serdes.EntityPublicKey
- func (ek *EntitySecretKey_Curve25519) DecryptMessage(ctx context.Context, data []byte) ([]byte, error)
- func (ek *EntitySecretKey_Curve25519) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)
- func (ek *EntitySecretKey_Curve25519) Equal(rhs EntitySecretKeySchemeInstance) bool
- func (ek *EntitySecretKey_Curve25519) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
- func (ek *EntitySecretKey_Curve25519) HasCapability(c Capability) bool
- func (ek *EntitySecretKey_Curve25519) Public() EntityKeySchemeInstance
- func (ek *EntitySecretKey_Curve25519) SecretCanonicalForm() *serdes.EntityKeyringEntry
- func (ek *EntitySecretKey_Curve25519) SignAttestation(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_Curve25519) SignCertify(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_Curve25519) SignMessage(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_Curve25519) Supported() bool
- type EntitySecretKey_Ed25519
- func (ek *EntitySecretKey_Ed25519) CanonicalForm() *serdes.EntityPublicKey
- func (ek *EntitySecretKey_Ed25519) DecryptMessage(ctx context.Context, data []byte) ([]byte, error)
- func (ek *EntitySecretKey_Ed25519) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)
- func (ek *EntitySecretKey_Ed25519) Equal(rhs EntitySecretKeySchemeInstance) bool
- func (ek *EntitySecretKey_Ed25519) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
- func (ek *EntitySecretKey_Ed25519) HasCapability(c Capability) bool
- func (ek *EntitySecretKey_Ed25519) Public() EntityKeySchemeInstance
- func (ek *EntitySecretKey_Ed25519) SecretCanonicalForm() *serdes.EntityKeyringEntry
- func (ek *EntitySecretKey_Ed25519) SignAttestation(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_Ed25519) SignCertify(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_Ed25519) SignMessage(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_Ed25519) Supported() bool
- type EntitySecretKey_IBE_BN256
- func (k *EntitySecretKey_IBE_BN256) CanonicalForm() *serdes.EntityPublicKey
- func (k *EntitySecretKey_IBE_BN256) DecryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)
- func (ek *EntitySecretKey_IBE_BN256) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)
- func (ek *EntitySecretKey_IBE_BN256) Equal(rhs EntitySecretKeySchemeInstance) bool
- func (k *EntitySecretKey_IBE_BN256) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
- func (ek *EntitySecretKey_IBE_BN256) GobDecode(ba []byte) error
- func (ek *EntitySecretKey_IBE_BN256) GobEncode() ([]byte, error)
- func (ek *EntitySecretKey_IBE_BN256) HasCapability(c Capability) bool
- func (k *EntitySecretKey_IBE_BN256) Public() EntityKeySchemeInstance
- func (k *EntitySecretKey_IBE_BN256) SecretCanonicalForm() *serdes.EntityKeyringEntry
- func (k *EntitySecretKey_IBE_BN256) SignAttestation(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntitySecretKey_IBE_BN256) SignCertify(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntitySecretKey_IBE_BN256) SignMessage(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_IBE_BN256) Supported() bool
- type EntitySecretKey_IBE_Master_BN256
- func (ek *EntitySecretKey_IBE_Master_BN256) CanonicalForm() *serdes.EntityPublicKey
- func (ek *EntitySecretKey_IBE_Master_BN256) DecryptMessage(ctx context.Context, data []byte) ([]byte, error)
- func (ek *EntitySecretKey_IBE_Master_BN256) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)
- func (ek *EntitySecretKey_IBE_Master_BN256) Equal(rhs EntitySecretKeySchemeInstance) bool
- func (ek *EntitySecretKey_IBE_Master_BN256) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
- func (ek *EntitySecretKey_IBE_Master_BN256) GobDecode(ba []byte) error
- func (ek *EntitySecretKey_IBE_Master_BN256) GobEncode() ([]byte, error)
- func (ek *EntitySecretKey_IBE_Master_BN256) HasCapability(c Capability) bool
- func (ek *EntitySecretKey_IBE_Master_BN256) Public() EntityKeySchemeInstance
- func (ek *EntitySecretKey_IBE_Master_BN256) SecretCanonicalForm() *serdes.EntityKeyringEntry
- func (ek *EntitySecretKey_IBE_Master_BN256) SignAttestation(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_IBE_Master_BN256) SignCertify(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_IBE_Master_BN256) SignMessage(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_IBE_Master_BN256) Supported() bool
- type EntitySecretKey_OAQUE_BN256_S20
- func (k *EntitySecretKey_OAQUE_BN256_S20) CanonicalForm() *serdes.EntityPublicKey
- func (k *EntitySecretKey_OAQUE_BN256_S20) DecryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)
- func (k *EntitySecretKey_OAQUE_BN256_S20) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20) Equal(rhs EntitySecretKeySchemeInstance) bool
- func (k *EntitySecretKey_OAQUE_BN256_S20) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20) GobDecode(ba []byte) error
- func (ek *EntitySecretKey_OAQUE_BN256_S20) GobEncode() ([]byte, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20) HasCapability(c Capability) bool
- func (ek *EntitySecretKey_OAQUE_BN256_S20) IdHash() [32]byte
- func (k *EntitySecretKey_OAQUE_BN256_S20) Public() EntityKeySchemeInstance
- func (k *EntitySecretKey_OAQUE_BN256_S20) SecretCanonicalForm() *serdes.EntityKeyringEntry
- func (k *EntitySecretKey_OAQUE_BN256_S20) SignAttestation(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntitySecretKey_OAQUE_BN256_S20) SignCertify(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntitySecretKey_OAQUE_BN256_S20) SignMessage(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20) Slots() [][]byte
- func (ek *EntitySecretKey_OAQUE_BN256_S20) Supported() bool
- type EntitySecretKey_OAQUE_BN256_S20_Master
- func (k *EntitySecretKey_OAQUE_BN256_S20_Master) CanonicalForm() *serdes.EntityPublicKey
- func (k *EntitySecretKey_OAQUE_BN256_S20_Master) DecryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) Equal(rhs EntitySecretKeySchemeInstance) bool
- func (k *EntitySecretKey_OAQUE_BN256_S20_Master) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) GobDecode(ba []byte) error
- func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) GobEncode() ([]byte, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) HasCapability(c Capability) bool
- func (k *EntitySecretKey_OAQUE_BN256_S20_Master) Public() EntityKeySchemeInstance
- func (k *EntitySecretKey_OAQUE_BN256_S20_Master) SecretCanonicalForm() *serdes.EntityKeyringEntry
- func (k *EntitySecretKey_OAQUE_BN256_S20_Master) SignAttestation(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntitySecretKey_OAQUE_BN256_S20_Master) SignCertify(ctx context.Context, content []byte) ([]byte, error)
- func (k *EntitySecretKey_OAQUE_BN256_S20_Master) SignMessage(ctx context.Context, content []byte) ([]byte, error)
- func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) Supported() bool
- type EntitySecrets
- func (e *EntitySecrets) AttestationRevocationDetails(att *Attestation) ([]byte, LocationSchemeInstance, wve.WVE)
- func (e *EntitySecrets) CommitmentRevocationDetails() (content []byte, loc []LocationSchemeInstance)
- func (e *EntitySecrets) MessageSigningKey() EntitySecretKeySchemeInstance
- func (e *EntitySecrets) NameDeclarationRevocationDetails(nd *NameDeclaration) ([]byte, LocationSchemeInstance, wve.WVE)
- func (e *EntitySecrets) PrimarySigningKey() EntitySecretKeySchemeInstance
- func (e *EntitySecrets) WR1BodyKey(ctx context.Context, slots [][]byte) (SlottedSecretKey, error)
- func (e *EntitySecrets) WR1DirectDecryptionKey(ctx context.Context) (EntitySecretKeySchemeInstance, error)
- func (e *EntitySecrets) WR1LabelKey(ctx context.Context, namespace []byte) (EntitySecretKeySchemeInstance, error)
- type ExtensionSchemeInstance
- type GetResult
- type HashScheme
- type HashSchemeInstance
- type HashSchemeInstance_Keccak_256
- func (hs *HashSchemeInstance_Keccak_256) CanonicalForm() *asn1.External
- func (hs *HashSchemeInstance_Keccak_256) Multihash() []byte
- func (hs *HashSchemeInstance_Keccak_256) MultihashString() string
- func (hs *HashSchemeInstance_Keccak_256) OID() asn1.ObjectIdentifier
- func (hs *HashSchemeInstance_Keccak_256) Supported() bool
- func (hs *HashSchemeInstance_Keccak_256) Value() []byte
- type HashSchemeInstance_Sha3_256
- func (hs *HashSchemeInstance_Sha3_256) CanonicalForm() *asn1.External
- func (hs *HashSchemeInstance_Sha3_256) Multihash() []byte
- func (hs *HashSchemeInstance_Sha3_256) MultihashString() string
- func (hs *HashSchemeInstance_Sha3_256) OID() asn1.ObjectIdentifier
- func (hs *HashSchemeInstance_Sha3_256) Supported() bool
- func (hs *HashSchemeInstance_Sha3_256) Value() []byte
- type HashScheme_Keccak_256
- type HashScheme_Sha3_256
- type InterestingEntityResult
- type KeyPoolDecryptionContext
- func (kpd *KeyPoolDecryptionContext) AddDomainVisibilityID(id []byte)
- func (kpd *KeyPoolDecryptionContext) AddEntity(e *Entity)
- func (kpd *KeyPoolDecryptionContext) AddEntitySecret(es *EntitySecrets, delegatedOnly bool)
- func (kpd *KeyPoolDecryptionContext) AddEntitySecretsLabelOnly(es *EntitySecrets)
- func (kpd *KeyPoolDecryptionContext) EntityByHashLoc(ctx context.Context, hash HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE)
- func (kpd *KeyPoolDecryptionContext) SetUnderlyingContext(ctx KeyPoolUnderlyingContext)
- func (kpd *KeyPoolDecryptionContext) SetWR1ProverBodyKey(atv []byte)
- func (kpd *KeyPoolDecryptionContext) SetWR1VerifierBodyKey(atv []byte)
- func (kpd *KeyPoolDecryptionContext) WR1AttesterDirectDecryptionKey(ctx context.Context, onResult func(k EntitySecretKeySchemeInstance) bool) error
- func (kpd *KeyPoolDecryptionContext) WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, ...) error
- func (kpd *KeyPoolDecryptionContext) WR1EntityFromHash(ctx context.Context, hash HashSchemeInstance, loc LocationSchemeInstance) (*Entity, error)
- func (kpd *KeyPoolDecryptionContext) WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, ...) error
- func (kpd *KeyPoolDecryptionContext) WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, slots [][]byte, ...) error
- func (kpd *KeyPoolDecryptionContext) WR1ProverBodyKey(ctx context.Context) []byte
- func (kpd *KeyPoolDecryptionContext) WR1VerifierBodyKey(ctx context.Context) []byte
- type KeyPoolUnderlyingContext
- type KeyValue
- type KeyringPlaintext
- func (kr *KeyringPlaintext) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)
- func (kr *KeyringPlaintext) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)
- func (kr *KeyringPlaintext) Supported() bool
- type LocationResult
- type LocationSchemeInstance
- type LocationSchemeInstanceURL
- type LookupFromFilter
- type LookupFromResult
- type LowLevelStorage
- type NameDeclaration
- func (nd *NameDeclaration) ArrayKeccak256() [32]byte
- func (nd *NameDeclaration) DER() ([]byte, wve.WVE)
- func (nd *NameDeclaration) Decoded() bool
- func (nd *NameDeclaration) Hash(scheme HashScheme) HashSchemeInstance
- func (nd *NameDeclaration) IsNameValid() bool
- func (nd *NameDeclaration) Keccak256() []byte
- func (nd *NameDeclaration) Keccak256HI() HashSchemeInstance
- func (nd *NameDeclaration) SetCanonicalForm(cf *serdes.WaveNameDeclaration) wve.WVE
- func (nd *NameDeclaration) SetDecryptedBody(db *serdes.NameDeclarationBody) wve.WVE
- type OuterSignatureBindingScheme
- type OuterSignatureBindingScheme_SignedOuterKey
- type OuterSignatureScheme
- type OuterSignatureScheme_EphemeralEd25519
- type PCompactProof
- type PCreateAttestation
- type PCreateNameDeclaration
- type PDecryptMessage
- type PEncryptMessage
- type PNewEntity
- type PParseAttestation
- type PParseEntity
- type PParseEntitySecrets
- type PParseNameDeclaration
- type PSKBodyDecryptionContext
- type PSKBodyEncryptionContext
- type PSKBodyScheme
- func (psk *PSKBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, ...) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
- func (psk *PSKBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, ...) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
- func (psk *PSKBodyScheme) Supported() bool
- type PSKExtra
- type PVerifyRTreeProof
- type PVerifySignature
- type PendingAttestation
- type PendingNameDeclaration
- type PlaintextBodyScheme
- func (pt *PlaintextBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, ...) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
- func (pt *PlaintextBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, attester *EntitySecrets, ...) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
- func (pt *PlaintextBodyScheme) Supported() bool
- type PolicyAddendumSchemeInstance
- type PolicySchemeInstance
- type RCompactProof
- type RCreateAttestation
- type RCreateNameDeclaration
- type RDecryptMessage
- type REncryptMessage
- type RNewEntity
- type RParseAttestation
- type RParseEntity
- type RParseEntitySecrets
- type RParseNameDeclaration
- type RTreePolicy
- func (ps *RTreePolicy) CanonicalForm() *asn1.External
- func (ps *RTreePolicy) CheckValid() error
- func (lhs *RTreePolicy) Intersect(rhs *RTreePolicy) (result *RTreePolicy, okay bool, message string, err error)
- func (lhs *RTreePolicy) IsSubsetOf(superset *RTreePolicy) bool
- func (ps *RTreePolicy) Supported() bool
- func (lhs *RTreePolicy) Union(rhs *RTreePolicy) (result *RTreePolicy, okay bool, message string, err error)
- func (ps *RTreePolicy) WR1DomainEntity() HashSchemeInstance
- func (ps *RTreePolicy) WR1PartitionPrefix() [][]byte
- type RVerifyRTreeProof
- type RVerifySignature
- type ResolveResult
- type RevocationSchemeInstance
- type Scheme
- type SlottedSecretKey
- type State
- type StorageDriverCharacteristics
- type StorageDriverInterface
- type StorageDriverStatus
- type StorageInterface
- type TrustLevelPolicy
- type UnsupportedBodyScheme
- func (u *UnsupportedBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, ...) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
- func (u *UnsupportedBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, attester *EntitySecrets, ...) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
- func (u *UnsupportedBodyScheme) Supported() bool
- type UnsupportedHashScheme
- type UnsupportedHashSchemeInstance
- func (hs *UnsupportedHashSchemeInstance) CanonicalForm() *asn1.External
- func (hs *UnsupportedHashSchemeInstance) Multihash() []byte
- func (hs *UnsupportedHashSchemeInstance) MultihashString() string
- func (hs *UnsupportedHashSchemeInstance) OID() asn1.ObjectIdentifier
- func (hs *UnsupportedHashSchemeInstance) Supported() bool
- func (hs *UnsupportedHashSchemeInstance) Value() []byte
- type UnsupportedKeyScheme
- func (k *UnsupportedKeyScheme) CanonicalForm() *serdes.EntityPublicKey
- func (k *UnsupportedKeyScheme) EncryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error)
- func (k *UnsupportedKeyScheme) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
- func (k *UnsupportedKeyScheme) HasCapability(c Capability) bool
- func (k *UnsupportedKeyScheme) IdentifyingBlob(ctx context.Context) (string, error)
- func (k *UnsupportedKeyScheme) Supported() bool
- func (k *UnsupportedKeyScheme) SystemIdentifyingBlob(ctx context.Context) (string, error)
- func (k *UnsupportedKeyScheme) VerifyAttestation(ctx context.Context, data []byte, signature []byte) error
- func (k *UnsupportedKeyScheme) VerifyCertify(ctx context.Context, data []byte, signature []byte) error
- func (k *UnsupportedKeyScheme) VerifyMessage(ctx context.Context, data []byte, signature []byte) error
- type UnsupportedKeyringScheme
- func (kr *UnsupportedKeyringScheme) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)
- func (kr *UnsupportedKeyringScheme) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)
- func (kr *UnsupportedKeyringScheme) Supported() bool
- type UnsupportedLocationSchemeInstance
- type UnsupportedOuterSignatureBindingScheme
- type UnsupportedOuterSignatureScheme
- type UnsupportedPolicySchemeInstance
- func (ps *UnsupportedPolicySchemeInstance) CanonicalForm() *asn1.External
- func (ps *UnsupportedPolicySchemeInstance) CheckValid() error
- func (ps *UnsupportedPolicySchemeInstance) Supported() bool
- func (ps *UnsupportedPolicySchemeInstance) WR1DomainEntity() HashSchemeInstance
- func (ps *UnsupportedPolicySchemeInstance) WR1PartitionPrefix() [][]byte
- type UnsupportedRevocationSchemeInstance
- func (rs *UnsupportedRevocationSchemeInstance) CanonicalForm() serdes.RevocationOption
- func (rs *UnsupportedRevocationSchemeInstance) Critical() bool
- func (rs *UnsupportedRevocationSchemeInstance) Id() string
- func (rs *UnsupportedRevocationSchemeInstance) IsRevoked(ctx context.Context, s StorageInterface) (bool, wve.WVE)
- func (rs *UnsupportedRevocationSchemeInstance) Supported() bool
- type UnsupportedSecretKeyScheme
- func (k *UnsupportedSecretKeyScheme) CanonicalForm() *serdes.EntityPublicKey
- func (k *UnsupportedSecretKeyScheme) DecryptMessage(ctx context.Context, data []byte) ([]byte, error)
- func (k *UnsupportedSecretKeyScheme) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error)
- func (k *UnsupportedSecretKeyScheme) Equal(rhs EntitySecretKeySchemeInstance) bool
- func (k *UnsupportedSecretKeyScheme) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
- func (ek *UnsupportedSecretKeyScheme) HasCapability(c Capability) bool
- func (k *UnsupportedSecretKeyScheme) Public() EntityKeySchemeInstance
- func (k *UnsupportedSecretKeyScheme) SecretCanonicalForm() *serdes.EntityKeyringEntry
- func (k *UnsupportedSecretKeyScheme) SignAttestation(ctx context.Context, content []byte) ([]byte, error)
- func (k *UnsupportedSecretKeyScheme) SignCertify(ctx context.Context, content []byte) ([]byte, error)
- func (k *UnsupportedSecretKeyScheme) SignMessage(ctx context.Context, content []byte) ([]byte, error)
- func (ek *UnsupportedSecretKeyScheme) Supported() bool
- type VerificationContext
- type WR1BodyEncryptionContext
- type WR1BodyScheme
- func (w *WR1BodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, ...) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
- func (w *WR1BodyScheme) EncryptBody(ctx context.Context, ecp BodyEncryptionContext, attester *EntitySecrets, ...) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
- func (w *WR1BodyScheme) Supported() bool
- type WR1DecryptionContext
- type WR1Extra
- type WR1MessageDecryptionContext
- type WR1NameDeclarationDecryptionContext
- type WaveState
Constants ¶
const PermittedCombinedStatements = 1000
const PermittedPermissions = 64
Don't change this without rewriting tree builder
const PermittedPrimaryStatements = 10
Variables ¶
var ErrDecryptBodyMalformed = errors.New("body is malformed")
var ErrInvalidRequest = errors.New("invalid request")
Should be returned byy any of the four main functions if it receives an invalid request e.g., empty object passed to a PUT function
var ErrNoMore = errors.New("no more")
Should be returned by IterateQueue if there are no more entries
var ErrNotImplemented = errors.New("not implemented")
Should be returned by any of the four main functions if not implemented
var ErrObjectNotFound = errors.New("object not found")
Should be returned by Get if the object is not found
var ErrObjectNotPut = errors.New("failed to put object")
Should be returned by Put if if fails to store the object
var KECCAK256 = &HashScheme_Keccak_256{}
var PLAINTEXTBODYSCHEME = &PlaintextBodyScheme{}
var SHA3 = &HashScheme_Sha3_256{}
var WR1PartitionTiers []int64 = []int64{int64(64 * 7 * 24 * time.Hour), int64(16 * 7 * 24 * time.Hour), int64(4 * 7 * 24 * time.Hour), int64(7 * 24 * time.Hour)}
The WR1 recommended partition scheme is <userdefined: 12> <beginrange: 4> <endrange: 4> Which allows for expiry ranges at a granularity of weeks In the worst case this requires a key bundle of 144 keys to delegate. Ranges are only allowed to go up to 3 years long.
Functions ¶
func AnalyzeSuffix ¶
AnalyzeSuffix checks a given URI for schema validity and possession of characteristics
func CalculateEmptyKeyBundleEntries ¶ added in v0.2.0
func CalculateEmptyKeyBundleEntries(startDat time.Time, endDat time.Time, userPrefix [][]byte) ([][][]byte, []serdes.BN256OAQUEKeyringBundleEntry, wve.WVE)
This generates the partitions and calculates the differences to generate the keyring bundle entries, but it does not generate the keys
func CalculateKeyBundlePartitions ¶ added in v0.2.0
func CalculateWR1Partition ¶ added in v0.2.0
func DecodeKeyBundleEntries ¶ added in v0.2.0
func DecodeKeyBundleEntries(be []serdes.BN256OAQUEKeyringBundleEntry) ([][][]byte, wve.WVE)
func HashSchemeInstanceEqual ¶
func HashSchemeInstanceEqual(lhs HashSchemeInstance, rhs HashSchemeInstance) bool
func InjectStorageInterface ¶
func InjectStorageInterface(si StorageInterface)
func IsNameDeclarationValid ¶ added in v0.2.0
func ParseWR1Partition ¶ added in v0.2.0
func Partition20 ¶ added in v0.2.0
func RestrictBy ¶
Copied verbatim from bosswave RestrictBy takes a topic, and a permission, and returns the intersection that represents the from topic restricted by the permission. It took a looong time to work out this logic...
func WR1PartitionToIntString ¶ added in v0.2.0
func WR1PartitionToString ¶ added in v0.2.0
Types ¶
type AESKeyring ¶
func (*AESKeyring) DecryptKeyring ¶
func (kr *AESKeyring) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)
func (*AESKeyring) EncryptKeyring ¶
func (kr *AESKeyring) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)
func (*AESKeyring) Supported ¶
func (kr *AESKeyring) Supported() bool
type Attestation ¶
type Attestation struct { //Before any decryption was applied CanonicalForm *serdes.WaveAttestation //After we decrypted DecryptedBody *serdes.AttestationBody //Revocationbs Revocations []RevocationSchemeInstance //Extra information obtained if this is a WR1 dot WR1Extra *WR1Extra //Extra information obtained if this is a PSK dot PSKExtra *PSKExtra }
func (*Attestation) ArrayKeccak256 ¶
func (e *Attestation) ArrayKeccak256() [32]byte
func (*Attestation) Attester ¶
func (e *Attestation) Attester() (HashSchemeInstance, LocationSchemeInstance, error)
func (*Attestation) DER ¶
func (e *Attestation) DER() ([]byte, error)
func (*Attestation) Expired ¶
func (e *Attestation) Expired() (bool, error)
func (*Attestation) Hash ¶
func (e *Attestation) Hash(scheme HashScheme) HashSchemeInstance
func (*Attestation) Keccak256 ¶
func (e *Attestation) Keccak256() []byte
func (*Attestation) Keccak256HI ¶
func (e *Attestation) Keccak256HI() HashSchemeInstance
func (*Attestation) Namespace ¶ added in v0.2.1
func (e *Attestation) Namespace() (HashSchemeInstance, LocationSchemeInstance, bool, error)
func (*Attestation) Subject ¶
func (e *Attestation) Subject() (HashSchemeInstance, LocationSchemeInstance)
func (*Attestation) WR1DomainVisibilityKeys ¶
func (e *Attestation) WR1DomainVisibilityKeys() []EntitySecretKeySchemeInstance
func (*Attestation) WR1SecretSlottedKeys ¶
func (e *Attestation) WR1SecretSlottedKeys() []SlottedSecretKey
type AttestationBodyScheme ¶
type AttestationBodyScheme interface { Scheme DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation, inextra interface{}) (decodedForm *serdes.AttestationBody, extra interface{}, err error) EncryptBody(ctx context.Context, ec BodyEncryptionContext, attester *EntitySecrets, subject *Entity, intermediateForm *serdes.WaveAttestation, policy PolicySchemeInstance) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error) }
func AttestationBodySchemeFor ¶
func AttestationBodySchemeFor(ex *asn1.External) AttestationBodyScheme
type BodyDecryptionContext ¶
type BodyDecryptionContext interface {
EntityByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE)
}
type BodyEncryptionContext ¶
type BodyEncryptionContext interface { }
type Capability ¶
type Capability int
const ( CapCertification Capability = 1 CapAttestation Capability = 2 CapSigning Capability = 3 CapAuthentication Capability = 4 CapAuthorization Capability = 5 CapEncryption Capability = 6 )
type CommitmentRevocationSchemeInstance ¶ added in v0.2.1
type CommitmentRevocationSchemeInstance struct { SerdesForm *serdes.RevocationOption CRBody *serdes.CommitmentRevocation }
func NewCommitmentRevocationSchemeInstance ¶ added in v0.2.1
func NewCommitmentRevocationSchemeInstance(loc LocationSchemeInstance, critical bool, secrets ...[]byte) *CommitmentRevocationSchemeInstance
func (*CommitmentRevocationSchemeInstance) CanonicalForm ¶ added in v0.2.1
func (rs *CommitmentRevocationSchemeInstance) CanonicalForm() serdes.RevocationOption
func (*CommitmentRevocationSchemeInstance) Critical ¶ added in v0.2.1
func (rs *CommitmentRevocationSchemeInstance) Critical() bool
func (*CommitmentRevocationSchemeInstance) Id ¶ added in v0.2.1
func (rs *CommitmentRevocationSchemeInstance) Id() string
func (*CommitmentRevocationSchemeInstance) IsRevoked ¶ added in v0.2.1
func (rs *CommitmentRevocationSchemeInstance) IsRevoked(ctx context.Context, s StorageInterface) (bool, wve.WVE)
func (*CommitmentRevocationSchemeInstance) Supported ¶ added in v0.2.1
func (rs *CommitmentRevocationSchemeInstance) Supported() bool
type Entity ¶
type Entity struct { CanonicalForm *serdes.WaveEntity VerifyingKey EntityKeySchemeInstance Keys []EntityKeySchemeInstance Revocations []RevocationSchemeInstance Extensions []ExtensionSchemeInstance }
func (*Entity) ArrayKeccak256 ¶
func (*Entity) Hash ¶
func (e *Entity) Hash(scheme HashScheme) HashSchemeInstance
func (*Entity) Keccak256HI ¶
func (e *Entity) Keccak256HI() HashSchemeInstance
func (*Entity) MessageVerifyingKey ¶ added in v0.2.1
func (e *Entity) MessageVerifyingKey() EntityKeySchemeInstance
func (*Entity) WR1_BodyParams ¶
func (e *Entity) WR1_BodyParams() (EntityKeySchemeInstance, error)
func (*Entity) WR1_DirectEncryptionKey ¶
func (e *Entity) WR1_DirectEncryptionKey() (EntityKeySchemeInstance, error)
func (*Entity) WR1_DomainVisiblityParams ¶
func (e *Entity) WR1_DomainVisiblityParams() (EntityKeySchemeInstance, error)
type EntityKeySchemeInstance ¶
type EntityKeySchemeInstance interface { Scheme //Such as the public key, used for comparing keys to check private matches IdentifyingBlob(ctx context.Context) (string, error) SystemIdentifyingBlob(ctx context.Context) (string, error) HasCapability(c Capability) bool VerifyCertify(ctx context.Context, data []byte, signature []byte) error VerifyAttestation(ctx context.Context, data []byte, signature []byte) error VerifyMessage(ctx context.Context, data []byte, signature []byte) error EncryptMessage(ctx context.Context, content []byte) ([]byte, error) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error) CanonicalForm() *serdes.EntityPublicKey }
func EntityKeySchemeInstanceFor ¶
func EntityKeySchemeInstanceFor(e *serdes.EntityPublicKey) (EntityKeySchemeInstance, error)
type EntityKey_Curve25519 ¶
type EntityKey_Curve25519 struct { SerdesForm *serdes.EntityPublicKey PublicKey [32]byte }
func (*EntityKey_Curve25519) CanonicalForm ¶
func (ek *EntityKey_Curve25519) CanonicalForm() *serdes.EntityPublicKey
func (*EntityKey_Curve25519) EncryptMessage ¶
func (*EntityKey_Curve25519) GenerateChildKey ¶
func (ek *EntityKey_Curve25519) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
func (*EntityKey_Curve25519) HasCapability ¶
func (ek *EntityKey_Curve25519) HasCapability(c Capability) bool
func (*EntityKey_Curve25519) IdentifyingBlob ¶
func (ek *EntityKey_Curve25519) IdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_Curve25519) Supported ¶
func (ek *EntityKey_Curve25519) Supported() bool
func (*EntityKey_Curve25519) SystemIdentifyingBlob ¶ added in v0.2.1
func (ek *EntityKey_Curve25519) SystemIdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_Curve25519) VerifyAttestation ¶
func (*EntityKey_Curve25519) VerifyCertify ¶
func (*EntityKey_Curve25519) VerifyMessage ¶
type EntityKey_Ed25519 ¶
type EntityKey_Ed25519 struct { SerdesForm *serdes.EntityPublicKey PublicKey ed25519.PublicKey }
func (*EntityKey_Ed25519) CanonicalForm ¶
func (ek *EntityKey_Ed25519) CanonicalForm() *serdes.EntityPublicKey
func (*EntityKey_Ed25519) EncryptMessage ¶
func (*EntityKey_Ed25519) GenerateChildKey ¶
func (ek *EntityKey_Ed25519) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
func (*EntityKey_Ed25519) HasCapability ¶
func (ek *EntityKey_Ed25519) HasCapability(c Capability) bool
func (*EntityKey_Ed25519) IdentifyingBlob ¶
func (ek *EntityKey_Ed25519) IdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_Ed25519) Supported ¶
func (ek *EntityKey_Ed25519) Supported() bool
func (*EntityKey_Ed25519) SystemIdentifyingBlob ¶ added in v0.2.1
func (ek *EntityKey_Ed25519) SystemIdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_Ed25519) VerifyAttestation ¶
func (*EntityKey_Ed25519) VerifyCertify ¶
func (*EntityKey_Ed25519) VerifyMessage ¶
type EntityKey_IBE_BN256 ¶
type EntityKey_IBE_BN256 struct { SerdesForm *serdes.EntityPublicKey Params *ibe.MasterPublicKey ID []byte }
func (*EntityKey_IBE_BN256) CanonicalForm ¶
func (k *EntityKey_IBE_BN256) CanonicalForm() *serdes.EntityPublicKey
func (*EntityKey_IBE_BN256) EncryptMessage ¶
func (*EntityKey_IBE_BN256) GenerateChildKey ¶
func (k *EntityKey_IBE_BN256) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
func (*EntityKey_IBE_BN256) GobDecode ¶
func (ek *EntityKey_IBE_BN256) GobDecode(ba []byte) error
func (*EntityKey_IBE_BN256) GobEncode ¶
func (ek *EntityKey_IBE_BN256) GobEncode() ([]byte, error)
func (*EntityKey_IBE_BN256) HasCapability ¶
func (k *EntityKey_IBE_BN256) HasCapability(c Capability) bool
func (*EntityKey_IBE_BN256) IdentifyingBlob ¶
func (k *EntityKey_IBE_BN256) IdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_IBE_BN256) Supported ¶
func (k *EntityKey_IBE_BN256) Supported() bool
func (*EntityKey_IBE_BN256) SystemIdentifyingBlob ¶ added in v0.2.1
func (k *EntityKey_IBE_BN256) SystemIdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_IBE_BN256) VerifyAttestation ¶
func (*EntityKey_IBE_BN256) VerifyCertify ¶
func (*EntityKey_IBE_BN256) VerifyMessage ¶
type EntityKey_IBE_Params_BN256 ¶
type EntityKey_IBE_Params_BN256 struct { SerdesForm *serdes.EntityPublicKey PublicKey *ibe.MasterPublicKey }
func (*EntityKey_IBE_Params_BN256) CanonicalForm ¶
func (ek *EntityKey_IBE_Params_BN256) CanonicalForm() *serdes.EntityPublicKey
func (*EntityKey_IBE_Params_BN256) EncryptMessage ¶
func (*EntityKey_IBE_Params_BN256) GenerateChildKey ¶
func (k *EntityKey_IBE_Params_BN256) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
func (*EntityKey_IBE_Params_BN256) GobDecode ¶
func (ek *EntityKey_IBE_Params_BN256) GobDecode(ba []byte) error
func (*EntityKey_IBE_Params_BN256) GobEncode ¶
func (ek *EntityKey_IBE_Params_BN256) GobEncode() ([]byte, error)
func (*EntityKey_IBE_Params_BN256) HasCapability ¶
func (ek *EntityKey_IBE_Params_BN256) HasCapability(c Capability) bool
func (*EntityKey_IBE_Params_BN256) IdentifyingBlob ¶
func (ek *EntityKey_IBE_Params_BN256) IdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_IBE_Params_BN256) Supported ¶
func (ek *EntityKey_IBE_Params_BN256) Supported() bool
func (*EntityKey_IBE_Params_BN256) SystemIdentifyingBlob ¶ added in v0.2.1
func (ek *EntityKey_IBE_Params_BN256) SystemIdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_IBE_Params_BN256) VerifyAttestation ¶
func (*EntityKey_IBE_Params_BN256) VerifyCertify ¶
func (*EntityKey_IBE_Params_BN256) VerifyMessage ¶
type EntityKey_OAQUE_BN256_S20 ¶
type EntityKey_OAQUE_BN256_S20 struct { SerdesForm *serdes.EntityPublicKey Params *oaque.Params AttributeSet [][]byte }
func (*EntityKey_OAQUE_BN256_S20) CanonicalForm ¶
func (k *EntityKey_OAQUE_BN256_S20) CanonicalForm() *serdes.EntityPublicKey
func (*EntityKey_OAQUE_BN256_S20) EncryptMessage ¶
func (*EntityKey_OAQUE_BN256_S20) GenerateChildKey ¶
func (k *EntityKey_OAQUE_BN256_S20) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
func (*EntityKey_OAQUE_BN256_S20) GobDecode ¶
func (ek *EntityKey_OAQUE_BN256_S20) GobDecode(ba []byte) error
func (*EntityKey_OAQUE_BN256_S20) GobEncode ¶
func (ek *EntityKey_OAQUE_BN256_S20) GobEncode() ([]byte, error)
func (*EntityKey_OAQUE_BN256_S20) HasCapability ¶
func (k *EntityKey_OAQUE_BN256_S20) HasCapability(c Capability) bool
func (*EntityKey_OAQUE_BN256_S20) IdentifyingBlob ¶
func (k *EntityKey_OAQUE_BN256_S20) IdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_OAQUE_BN256_S20) Supported ¶
func (k *EntityKey_OAQUE_BN256_S20) Supported() bool
func (*EntityKey_OAQUE_BN256_S20) SystemIdentifyingBlob ¶ added in v0.2.1
func (k *EntityKey_OAQUE_BN256_S20) SystemIdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_OAQUE_BN256_S20) VerifyAttestation ¶
func (*EntityKey_OAQUE_BN256_S20) VerifyCertify ¶
func (*EntityKey_OAQUE_BN256_S20) VerifyMessage ¶
type EntityKey_OAQUE_BN256_S20_Params ¶
type EntityKey_OAQUE_BN256_S20_Params struct { SerdesForm *serdes.EntityPublicKey Params *oaque.Params }
func (*EntityKey_OAQUE_BN256_S20_Params) CanonicalForm ¶
func (k *EntityKey_OAQUE_BN256_S20_Params) CanonicalForm() *serdes.EntityPublicKey
func (*EntityKey_OAQUE_BN256_S20_Params) EncryptMessage ¶
func (*EntityKey_OAQUE_BN256_S20_Params) GenerateChildKey ¶
func (k *EntityKey_OAQUE_BN256_S20_Params) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
func (*EntityKey_OAQUE_BN256_S20_Params) GobDecode ¶
func (ek *EntityKey_OAQUE_BN256_S20_Params) GobDecode(ba []byte) error
func (*EntityKey_OAQUE_BN256_S20_Params) GobEncode ¶
func (ek *EntityKey_OAQUE_BN256_S20_Params) GobEncode() ([]byte, error)
func (*EntityKey_OAQUE_BN256_S20_Params) HasCapability ¶
func (k *EntityKey_OAQUE_BN256_S20_Params) HasCapability(c Capability) bool
func (*EntityKey_OAQUE_BN256_S20_Params) IdentifyingBlob ¶
func (k *EntityKey_OAQUE_BN256_S20_Params) IdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_OAQUE_BN256_S20_Params) Supported ¶
func (k *EntityKey_OAQUE_BN256_S20_Params) Supported() bool
func (*EntityKey_OAQUE_BN256_S20_Params) SystemIdentifyingBlob ¶ added in v0.2.1
func (k *EntityKey_OAQUE_BN256_S20_Params) SystemIdentifyingBlob(ctx context.Context) (string, error)
func (*EntityKey_OAQUE_BN256_S20_Params) VerifyAttestation ¶
func (*EntityKey_OAQUE_BN256_S20_Params) VerifyCertify ¶
func (*EntityKey_OAQUE_BN256_S20_Params) VerifyMessage ¶
type EntityKeyringSchemeInstance ¶
type EntityKeyringSchemeInstance interface { Scheme DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error) }
func EntityKeyringSchemeInstanceFor ¶
func EntityKeyringSchemeInstanceFor(e asn1.External) (EntityKeyringSchemeInstance, error)
func NewEntityKeyringSchemeInstance ¶
func NewEntityKeyringSchemeInstance(oid asn1.ObjectIdentifier) (EntityKeyringSchemeInstance, error)
type EntitySecretKeySchemeInstance ¶
type EntitySecretKeySchemeInstance interface { Scheme Public() EntityKeySchemeInstance SignCertify(ctx context.Context, content []byte) ([]byte, error) //Signing signature bindings or signing DER (for ephemeral) SignAttestation(ctx context.Context, content []byte) ([]byte, error) SignMessage(ctx context.Context, content []byte) ([]byte, error) DecryptMessage(ctx context.Context, ciphertext []byte) ([]byte, error) DecryptMessageAsChild(ctx context.Context, ciphertext []byte, identity interface{}) ([]byte, error) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error) SecretCanonicalForm() *serdes.EntityKeyringEntry Equal(rhs EntitySecretKeySchemeInstance) bool }
func EntitySecretKeySchemeInstanceFor ¶
func EntitySecretKeySchemeInstanceFor(e *serdes.EntityKeyringEntry) (EntitySecretKeySchemeInstance, error)
func NewEntityKeySchemeInstance ¶
func NewEntityKeySchemeInstance(oid asn1.ObjectIdentifier, capabilities ...Capability) (EntitySecretKeySchemeInstance, error)
type EntitySecretKey_Curve25519 ¶
type EntitySecretKey_Curve25519 struct { SerdesForm *serdes.EntityKeyringEntry PrivateKey [32]byte PublicKey [32]byte }
func (*EntitySecretKey_Curve25519) CanonicalForm ¶
func (ek *EntitySecretKey_Curve25519) CanonicalForm() *serdes.EntityPublicKey
func (*EntitySecretKey_Curve25519) DecryptMessage ¶
func (*EntitySecretKey_Curve25519) DecryptMessageAsChild ¶
func (*EntitySecretKey_Curve25519) Equal ¶
func (ek *EntitySecretKey_Curve25519) Equal(rhs EntitySecretKeySchemeInstance) bool
func (*EntitySecretKey_Curve25519) GenerateChildSecretKey ¶
func (ek *EntitySecretKey_Curve25519) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
func (*EntitySecretKey_Curve25519) HasCapability ¶
func (ek *EntitySecretKey_Curve25519) HasCapability(c Capability) bool
func (*EntitySecretKey_Curve25519) Public ¶
func (ek *EntitySecretKey_Curve25519) Public() EntityKeySchemeInstance
func (*EntitySecretKey_Curve25519) SecretCanonicalForm ¶
func (ek *EntitySecretKey_Curve25519) SecretCanonicalForm() *serdes.EntityKeyringEntry
func (*EntitySecretKey_Curve25519) SignAttestation ¶
func (*EntitySecretKey_Curve25519) SignCertify ¶
func (*EntitySecretKey_Curve25519) SignMessage ¶
func (*EntitySecretKey_Curve25519) Supported ¶
func (ek *EntitySecretKey_Curve25519) Supported() bool
type EntitySecretKey_Ed25519 ¶
type EntitySecretKey_Ed25519 struct { SerdesForm *serdes.EntityKeyringEntry PublicKey ed25519.PublicKey PrivateKey ed25519.PrivateKey }
func (*EntitySecretKey_Ed25519) CanonicalForm ¶
func (ek *EntitySecretKey_Ed25519) CanonicalForm() *serdes.EntityPublicKey
func (*EntitySecretKey_Ed25519) DecryptMessage ¶
func (*EntitySecretKey_Ed25519) DecryptMessageAsChild ¶
func (*EntitySecretKey_Ed25519) Equal ¶
func (ek *EntitySecretKey_Ed25519) Equal(rhs EntitySecretKeySchemeInstance) bool
func (*EntitySecretKey_Ed25519) GenerateChildSecretKey ¶
func (ek *EntitySecretKey_Ed25519) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
func (*EntitySecretKey_Ed25519) HasCapability ¶
func (ek *EntitySecretKey_Ed25519) HasCapability(c Capability) bool
func (*EntitySecretKey_Ed25519) Public ¶
func (ek *EntitySecretKey_Ed25519) Public() EntityKeySchemeInstance
func (*EntitySecretKey_Ed25519) SecretCanonicalForm ¶
func (ek *EntitySecretKey_Ed25519) SecretCanonicalForm() *serdes.EntityKeyringEntry
func (*EntitySecretKey_Ed25519) SignAttestation ¶
func (*EntitySecretKey_Ed25519) SignCertify ¶
func (*EntitySecretKey_Ed25519) SignMessage ¶
func (*EntitySecretKey_Ed25519) Supported ¶
func (ek *EntitySecretKey_Ed25519) Supported() bool
type EntitySecretKey_IBE_BN256 ¶
type EntitySecretKey_IBE_BN256 struct { SerdesForm *serdes.EntityKeyringEntry PrivateKey *ibe.IdentityPrivateKey Params *ibe.MasterPublicKey ID []byte }
func (*EntitySecretKey_IBE_BN256) CanonicalForm ¶
func (k *EntitySecretKey_IBE_BN256) CanonicalForm() *serdes.EntityPublicKey
func (*EntitySecretKey_IBE_BN256) DecryptMessage ¶
func (*EntitySecretKey_IBE_BN256) DecryptMessageAsChild ¶
func (*EntitySecretKey_IBE_BN256) Equal ¶
func (ek *EntitySecretKey_IBE_BN256) Equal(rhs EntitySecretKeySchemeInstance) bool
func (*EntitySecretKey_IBE_BN256) GenerateChildSecretKey ¶
func (k *EntitySecretKey_IBE_BN256) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
func (*EntitySecretKey_IBE_BN256) GobDecode ¶
func (ek *EntitySecretKey_IBE_BN256) GobDecode(ba []byte) error
func (*EntitySecretKey_IBE_BN256) GobEncode ¶
func (ek *EntitySecretKey_IBE_BN256) GobEncode() ([]byte, error)
func (*EntitySecretKey_IBE_BN256) HasCapability ¶
func (ek *EntitySecretKey_IBE_BN256) HasCapability(c Capability) bool
func (*EntitySecretKey_IBE_BN256) Public ¶
func (k *EntitySecretKey_IBE_BN256) Public() EntityKeySchemeInstance
func (*EntitySecretKey_IBE_BN256) SecretCanonicalForm ¶
func (k *EntitySecretKey_IBE_BN256) SecretCanonicalForm() *serdes.EntityKeyringEntry
func (*EntitySecretKey_IBE_BN256) SignAttestation ¶
func (*EntitySecretKey_IBE_BN256) SignCertify ¶
func (*EntitySecretKey_IBE_BN256) SignMessage ¶
func (*EntitySecretKey_IBE_BN256) Supported ¶
func (ek *EntitySecretKey_IBE_BN256) Supported() bool
type EntitySecretKey_IBE_Master_BN256 ¶
type EntitySecretKey_IBE_Master_BN256 struct { SerdesForm *serdes.EntityKeyringEntry PrivateKey *ibe.MasterPrivateKey PublicKey *ibe.MasterPublicKey }
func (*EntitySecretKey_IBE_Master_BN256) CanonicalForm ¶
func (ek *EntitySecretKey_IBE_Master_BN256) CanonicalForm() *serdes.EntityPublicKey
func (*EntitySecretKey_IBE_Master_BN256) DecryptMessage ¶
func (*EntitySecretKey_IBE_Master_BN256) DecryptMessageAsChild ¶
func (*EntitySecretKey_IBE_Master_BN256) Equal ¶
func (ek *EntitySecretKey_IBE_Master_BN256) Equal(rhs EntitySecretKeySchemeInstance) bool
func (*EntitySecretKey_IBE_Master_BN256) GenerateChildSecretKey ¶
func (ek *EntitySecretKey_IBE_Master_BN256) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
func (*EntitySecretKey_IBE_Master_BN256) GobDecode ¶
func (ek *EntitySecretKey_IBE_Master_BN256) GobDecode(ba []byte) error
func (*EntitySecretKey_IBE_Master_BN256) GobEncode ¶
func (ek *EntitySecretKey_IBE_Master_BN256) GobEncode() ([]byte, error)
func (*EntitySecretKey_IBE_Master_BN256) HasCapability ¶
func (ek *EntitySecretKey_IBE_Master_BN256) HasCapability(c Capability) bool
func (*EntitySecretKey_IBE_Master_BN256) Public ¶
func (ek *EntitySecretKey_IBE_Master_BN256) Public() EntityKeySchemeInstance
func (*EntitySecretKey_IBE_Master_BN256) SecretCanonicalForm ¶
func (ek *EntitySecretKey_IBE_Master_BN256) SecretCanonicalForm() *serdes.EntityKeyringEntry
func (*EntitySecretKey_IBE_Master_BN256) SignAttestation ¶
func (*EntitySecretKey_IBE_Master_BN256) SignCertify ¶
func (*EntitySecretKey_IBE_Master_BN256) SignMessage ¶
func (*EntitySecretKey_IBE_Master_BN256) Supported ¶
func (ek *EntitySecretKey_IBE_Master_BN256) Supported() bool
type EntitySecretKey_OAQUE_BN256_S20 ¶
type EntitySecretKey_OAQUE_BN256_S20 struct { SerdesForm *serdes.EntityKeyringEntry PrivateKey *oaque.PrivateKey Params *oaque.Params AttributeSet [][]byte // contains filtered or unexported fields }
func (*EntitySecretKey_OAQUE_BN256_S20) CanonicalForm ¶
func (k *EntitySecretKey_OAQUE_BN256_S20) CanonicalForm() *serdes.EntityPublicKey
func (*EntitySecretKey_OAQUE_BN256_S20) DecryptMessage ¶
func (*EntitySecretKey_OAQUE_BN256_S20) DecryptMessageAsChild ¶
func (*EntitySecretKey_OAQUE_BN256_S20) Equal ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20) Equal(rhs EntitySecretKeySchemeInstance) bool
func (*EntitySecretKey_OAQUE_BN256_S20) GenerateChildSecretKey ¶
func (k *EntitySecretKey_OAQUE_BN256_S20) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
func (*EntitySecretKey_OAQUE_BN256_S20) GobDecode ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20) GobDecode(ba []byte) error
func (*EntitySecretKey_OAQUE_BN256_S20) GobEncode ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20) GobEncode() ([]byte, error)
func (*EntitySecretKey_OAQUE_BN256_S20) HasCapability ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20) HasCapability(c Capability) bool
func (*EntitySecretKey_OAQUE_BN256_S20) IdHash ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20) IdHash() [32]byte
func (*EntitySecretKey_OAQUE_BN256_S20) Public ¶
func (k *EntitySecretKey_OAQUE_BN256_S20) Public() EntityKeySchemeInstance
func (*EntitySecretKey_OAQUE_BN256_S20) SecretCanonicalForm ¶
func (k *EntitySecretKey_OAQUE_BN256_S20) SecretCanonicalForm() *serdes.EntityKeyringEntry
func (*EntitySecretKey_OAQUE_BN256_S20) SignAttestation ¶
func (*EntitySecretKey_OAQUE_BN256_S20) SignCertify ¶
func (*EntitySecretKey_OAQUE_BN256_S20) SignMessage ¶
func (*EntitySecretKey_OAQUE_BN256_S20) Slots ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20) Slots() [][]byte
func (*EntitySecretKey_OAQUE_BN256_S20) Supported ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20) Supported() bool
type EntitySecretKey_OAQUE_BN256_S20_Master ¶
type EntitySecretKey_OAQUE_BN256_S20_Master struct { SerdesForm *serdes.EntityKeyringEntry PrivateKey *oaque.MasterKey Params *oaque.Params }
func (*EntitySecretKey_OAQUE_BN256_S20_Master) CanonicalForm ¶
func (k *EntitySecretKey_OAQUE_BN256_S20_Master) CanonicalForm() *serdes.EntityPublicKey
func (*EntitySecretKey_OAQUE_BN256_S20_Master) DecryptMessage ¶
func (*EntitySecretKey_OAQUE_BN256_S20_Master) DecryptMessageAsChild ¶
func (*EntitySecretKey_OAQUE_BN256_S20_Master) Equal ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) Equal(rhs EntitySecretKeySchemeInstance) bool
func (*EntitySecretKey_OAQUE_BN256_S20_Master) GenerateChildSecretKey ¶
func (k *EntitySecretKey_OAQUE_BN256_S20_Master) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
func (*EntitySecretKey_OAQUE_BN256_S20_Master) GobDecode ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) GobDecode(ba []byte) error
func (*EntitySecretKey_OAQUE_BN256_S20_Master) GobEncode ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) GobEncode() ([]byte, error)
func (*EntitySecretKey_OAQUE_BN256_S20_Master) HasCapability ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) HasCapability(c Capability) bool
func (*EntitySecretKey_OAQUE_BN256_S20_Master) Public ¶
func (k *EntitySecretKey_OAQUE_BN256_S20_Master) Public() EntityKeySchemeInstance
func (*EntitySecretKey_OAQUE_BN256_S20_Master) SecretCanonicalForm ¶
func (k *EntitySecretKey_OAQUE_BN256_S20_Master) SecretCanonicalForm() *serdes.EntityKeyringEntry
func (*EntitySecretKey_OAQUE_BN256_S20_Master) SignAttestation ¶
func (*EntitySecretKey_OAQUE_BN256_S20_Master) SignCertify ¶
func (*EntitySecretKey_OAQUE_BN256_S20_Master) SignMessage ¶
func (*EntitySecretKey_OAQUE_BN256_S20_Master) Supported ¶
func (ek *EntitySecretKey_OAQUE_BN256_S20_Master) Supported() bool
type EntitySecrets ¶
type EntitySecrets struct { CanonicalForm *serdes.WaveEntitySecret Keyring []EntitySecretKeySchemeInstance Entity *Entity }
func (*EntitySecrets) AttestationRevocationDetails ¶ added in v0.2.1
func (e *EntitySecrets) AttestationRevocationDetails(att *Attestation) ([]byte, LocationSchemeInstance, wve.WVE)
func (*EntitySecrets) CommitmentRevocationDetails ¶ added in v0.2.1
func (e *EntitySecrets) CommitmentRevocationDetails() (content []byte, loc []LocationSchemeInstance)
func (*EntitySecrets) MessageSigningKey ¶ added in v0.2.1
func (e *EntitySecrets) MessageSigningKey() EntitySecretKeySchemeInstance
func (*EntitySecrets) NameDeclarationRevocationDetails ¶ added in v0.2.1
func (e *EntitySecrets) NameDeclarationRevocationDetails(nd *NameDeclaration) ([]byte, LocationSchemeInstance, wve.WVE)
func (*EntitySecrets) PrimarySigningKey ¶
func (e *EntitySecrets) PrimarySigningKey() EntitySecretKeySchemeInstance
func (*EntitySecrets) WR1BodyKey ¶
func (e *EntitySecrets) WR1BodyKey(ctx context.Context, slots [][]byte) (SlottedSecretKey, error)
func (*EntitySecrets) WR1DirectDecryptionKey ¶
func (e *EntitySecrets) WR1DirectDecryptionKey(ctx context.Context) (EntitySecretKeySchemeInstance, error)
func (*EntitySecrets) WR1LabelKey ¶
func (e *EntitySecrets) WR1LabelKey(ctx context.Context, namespace []byte) (EntitySecretKeySchemeInstance, error)
type ExtensionSchemeInstance ¶
type GetResult ¶ added in v0.2.0
type GetResult struct { Attestation *Attestation NameDeclaration *NameDeclaration }
type HashScheme ¶
type HashScheme interface { Scheme //Digest(ctx context.Context, input []byte) ([]byte, error) Instance(input []byte) HashSchemeInstance OID() asn1.ObjectIdentifier }
func HashSchemeFor ¶
func HashSchemeFor(h asn1.External) HashScheme
type HashSchemeInstance ¶
type HashSchemeInstance interface { Scheme //For curried hash scheme instances Value() []byte Multihash() []byte MultihashString() string CanonicalForm() *asn1.External OID() asn1.ObjectIdentifier }
func HashSchemeInstanceFor ¶
func HashSchemeInstanceFor(h *asn1.External) HashSchemeInstance
func NewHashScheme(oid asn1.ObjectIdentifier) HashScheme { panic("ni") }
func HashSchemeInstanceFromMultihash ¶
func HashSchemeInstanceFromMultihash(mh []byte) HashSchemeInstance
type HashSchemeInstance_Keccak_256 ¶
type HashSchemeInstance_Keccak_256 struct {
Val []byte
}
func (*HashSchemeInstance_Keccak_256) CanonicalForm ¶
func (hs *HashSchemeInstance_Keccak_256) CanonicalForm() *asn1.External
func (*HashSchemeInstance_Keccak_256) Multihash ¶
func (hs *HashSchemeInstance_Keccak_256) Multihash() []byte
func (*HashSchemeInstance_Keccak_256) MultihashString ¶
func (hs *HashSchemeInstance_Keccak_256) MultihashString() string
func (*HashSchemeInstance_Keccak_256) OID ¶
func (hs *HashSchemeInstance_Keccak_256) OID() asn1.ObjectIdentifier
func (*HashSchemeInstance_Keccak_256) Supported ¶
func (hs *HashSchemeInstance_Keccak_256) Supported() bool
func (*HashSchemeInstance_Keccak_256) Value ¶
func (hs *HashSchemeInstance_Keccak_256) Value() []byte
type HashSchemeInstance_Sha3_256 ¶
type HashSchemeInstance_Sha3_256 struct {
Val []byte
}
func (*HashSchemeInstance_Sha3_256) CanonicalForm ¶
func (hs *HashSchemeInstance_Sha3_256) CanonicalForm() *asn1.External
func (*HashSchemeInstance_Sha3_256) Multihash ¶
func (hs *HashSchemeInstance_Sha3_256) Multihash() []byte
func (*HashSchemeInstance_Sha3_256) MultihashString ¶
func (hs *HashSchemeInstance_Sha3_256) MultihashString() string
func (*HashSchemeInstance_Sha3_256) OID ¶
func (hs *HashSchemeInstance_Sha3_256) OID() asn1.ObjectIdentifier
func (*HashSchemeInstance_Sha3_256) Supported ¶
func (hs *HashSchemeInstance_Sha3_256) Supported() bool
func (*HashSchemeInstance_Sha3_256) Value ¶
func (hs *HashSchemeInstance_Sha3_256) Value() []byte
type HashScheme_Keccak_256 ¶
type HashScheme_Keccak_256 struct{}
func (*HashScheme_Keccak_256) Instance ¶
func (hs *HashScheme_Keccak_256) Instance(input []byte) HashSchemeInstance
func (*HashScheme_Keccak_256) OID ¶
func (hs *HashScheme_Keccak_256) OID() asn1.ObjectIdentifier
func (*HashScheme_Keccak_256) Supported ¶
func (hs *HashScheme_Keccak_256) Supported() bool
type HashScheme_Sha3_256 ¶
type HashScheme_Sha3_256 struct{}
func (*HashScheme_Sha3_256) Instance ¶
func (hs *HashScheme_Sha3_256) Instance(input []byte) HashSchemeInstance
func (*HashScheme_Sha3_256) OID ¶
func (hs *HashScheme_Sha3_256) OID() asn1.ObjectIdentifier
func (*HashScheme_Sha3_256) Supported ¶
func (hs *HashScheme_Sha3_256) Supported() bool
type InterestingEntityResult ¶
type KeyPoolDecryptionContext ¶
type KeyPoolDecryptionContext struct {
// contains filtered or unexported fields
}
func NewKeyPoolDecryptionContext ¶
func NewKeyPoolDecryptionContext() *KeyPoolDecryptionContext
func (*KeyPoolDecryptionContext) AddDomainVisibilityID ¶
func (kpd *KeyPoolDecryptionContext) AddDomainVisibilityID(id []byte)
func (*KeyPoolDecryptionContext) AddEntity ¶
func (kpd *KeyPoolDecryptionContext) AddEntity(e *Entity)
func (*KeyPoolDecryptionContext) AddEntitySecret ¶
func (kpd *KeyPoolDecryptionContext) AddEntitySecret(es *EntitySecrets, delegatedOnly bool)
func (*KeyPoolDecryptionContext) AddEntitySecretsLabelOnly ¶ added in v0.2.0
func (kpd *KeyPoolDecryptionContext) AddEntitySecretsLabelOnly(es *EntitySecrets)
func (*KeyPoolDecryptionContext) EntityByHashLoc ¶
func (kpd *KeyPoolDecryptionContext) EntityByHashLoc(ctx context.Context, hash HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE)
func (*KeyPoolDecryptionContext) SetUnderlyingContext ¶ added in v0.2.1
func (kpd *KeyPoolDecryptionContext) SetUnderlyingContext(ctx KeyPoolUnderlyingContext)
func (*KeyPoolDecryptionContext) SetWR1ProverBodyKey ¶
func (kpd *KeyPoolDecryptionContext) SetWR1ProverBodyKey(atv []byte)
func (*KeyPoolDecryptionContext) SetWR1VerifierBodyKey ¶
func (kpd *KeyPoolDecryptionContext) SetWR1VerifierBodyKey(atv []byte)
func (*KeyPoolDecryptionContext) WR1AttesterDirectDecryptionKey ¶ added in v0.2.1
func (kpd *KeyPoolDecryptionContext) WR1AttesterDirectDecryptionKey(ctx context.Context, onResult func(k EntitySecretKeySchemeInstance) bool) error
func (*KeyPoolDecryptionContext) WR1DirectDecryptionKey ¶
func (kpd *KeyPoolDecryptionContext) WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
func (*KeyPoolDecryptionContext) WR1EntityFromHash ¶ added in v0.2.1
func (kpd *KeyPoolDecryptionContext) WR1EntityFromHash(ctx context.Context, hash HashSchemeInstance, loc LocationSchemeInstance) (*Entity, error)
func (*KeyPoolDecryptionContext) WR1IBEKeysForPartitionLabel ¶
func (kpd *KeyPoolDecryptionContext) WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
func (*KeyPoolDecryptionContext) WR1OAQUEKeysForContent ¶
func (kpd *KeyPoolDecryptionContext) WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, slots [][]byte, onResult func(k SlottedSecretKey) bool) error
func (*KeyPoolDecryptionContext) WR1ProverBodyKey ¶
func (kpd *KeyPoolDecryptionContext) WR1ProverBodyKey(ctx context.Context) []byte
func (*KeyPoolDecryptionContext) WR1VerifierBodyKey ¶
func (kpd *KeyPoolDecryptionContext) WR1VerifierBodyKey(ctx context.Context) []byte
type KeyPoolUnderlyingContext ¶ added in v0.2.1
type KeyPoolUnderlyingContext interface {
EntityByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE)
}
type KeyringPlaintext ¶
func (*KeyringPlaintext) DecryptKeyring ¶
func (kr *KeyringPlaintext) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)
func (*KeyringPlaintext) EncryptKeyring ¶
func (kr *KeyringPlaintext) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)
func (*KeyringPlaintext) Supported ¶
func (kr *KeyringPlaintext) Supported() bool
type LocationResult ¶
type LocationResult struct { Location LocationSchemeInstance Err error }
type LocationSchemeInstance ¶
type LocationSchemeInstance interface { Scheme CanonicalForm() *asn1.External IdHash() [32]byte Equal(l LocationSchemeInstance) bool }
func LocationSchemeInstanceFor ¶
func LocationSchemeInstanceFor(e *asn1.External) LocationSchemeInstance
func NewLocationSchemeInstanceURL ¶
func NewLocationSchemeInstanceURL(url string, version int) LocationSchemeInstance
type LocationSchemeInstanceURL ¶
type LocationSchemeInstanceURL struct { SerdesForm *serdes.LocationURL // contains filtered or unexported fields }
func (*LocationSchemeInstanceURL) CanonicalForm ¶
func (ls *LocationSchemeInstanceURL) CanonicalForm() *asn1.External
func (*LocationSchemeInstanceURL) Equal ¶
func (ls *LocationSchemeInstanceURL) Equal(rhs LocationSchemeInstance) bool
func (*LocationSchemeInstanceURL) IdHash ¶
func (ls *LocationSchemeInstanceURL) IdHash() [32]byte
func (*LocationSchemeInstanceURL) Supported ¶
func (ls *LocationSchemeInstanceURL) Supported() bool
type LookupFromFilter ¶
type LookupFromResult ¶
type LookupFromResult struct { Attestation *Attestation Err error }
type LowLevelStorage ¶
type LowLevelStorage interface { //If the key does not exist, return nil value and nil err Load(ctx context.Context, key string) (val []byte, err error) //For both of these functions, you either have to fully consume the value channel, //or cancel the context. LoadPrefix(ctx context.Context, key string) (results chan KeyValue, err chan error) //Values will be nil LoadPrefixKeys(ctx context.Context, key string) (results chan KeyValue, err chan error) Store(ctx context.Context, key string, val []byte) (err error) //Removes key, no error if it does not exist Remove(ctx context.Context, key string) (err error) }
type NameDeclaration ¶ added in v0.2.0
type NameDeclaration struct { CanonicalForm *serdes.WaveNameDeclaration DecryptedBody *serdes.NameDeclarationBody Attester HashSchemeInstance AttesterLocation LocationSchemeInstance Subject HashSchemeInstance SubjectLocation LocationSchemeInstance Name string Revocations []RevocationSchemeInstance WR1Extra *WR1Extra }
func (*NameDeclaration) ArrayKeccak256 ¶ added in v0.2.0
func (nd *NameDeclaration) ArrayKeccak256() [32]byte
func (*NameDeclaration) Decoded ¶ added in v0.2.0
func (nd *NameDeclaration) Decoded() bool
func (*NameDeclaration) Hash ¶ added in v0.2.0
func (nd *NameDeclaration) Hash(scheme HashScheme) HashSchemeInstance
func (*NameDeclaration) IsNameValid ¶ added in v0.2.0
func (nd *NameDeclaration) IsNameValid() bool
func (*NameDeclaration) Keccak256 ¶ added in v0.2.0
func (nd *NameDeclaration) Keccak256() []byte
func (*NameDeclaration) Keccak256HI ¶ added in v0.2.0
func (nd *NameDeclaration) Keccak256HI() HashSchemeInstance
func (*NameDeclaration) SetCanonicalForm ¶ added in v0.2.0
func (nd *NameDeclaration) SetCanonicalForm(cf *serdes.WaveNameDeclaration) wve.WVE
func (*NameDeclaration) SetDecryptedBody ¶ added in v0.2.0
func (nd *NameDeclaration) SetDecryptedBody(db *serdes.NameDeclarationBody) wve.WVE
type OuterSignatureBindingScheme ¶
type OuterSignatureBindingScheme interface { Scheme VerifyBinding(ctx context.Context, att *Attestation, attester *Entity) wve.WVE }
func OuterSignatureBindingSchemeFor ¶
func OuterSignatureBindingSchemeFor(e *asn1.External) OuterSignatureBindingScheme
type OuterSignatureBindingScheme_SignedOuterKey ¶
type OuterSignatureBindingScheme_SignedOuterKey struct { }
func (*OuterSignatureBindingScheme_SignedOuterKey) Supported ¶
func (sbs *OuterSignatureBindingScheme_SignedOuterKey) Supported() bool
func (*OuterSignatureBindingScheme_SignedOuterKey) VerifyBinding ¶
func (sbs *OuterSignatureBindingScheme_SignedOuterKey) VerifyBinding(ctx context.Context, att *Attestation, attester *Entity) wve.WVE
type OuterSignatureScheme ¶
type OuterSignatureScheme interface { Scheme VerifySignature(ctx context.Context, canonicalForm *serdes.WaveAttestation) wve.WVE }
func OuterSignatureSchemeFor ¶
func OuterSignatureSchemeFor(e *asn1.External) OuterSignatureScheme
type OuterSignatureScheme_EphemeralEd25519 ¶
type OuterSignatureScheme_EphemeralEd25519 struct { }
func (*OuterSignatureScheme_EphemeralEd25519) Supported ¶
func (os *OuterSignatureScheme_EphemeralEd25519) Supported() bool
func (*OuterSignatureScheme_EphemeralEd25519) VerifySignature ¶
func (os *OuterSignatureScheme_EphemeralEd25519) VerifySignature(ctx context.Context, canonicalForm *serdes.WaveAttestation) wve.WVE
type PCompactProof ¶ added in v0.2.1
type PCompactProof struct {
DER []byte
}
type PCreateAttestation ¶
type PCreateAttestation struct { Policy PolicySchemeInstance HashScheme HashScheme BodyScheme AttestationBodyScheme EncryptionContext BodyEncryptionContext Attester *EntitySecrets AttesterLocation LocationSchemeInstance Subject *Entity SubjectLocation LocationSchemeInstance //If not specified, defaults to Now ValidFrom *time.Time //If not specified defaults to Now+30 days ValidUntil *time.Time }
type PCreateNameDeclaration ¶ added in v0.2.0
type PCreateNameDeclaration struct { Attester *EntitySecrets AttesterLocation LocationSchemeInstance Subject *Entity SubjectLocation LocationSchemeInstance Name string //If not specified, defaults to Now ValidFrom *time.Time //If not specified defaults to Now+5 years ValidUntil *time.Time //If present, an encrypted declaration will be made Namespace *Entity NamespaceLocation LocationSchemeInstance Partition [][]byte }
type PDecryptMessage ¶ added in v0.2.0
type PDecryptMessage struct { Decryptor *EntitySecrets Ciphertext []byte Dctx WR1MessageDecryptionContext }
type PEncryptMessage ¶ added in v0.2.0
type PNewEntity ¶
type PParseAttestation ¶
type PParseAttestation struct { //Either specify DER or specify Attestation (to further decrypt a partially //decrypted DOT) DER []byte Attestation *Attestation DecryptionContext BodyDecryptionContext }
type PParseEntity ¶
type PParseEntity struct {
DER []byte
}
type PParseEntitySecrets ¶
type PParseNameDeclaration ¶ added in v0.2.0
type PParseNameDeclaration struct { DER []byte NameDeclaration *NameDeclaration Dctx WR1NameDeclarationDecryptionContext }
type PSKBodyDecryptionContext ¶
type PSKBodyDecryptionContext interface {
GetDecryptPSK(ctx context.Context, dst HashScheme, public EntityKeySchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error
}
type PSKBodyEncryptionContext ¶
type PSKBodyEncryptionContext interface {
GetEncryptPSK(ctx context.Context, body *serdes.WaveAttestation, onResult func(k EntitySecretKeySchemeInstance) bool) error
}
type PSKBodyScheme ¶
func (*PSKBodyScheme) DecryptBody ¶
func (psk *PSKBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
func (*PSKBodyScheme) EncryptBody ¶
func (psk *PSKBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, intermediateForm *serdes.WaveAttestation) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
func (*PSKBodyScheme) Supported ¶
func (psk *PSKBodyScheme) Supported() bool
type PVerifyRTreeProof ¶
type PVerifyRTreeProof struct { DER []byte VCtx VerificationContext }
type PVerifySignature ¶ added in v0.2.1
type PVerifySignature struct { DER []byte Content []byte Signer HashSchemeInstance SignerLocation LocationSchemeInstance VCtx VerificationContext }
type PendingAttestation ¶
type PendingAttestation struct { Err error Attestation *Attestation Keccak256 []byte //Only for pending without partition LabelKeyIndex *int }
type PendingNameDeclaration ¶ added in v0.2.0
type PendingNameDeclaration struct { Err error NameDeclaration *NameDeclaration Keccak256 []byte LabelKeyIndex *int }
type PlaintextBodyScheme ¶
type PlaintextBodyScheme struct { }
func NewPlaintextBodyScheme ¶
func NewPlaintextBodyScheme() *PlaintextBodyScheme
func (*PlaintextBodyScheme) DecryptBody ¶
func (pt *PlaintextBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation, inextra interface{}) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
func (*PlaintextBodyScheme) EncryptBody ¶
func (pt *PlaintextBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, attester *EntitySecrets, subject *Entity, intermediateForm *serdes.WaveAttestation, policy PolicySchemeInstance) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
func (*PlaintextBodyScheme) Supported ¶
func (pt *PlaintextBodyScheme) Supported() bool
type PolicyAddendumSchemeInstance ¶
type PolicyAddendumSchemeInstance interface { Scheme }
type PolicySchemeInstance ¶
type PolicySchemeInstance interface { Scheme CanonicalForm() *asn1.External //These are required for WR1 support WR1DomainEntity() HashSchemeInstance //The first 12 elements used in the final partition WR1PartitionPrefix() [][]byte CheckValid() error }
func PolicySchemeInstanceFor ¶
func PolicySchemeInstanceFor(e *asn1.External) (PolicySchemeInstance, error)
type RCompactProof ¶ added in v0.2.1
type RCompactProof struct {
DER []byte
}
func CompactProof ¶ added in v0.2.1
func CompactProof(ctx context.Context, p *PCompactProof) (*RCompactProof, wve.WVE)
type RCreateAttestation ¶
func CreateAttestation ¶
func CreateAttestation(ctx context.Context, p *PCreateAttestation) (*RCreateAttestation, wve.WVE)
type RCreateNameDeclaration ¶ added in v0.2.0
type RCreateNameDeclaration struct { NameDeclaration *NameDeclaration DER []byte }
func CreateNameDeclaration ¶ added in v0.2.0
func CreateNameDeclaration(ctx context.Context, p *PCreateNameDeclaration) (*RCreateNameDeclaration, wve.WVE)
type RDecryptMessage ¶ added in v0.2.0
type RDecryptMessage struct {
Content []byte
}
func DecryptMessage ¶ added in v0.2.0
func DecryptMessage(ctx context.Context, p *PDecryptMessage) (*RDecryptMessage, wve.WVE)
type REncryptMessage ¶ added in v0.2.0
type REncryptMessage struct {
Ciphertext []byte
}
func EncryptMessage ¶ added in v0.2.0
func EncryptMessage(ctx context.Context, p *PEncryptMessage) (*REncryptMessage, wve.WVE)
type RNewEntity ¶
func NewEntity ¶
func NewEntity(ctx context.Context, p *PNewEntity) (*RNewEntity, wve.WVE)
Creates a new WR1 entity object and returns the public and secret canonical representations
type RParseAttestation ¶
type RParseAttestation struct { Attestation *Attestation IsMalformed bool ExtraInfo interface{} }
func NewParsedAttestation ¶
func NewParsedAttestation(ctx context.Context, p *PCreateAttestation) (*RParseAttestation, wve.WVE)
This is obviously of limited use, only an Att with no encryption will fully parse
func ParseAttestation ¶
func ParseAttestation(ctx context.Context, p *PParseAttestation) (*RParseAttestation, wve.WVE)
type RParseEntity ¶
type RParseEntity struct {
Entity *Entity
}
func ParseEntity ¶
func ParseEntity(ctx context.Context, p *PParseEntity) (*RParseEntity, wve.WVE)
type RParseEntitySecrets ¶
type RParseEntitySecrets struct { Entity *Entity EntitySecrets *EntitySecrets }
func NewParsedEntitySecrets ¶
func NewParsedEntitySecrets(ctx context.Context, p *PNewEntity) (*RParseEntitySecrets, wve.WVE)
func ParseEntitySecrets ¶
func ParseEntitySecrets(ctx context.Context, p *PParseEntitySecrets) (*RParseEntitySecrets, wve.WVE)
type RParseNameDeclaration ¶ added in v0.2.0
type RParseNameDeclaration struct { Result *NameDeclaration IsMalformed bool }
func ParseNameDeclaration ¶ added in v0.2.0
func ParseNameDeclaration(ctx context.Context, p *PParseNameDeclaration) (*RParseNameDeclaration, wve.WVE)
type RTreePolicy ¶
type RTreePolicy struct { SerdesForm serdes.RTreePolicy VisibilityURI [][]byte }
func NewRTreePolicyScheme ¶
func NewRTreePolicyScheme(policy serdes.RTreePolicy, visuri [][]byte) (*RTreePolicy, error)
func (*RTreePolicy) CanonicalForm ¶
func (ps *RTreePolicy) CanonicalForm() *asn1.External
func (*RTreePolicy) CheckValid ¶
func (ps *RTreePolicy) CheckValid() error
This is only valid for attestation policies not derived policies from intersections
func (*RTreePolicy) Intersect ¶
func (lhs *RTreePolicy) Intersect(rhs *RTreePolicy) (result *RTreePolicy, okay bool, message string, err error)
The intersection of two RTreePolicies is the set of permissions that they would grant if they appeared in succession in an attestation chain This function does not check indirections This function assumes the policy has been checked
func (*RTreePolicy) IsSubsetOf ¶
func (lhs *RTreePolicy) IsSubsetOf(superset *RTreePolicy) bool
func (*RTreePolicy) Supported ¶
func (ps *RTreePolicy) Supported() bool
func (*RTreePolicy) Union ¶
func (lhs *RTreePolicy) Union(rhs *RTreePolicy) (result *RTreePolicy, okay bool, message string, err error)
func (*RTreePolicy) WR1DomainEntity ¶
func (ps *RTreePolicy) WR1DomainEntity() HashSchemeInstance
func (*RTreePolicy) WR1PartitionPrefix ¶ added in v0.2.0
func (ps *RTreePolicy) WR1PartitionPrefix() [][]byte
type RVerifyRTreeProof ¶
type RVerifyRTreeProof struct { Policy *RTreePolicy Expires time.Time Attestations []*Attestation Paths [][]int Subject HashSchemeInstance SubjectLocation LocationSchemeInstance }
func VerifyRTreeProof ¶
func VerifyRTreeProof(ctx context.Context, p *PVerifyRTreeProof) (*RVerifyRTreeProof, wve.WVE)
type RVerifySignature ¶ added in v0.2.1
type RVerifySignature struct {
Okay bool
}
func VerifySignature ¶ added in v0.2.1
func VerifySignature(ctx context.Context, p *PVerifySignature) (*RVerifySignature, wve.WVE)
type ResolveResult ¶ added in v0.2.0
type ResolveResult struct { NameDeclaration *NameDeclaration Err error }
type RevocationSchemeInstance ¶ added in v0.2.1
type RevocationSchemeInstance interface { Scheme CanonicalForm() serdes.RevocationOption IsRevoked(ctx context.Context, s StorageInterface) (bool, wve.WVE) Critical() bool Id() string }
func RevocationSchemeInstanceFor ¶ added in v0.2.1
func RevocationSchemeInstanceFor(op *serdes.RevocationOption) RevocationSchemeInstance
type SlottedSecretKey ¶
type SlottedSecretKey interface { EntitySecretKeySchemeInstance Slots() [][]byte IdHash() [32]byte }
var XXKey SlottedSecretKey
type StorageDriverCharacteristics ¶
type StorageDriverCharacteristics struct { //In WAVE a perspective is a particular view of the global graph that //is defined by a perspective entity. If the storage provider requires //a distinct instantiation per perspective, set this to true. Regardless //of this setting, the perspective entity is available via // ctx.Value(consts.PerspectiveKey).(*iapi.EntitySecrets) // default is False PerspectiveDependant *bool // When generating the default config file for the user, // what are the default config options DefaultConfiguration map[string]string // If there is no specific hash scheme (the provider is agnostic) // then leave this nil PreferredHashScheme HashScheme }
type StorageDriverInterface ¶
type StorageDriverInterface interface { //This will be called on a specific instantiation of the driver to //work out which storage requests to route its way Location(context.Context) LocationSchemeInstance //When constructing an attestation with a particular location in mind, //the entity hashes used within the attestation should match the scheme of //the storage. This method enables the engine to know the hash in advance PreferredHashScheme() HashScheme //Given a set of key/value options from the user's configuration file, //create an instance of this storage driver. Initialize will be called //on an empty struct instance (e.g (&MyStorage{}).Initialize(cfg)) Initialize(ctx context.Context, name string, config map[string]string) error //Retrieve the status of this storage driver (ready for use etc) //You should only return an error on context timeout, any other //error is probably indicative of an non-operational status and should be //returned as such Status(ctx context.Context) (operational bool, info map[string]string, err error) //Put the given object into storage. This does not queue any notifications //It should return the Hash of the object using the providers preferred //hash scheme. It should only return when the object Put(ctx context.Context, content []byte) (HashSchemeInstance, error) //Get the given object from storage. A nonexistant object should return //ErrObjectNotFound. Get(ctx context.Context, hash HashSchemeInstance) (content []byte, err error) //Place the given object into the given queue. Enqueue(ctx context.Context, queueId HashSchemeInstance, object HashSchemeInstance) error //Iterate over the given queue. Returns nil, "", ErrNoMore if there are no more //entries. Must accept "" as iteratorToken to mean the first entry IterateQueue(ctx context.Context, queueId HashSchemeInstance, iteratorToken string) (object HashSchemeInstance, nextToken string, err error) }
type StorageDriverStatus ¶
type StorageInterface ¶
type StorageInterface interface { PutBlob(ctx context.Context, loc LocationSchemeInstance, content []byte) (HashSchemeInstance, error) GetBlob(ctx context.Context, loc LocationSchemeInstance, hash HashSchemeInstance) ([]byte, error) GetEntity(ctx context.Context, loc LocationSchemeInstance, hash HashSchemeInstance) (*Entity, error) PutEntity(ctx context.Context, loc LocationSchemeInstance, ent *Entity) (HashSchemeInstance, error) GetAttestation(ctx context.Context, loc LocationSchemeInstance, hash HashSchemeInstance) (*Attestation, error) GetAttestationOrDeclaration(ctx context.Context, loc LocationSchemeInstance, hash HashSchemeInstance) (*GetResult, error) PutNameDeclaration(ctx context.Context, loc LocationSchemeInstance, nd *NameDeclaration) (HashSchemeInstance, error) PutAttestation(ctx context.Context, loc LocationSchemeInstance, att *Attestation) (HashSchemeInstance, error) IterateQeueue(ctx context.Context, loc LocationSchemeInstance, queueId HashSchemeInstance, token string) (object HashSchemeInstance, nextToken string, err error) Enqueue(ctx context.Context, loc LocationSchemeInstance, queueId HashSchemeInstance, object HashSchemeInstance) error HashSchemeFor(loc LocationSchemeInstance) (HashScheme, error) Status(ctx context.Context) (map[string]StorageDriverStatus, error) RegisteredLocations(ctx context.Context) (map[string]LocationSchemeInstance, error) DefaultLocation(ctx context.Context) LocationSchemeInstance LocationByName(ctx context.Context, name string) (LocationSchemeInstance, error) }
func SI ¶
func SI() StorageInterface
type TrustLevelPolicy ¶
func NewTrustLevelPolicy ¶
func NewTrustLevelPolicy(trust int) (*TrustLevelPolicy, error)
func (*TrustLevelPolicy) CanonicalForm ¶
func (ps *TrustLevelPolicy) CanonicalForm() *asn1.External
func (*TrustLevelPolicy) CheckValid ¶ added in v0.2.1
func (ps *TrustLevelPolicy) CheckValid() error
func (*TrustLevelPolicy) Supported ¶
func (ps *TrustLevelPolicy) Supported() bool
func (*TrustLevelPolicy) WR1DomainEntity ¶
func (ps *TrustLevelPolicy) WR1DomainEntity() HashSchemeInstance
func (*TrustLevelPolicy) WR1PartitionPrefix ¶ added in v0.2.0
func (ps *TrustLevelPolicy) WR1PartitionPrefix() [][]byte
type UnsupportedBodyScheme ¶
type UnsupportedBodyScheme struct { }
func (*UnsupportedBodyScheme) DecryptBody ¶
func (u *UnsupportedBodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation, inextra interface{}) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
func (*UnsupportedBodyScheme) EncryptBody ¶
func (u *UnsupportedBodyScheme) EncryptBody(ctx context.Context, ec BodyEncryptionContext, attester *EntitySecrets, subject *Entity, intermediateForm *serdes.WaveAttestation, policy PolicySchemeInstance) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
func (*UnsupportedBodyScheme) Supported ¶
func (u *UnsupportedBodyScheme) Supported() bool
type UnsupportedHashScheme ¶
type UnsupportedHashScheme struct{}
func (*UnsupportedHashScheme) Instance ¶
func (hs *UnsupportedHashScheme) Instance(input []byte) HashSchemeInstance
func (*UnsupportedHashScheme) OID ¶
func (hs *UnsupportedHashScheme) OID() asn1.ObjectIdentifier
func (*UnsupportedHashScheme) Supported ¶
func (hs *UnsupportedHashScheme) Supported() bool
type UnsupportedHashSchemeInstance ¶
type UnsupportedHashSchemeInstance struct{}
func (*UnsupportedHashSchemeInstance) CanonicalForm ¶
func (hs *UnsupportedHashSchemeInstance) CanonicalForm() *asn1.External
func (*UnsupportedHashSchemeInstance) Multihash ¶
func (hs *UnsupportedHashSchemeInstance) Multihash() []byte
func (*UnsupportedHashSchemeInstance) MultihashString ¶
func (hs *UnsupportedHashSchemeInstance) MultihashString() string
func (*UnsupportedHashSchemeInstance) OID ¶
func (hs *UnsupportedHashSchemeInstance) OID() asn1.ObjectIdentifier
func (*UnsupportedHashSchemeInstance) Supported ¶
func (hs *UnsupportedHashSchemeInstance) Supported() bool
func (*UnsupportedHashSchemeInstance) Value ¶
func (hs *UnsupportedHashSchemeInstance) Value() []byte
type UnsupportedKeyScheme ¶
type UnsupportedKeyScheme struct {
SerdesForm *serdes.EntityPublicKey
}
func (*UnsupportedKeyScheme) CanonicalForm ¶
func (k *UnsupportedKeyScheme) CanonicalForm() *serdes.EntityPublicKey
func (*UnsupportedKeyScheme) EncryptMessage ¶
func (*UnsupportedKeyScheme) GenerateChildKey ¶
func (k *UnsupportedKeyScheme) GenerateChildKey(ctx context.Context, identity interface{}) (EntityKeySchemeInstance, error)
func (*UnsupportedKeyScheme) HasCapability ¶
func (k *UnsupportedKeyScheme) HasCapability(c Capability) bool
func (*UnsupportedKeyScheme) IdentifyingBlob ¶
func (k *UnsupportedKeyScheme) IdentifyingBlob(ctx context.Context) (string, error)
func (*UnsupportedKeyScheme) Supported ¶
func (k *UnsupportedKeyScheme) Supported() bool
func (*UnsupportedKeyScheme) SystemIdentifyingBlob ¶ added in v0.2.1
func (k *UnsupportedKeyScheme) SystemIdentifyingBlob(ctx context.Context) (string, error)
func (*UnsupportedKeyScheme) VerifyAttestation ¶
func (*UnsupportedKeyScheme) VerifyCertify ¶
func (*UnsupportedKeyScheme) VerifyMessage ¶
type UnsupportedKeyringScheme ¶
type UnsupportedKeyringScheme struct { }
func (*UnsupportedKeyringScheme) DecryptKeyring ¶
func (kr *UnsupportedKeyringScheme) DecryptKeyring(ctx context.Context, params interface{}) (decodedForm *serdes.EntityKeyring, err error)
func (*UnsupportedKeyringScheme) EncryptKeyring ¶
func (kr *UnsupportedKeyringScheme) EncryptKeyring(ctx context.Context, plaintext *serdes.EntityKeyring, params interface{}) (encodedForm *asn1.External, err error)
func (*UnsupportedKeyringScheme) Supported ¶
func (kr *UnsupportedKeyringScheme) Supported() bool
type UnsupportedLocationSchemeInstance ¶
type UnsupportedLocationSchemeInstance struct { }
func (*UnsupportedLocationSchemeInstance) CanonicalForm ¶
func (ls *UnsupportedLocationSchemeInstance) CanonicalForm() *asn1.External
func (*UnsupportedLocationSchemeInstance) Equal ¶
func (ls *UnsupportedLocationSchemeInstance) Equal(rhs LocationSchemeInstance) bool
func (*UnsupportedLocationSchemeInstance) IdHash ¶
func (ls *UnsupportedLocationSchemeInstance) IdHash() [32]byte
func (*UnsupportedLocationSchemeInstance) Supported ¶
func (ls *UnsupportedLocationSchemeInstance) Supported() bool
type UnsupportedOuterSignatureBindingScheme ¶
type UnsupportedOuterSignatureBindingScheme struct { }
func (*UnsupportedOuterSignatureBindingScheme) Supported ¶
func (sbs *UnsupportedOuterSignatureBindingScheme) Supported() bool
func (*UnsupportedOuterSignatureBindingScheme) VerifyBinding ¶
func (sbs *UnsupportedOuterSignatureBindingScheme) VerifyBinding(ctx context.Context, att *Attestation, attester *Entity) wve.WVE
type UnsupportedOuterSignatureScheme ¶
type UnsupportedOuterSignatureScheme struct { }
func (*UnsupportedOuterSignatureScheme) Supported ¶
func (os *UnsupportedOuterSignatureScheme) Supported() bool
func (*UnsupportedOuterSignatureScheme) VerifySignature ¶
func (os *UnsupportedOuterSignatureScheme) VerifySignature(ctx context.Context, canonicalForm *serdes.WaveAttestation) wve.WVE
type UnsupportedPolicySchemeInstance ¶
func (*UnsupportedPolicySchemeInstance) CanonicalForm ¶
func (ps *UnsupportedPolicySchemeInstance) CanonicalForm() *asn1.External
func (*UnsupportedPolicySchemeInstance) CheckValid ¶ added in v0.2.1
func (ps *UnsupportedPolicySchemeInstance) CheckValid() error
func (*UnsupportedPolicySchemeInstance) Supported ¶
func (ps *UnsupportedPolicySchemeInstance) Supported() bool
func (*UnsupportedPolicySchemeInstance) WR1DomainEntity ¶
func (ps *UnsupportedPolicySchemeInstance) WR1DomainEntity() HashSchemeInstance
func (*UnsupportedPolicySchemeInstance) WR1PartitionPrefix ¶ added in v0.2.0
func (ps *UnsupportedPolicySchemeInstance) WR1PartitionPrefix() [][]byte
type UnsupportedRevocationSchemeInstance ¶ added in v0.2.1
type UnsupportedRevocationSchemeInstance struct {
SerdesForm *serdes.RevocationOption
}
func (*UnsupportedRevocationSchemeInstance) CanonicalForm ¶ added in v0.2.1
func (rs *UnsupportedRevocationSchemeInstance) CanonicalForm() serdes.RevocationOption
func (*UnsupportedRevocationSchemeInstance) Critical ¶ added in v0.2.1
func (rs *UnsupportedRevocationSchemeInstance) Critical() bool
func (*UnsupportedRevocationSchemeInstance) Id ¶ added in v0.2.1
func (rs *UnsupportedRevocationSchemeInstance) Id() string
func (*UnsupportedRevocationSchemeInstance) IsRevoked ¶ added in v0.2.1
func (rs *UnsupportedRevocationSchemeInstance) IsRevoked(ctx context.Context, s StorageInterface) (bool, wve.WVE)
func (*UnsupportedRevocationSchemeInstance) Supported ¶ added in v0.2.1
func (rs *UnsupportedRevocationSchemeInstance) Supported() bool
type UnsupportedSecretKeyScheme ¶
type UnsupportedSecretKeyScheme struct {
SerdesForm *serdes.EntityKeyringEntry
}
func (*UnsupportedSecretKeyScheme) CanonicalForm ¶
func (k *UnsupportedSecretKeyScheme) CanonicalForm() *serdes.EntityPublicKey
func (*UnsupportedSecretKeyScheme) DecryptMessage ¶
func (*UnsupportedSecretKeyScheme) DecryptMessageAsChild ¶
func (*UnsupportedSecretKeyScheme) Equal ¶
func (k *UnsupportedSecretKeyScheme) Equal(rhs EntitySecretKeySchemeInstance) bool
func (*UnsupportedSecretKeyScheme) GenerateChildSecretKey ¶
func (k *UnsupportedSecretKeyScheme) GenerateChildSecretKey(ctx context.Context, identity interface{}) (EntitySecretKeySchemeInstance, error)
func (*UnsupportedSecretKeyScheme) HasCapability ¶
func (ek *UnsupportedSecretKeyScheme) HasCapability(c Capability) bool
func (*UnsupportedSecretKeyScheme) Public ¶
func (k *UnsupportedSecretKeyScheme) Public() EntityKeySchemeInstance
func (*UnsupportedSecretKeyScheme) SecretCanonicalForm ¶
func (k *UnsupportedSecretKeyScheme) SecretCanonicalForm() *serdes.EntityKeyringEntry
func (*UnsupportedSecretKeyScheme) SignAttestation ¶
func (*UnsupportedSecretKeyScheme) SignCertify ¶
func (*UnsupportedSecretKeyScheme) SignMessage ¶
func (*UnsupportedSecretKeyScheme) Supported ¶
func (ek *UnsupportedSecretKeyScheme) Supported() bool
type VerificationContext ¶ added in v0.2.1
type VerificationContext interface { EntityByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE) AttestationByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Attestation, wve.WVE) }
type WR1BodyEncryptionContext ¶ added in v0.2.1
type WR1BodyEncryptionContext interface { BodyEncryptionContext WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, slots [][]byte, onResult func(k SlottedSecretKey) bool) error WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error WR1EntityFromHash(ctx context.Context, hash HashSchemeInstance, loc LocationSchemeInstance) (*Entity, error) }
type WR1BodyScheme ¶
type WR1BodyScheme struct { }
func (*WR1BodyScheme) DecryptBody ¶
func (w *WR1BodyScheme) DecryptBody(ctx context.Context, dc BodyDecryptionContext, canonicalForm *serdes.WaveAttestation, inextra interface{}) (decodedForm *serdes.AttestationBody, extra interface{}, err error)
func (*WR1BodyScheme) EncryptBody ¶
func (w *WR1BodyScheme) EncryptBody(ctx context.Context, ecp BodyEncryptionContext, attester *EntitySecrets, subject *Entity, intermediateForm *serdes.WaveAttestation, policy PolicySchemeInstance) (encryptedForm *serdes.WaveAttestation, extra interface{}, err error)
func (*WR1BodyScheme) Supported ¶
func (w *WR1BodyScheme) Supported() bool
type WR1DecryptionContext ¶
type WR1DecryptionContext interface { WR1VerifierBodyKey(ctx context.Context) []byte WR1ProverBodyKey(ctx context.Context) []byte //WR1EntityFromHash(ctx context.Context, hash HashSchemeInstance, loc LocationSchemeInstance) (*Entity, error) WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, slots [][]byte, onResult func(k SlottedSecretKey) bool) error WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error WR1AttesterDirectDecryptionKey(ctx context.Context, onResult func(k EntitySecretKeySchemeInstance) bool) error }
wr1
type WR1Extra ¶
type WR1Extra struct { Partition [][]byte VerifierBodyKey []byte ProverBodyKey []byte EnvelopeKey []byte //For NameDecl only Namespace HashSchemeInstance NamespaceLocation LocationSchemeInstance }
type WR1MessageDecryptionContext ¶ added in v0.2.0
type WR1MessageDecryptionContext interface { WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, slots [][]byte, onResult func(k SlottedSecretKey) bool) error WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error }
type WR1NameDeclarationDecryptionContext ¶ added in v0.2.0
type WR1NameDeclarationDecryptionContext interface { EntityByHashLoc(ctx context.Context, h HashSchemeInstance, loc LocationSchemeInstance) (*Entity, wve.WVE) WR1OAQUEKeysForContent(ctx context.Context, dst HashSchemeInstance, slots [][]byte, onResult func(k SlottedSecretKey) bool) error WR1IBEKeysForPartitionLabel(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error WR1DirectDecryptionKey(ctx context.Context, dst HashSchemeInstance, onResult func(k EntitySecretKeySchemeInstance) bool) error }
type WaveState ¶
type WaveState interface { //Set the last checked time for the given revocation option id AddRevocationCheck(ctx context.Context, id string, ts int64) error //Get the last checked time for the given revocation id, if available GetRevocationCheck(ctx context.Context, id string) (*int64, error) //This is idempotent, an entity in any state other than unknown will //be ignored by this function MoveEntityInterestingP(ctx context.Context, ent *Entity, loc LocationSchemeInstance) error //This does not return revoked or expired entities, even though the //function above considers them "interesting" GetInterestingEntitiesP(ctx context.Context) chan InterestingEntityResult IsEntityInterestingP(ctx context.Context, hash HashSchemeInstance) (bool, error) //TODO ensure channel stops if context is cancelled LocationsForEntity(ctx context.Context, ent *Entity) ([]LocationSchemeInstance, error) //This is a key that decrypts the partition label (WR1 uses IBE) GetPartitionLabelKeyP(ctx context.Context, subject HashSchemeInstance, index int) (EntitySecretKeySchemeInstance, error) InsertPartitionLabelKeyP(ctx context.Context, attester HashSchemeInstance, key EntitySecretKeySchemeInstance) (new bool, err error) //Return true from callback to continue iterating WR1KeysForP(ctx context.Context, subject HashSchemeInstance, slots [][]byte, onResult func(k SlottedSecretKey) bool) error //TODO this must be idempotenty, like don't add in a secret if we have a more //powerful one already InsertWR1KeysForP(ctx context.Context, attester HashSchemeInstance, k SlottedSecretKey) error MoveAttestationPendingP(ctx context.Context, at *Attestation, labelKeyIndex int) error //Assume dot already inserted into pending, but update the labelKeyIndex UpdateAttestationPendingP(ctx context.Context, at *Attestation, labelKeyIndex int) error MoveAttestationLabelledP(ctx context.Context, at *Attestation) error MoveAttestationActiveP(ctx context.Context, at *Attestation) error MoveAttestationExpiredP(ctx context.Context, at *Attestation) error MoveAttestationEntRevokedP(ctx context.Context, at *Attestation) error MoveAttestationMalformedP(ctx context.Context, HashSchemeInstance HashSchemeInstance) error GetLabelledAttestationsP(ctx context.Context, subject HashSchemeInstance, partition [][]byte) chan PendingAttestation //If possible, only return pending dots with a secret index less than siLT GetPendingAttestationsP(ctx context.Context, subject HashSchemeInstance, lkiLT int) chan PendingAttestation //Like attestations, but for namedecl MoveNameDeclarationPendingP(ctx context.Context, nd *NameDeclaration, labelKeyIndex int) error //Assume dot already inserted into pending, but update the labelKeyIndex UpdateNameDeclarationPendingP(ctx context.Context, nd *NameDeclaration, labelKeyIndex int) error MoveNameDeclarationLabelledP(ctx context.Context, nd *NameDeclaration) error MoveNameDeclarationActiveP(ctx context.Context, nd *NameDeclaration) error MoveNameDeclarationExpiredP(ctx context.Context, nd *NameDeclaration) error MoveNameDeclarationMalformedP(ctx context.Context, HashSchemeInstance HashSchemeInstance) error GetLabelledNameDeclarationsP(ctx context.Context, namespace HashSchemeInstance, partition [][]byte) chan PendingNameDeclaration //If possible, only return pending dots with a secret index less than siLT GetPendingNameDeclarationP(ctx context.Context, namespace HashSchemeInstance, lkiLT int) chan PendingNameDeclaration MoveNameDeclarationRevokedP(ctx context.Context, nd *NameDeclaration) error //Interact with active namedecls //Results should be sorted with the latest start date appearing first ResolveNameDeclarationsP(ctx context.Context, attester HashSchemeInstance, name string) chan ResolveResult ResolveReverseName(ctx context.Context, hi HashSchemeInstance) (name string, err error) InsertReverseName(ctx context.Context, name string, hi HashSchemeInstance) (err error) GetNameDeclarationP(ctx context.Context, hi HashSchemeInstance) (nd *NameDeclaration, err error) GetEntityPartitionLabelKeyIndexP(ctx context.Context, entHashSchemeInstance HashSchemeInstance) (bool, int, error) GetAttestationP(ctx context.Context, HashSchemeInstance HashSchemeInstance) (at *Attestation, s *State, err error) GetActiveAttestationsFromP(ctx context.Context, attester HashSchemeInstance, filter *LookupFromFilter) chan LookupFromResult GetActiveAttestationsToP(ctx context.Context, subject HashSchemeInstance, filter *LookupFromFilter) chan LookupFromResult GetEntityQueueTokenP(ctx context.Context, loc LocationSchemeInstance, hsh HashSchemeInstance) (okay bool, token string, err error) SetEntityQueueTokenP(ctx context.Context, loc LocationSchemeInstance, hsh HashSchemeInstance, token string) error //Global (non perspective) functions MoveEntityRevokedG(ctx context.Context, ent *Entity) error MoveEntityExpiredG(ctx context.Context, ent *Entity) error MoveAttestationRevokedG(ctx context.Context, at *Attestation) error //This only returns entities we happen to have because they were interesting //to someone, so the caller must handle a nil,nil result and go hit the chain GetEntityByHashSchemeInstanceP(ctx context.Context, hsh HashSchemeInstance) (*Entity, *State, error) GetEntityByHashSchemeInstanceG(ctx context.Context, hsh HashSchemeInstance) (*Entity, error) InsertGlobalEntity(ctx context.Context, e *Entity) error }