Documentation
¶
Index ¶
- type ClientCertificateVerifier
- type Engine
- type Fetcher
- type Server
- func (d *Server) DRKeyASHost(ctx context.Context, req *cppb.DRKeyASHostRequest) (*cppb.DRKeyASHostResponse, error)
- func (d *Server) DRKeyHostAS(ctx context.Context, req *cppb.DRKeyHostASRequest) (*cppb.DRKeyHostASResponse, error)
- func (d *Server) DRKeyHostHost(ctx context.Context, req *cppb.DRKeyHostHostRequest) (*cppb.DRKeyHostHostResponse, error)
- func (d *Server) DRKeyIntraLevel1(ctx context.Context, req *cppb.DRKeyIntraLevel1Request) (*cppb.DRKeyIntraLevel1Response, error)
- func (d *Server) DRKeyLevel1(ctx context.Context, req *cppb.DRKeyLevel1Request) (*cppb.DRKeyLevel1Response, error)
- func (d *Server) DRKeySecretValue(ctx context.Context, req *cppb.DRKeySecretValueRequest) (*cppb.DRKeySecretValueResponse, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ClientCertificateVerifier ¶
type ClientCertificateVerifier interface {
VerifyParsedClientCertificate(chain []*x509.Certificate) (addr.IA, error)
}
type Engine ¶
type Engine interface {
// Storing SVs in the server allows for the server to still have access to
// handed out secrets even after rebooting. It is not critical to the server
// to derive secret values fast, so the lookup operation is acceptable.
GetSecretValue(ctx context.Context, meta drkey.SecretValueMeta) (drkey.SecretValue, error)
GetLevel1Key(ctx context.Context, meta drkey.Level1Meta) (drkey.Level1Key, error)
DeriveLevel1(meta drkey.Level1Meta) (drkey.Level1Key, error)
DeriveASHost(ctx context.Context, meta drkey.ASHostMeta) (drkey.ASHostKey, error)
DeriveHostAS(ctx context.Context, meta drkey.HostASMeta) (drkey.HostASKey, error)
DeriveHostHost(ctx context.Context, meta drkey.HostHostMeta) (drkey.HostHostKey, error)
}
type Fetcher ¶
type Fetcher struct {
Dialer sc_grpc.Dialer
Router snet.Router
MaxRetries int
// contains filtered or unexported fields
}
Fetcher obtains Level1 DRKey from a remote CS.
type Server ¶
type Server struct {
LocalIA addr.IA
ClientCertificateVerifier ClientCertificateVerifier
Engine Engine
// AllowedSVHostProto is a set of (Host,Protocol) pairs that represents the allowed
// protocols hosts can obtain secrets values.
AllowedSVHostProto map[config.HostProto]struct{}
}
Server keeps track of the drkeys.
func (*Server) DRKeyASHost ¶
func (d *Server) DRKeyASHost( ctx context.Context, req *cppb.DRKeyASHostRequest, ) (*cppb.DRKeyASHostResponse, error)
DRKeyASHost handles a AS-Host request from a local host and returns a response.
func (*Server) DRKeyHostAS ¶
func (d *Server) DRKeyHostAS( ctx context.Context, req *cppb.DRKeyHostASRequest, ) (*cppb.DRKeyHostASResponse, error)
DRKeyHostAS handles a Host-AS request from a local host and returns a response.
func (*Server) DRKeyHostHost ¶
func (d *Server) DRKeyHostHost( ctx context.Context, req *cppb.DRKeyHostHostRequest, ) (*cppb.DRKeyHostHostResponse, error)
DRKeyHostHost handles a Host-Host request from a local host and returns a response.
func (*Server) DRKeyIntraLevel1 ¶
func (d *Server) DRKeyIntraLevel1( ctx context.Context, req *cppb.DRKeyIntraLevel1Request, ) (*cppb.DRKeyIntraLevel1Response, error)
DRKeyIntraLevel1 handles a level 1 request from a local host and returns a response.
func (*Server) DRKeyLevel1 ¶
func (d *Server) DRKeyLevel1( ctx context.Context, req *cppb.DRKeyLevel1Request, ) (*cppb.DRKeyLevel1Response, error)
DRKeyLevel1 handles a level 1 request and returns a response.
func (*Server) DRKeySecretValue ¶
func (d *Server) DRKeySecretValue( ctx context.Context, req *cppb.DRKeySecretValueRequest, ) (*cppb.DRKeySecretValueResponse, error)
DRKeySecretValue handles a SecretValue request and returns a response.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.