drkey

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 21, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

DRKey protocol types.

Variables

View Source
var ErrKeyNotFound = serrors.New("key not found")
View Source
var (
	ZeroBlock [aes.BlockSize]byte
)

Functions

func SerializeHostHostInput

func SerializeHostHostInput(input []byte, host addr.Host) (int, error)

SerializeHostHostInput serializes the input for deriving a HostHost key, as explained in https://docs.scion.org/en/latest/cryptography/drkey.html#level-derivation. This derivation is common for Generic and Specific derivations.

Types

type ASHostKey

type ASHostKey struct {
	ProtoId Protocol
	Epoch   Epoch
	SrcIA   addr.IA
	DstIA   addr.IA
	DstHost string
	Key     Key
}

ASHostKey represents a ASHost key.

type ASHostMeta

type ASHostMeta struct {
	ProtoId  Protocol
	Validity time.Time
	SrcIA    addr.IA
	DstIA    addr.IA
	DstHost  string
}

ASHostMeta represents the associated information for the ASHost key.

type Epoch

type Epoch struct {
	cppki.Validity
}

Epoch represents a validity period.

func NewEpoch

func NewEpoch(begin, end uint32) Epoch

NewEpoch constructs an Epoch from its uint32 encoded begin and end parts.

type HostASKey

type HostASKey struct {
	ProtoId Protocol
	Epoch   Epoch
	SrcIA   addr.IA
	DstIA   addr.IA
	SrcHost string
	Key     Key
}

HostASKey represents a Host-AS key.

type HostASMeta

type HostASMeta struct {
	ProtoId  Protocol
	Validity time.Time
	SrcIA    addr.IA
	DstIA    addr.IA
	SrcHost  string
}

HostASMeta represents the associated information for the HostAS key.

type HostHostKey

type HostHostKey struct {
	ProtoId Protocol
	Epoch   Epoch
	SrcIA   addr.IA
	DstIA   addr.IA
	SrcHost string
	DstHost string
	Key     Key
}

HostHostKey represents a Host-Host DRKey.

type HostHostMeta

type HostHostMeta struct {
	ProtoId  Protocol
	Validity time.Time
	SrcIA    addr.IA
	DstIA    addr.IA
	SrcHost  string
	DstHost  string
}

HostHostMeta represents the associated information for the HostHostMeta key.

type Key

type Key [16]byte

Key represents a raw binary key

func DeriveKey

func DeriveKey(input []byte, upperLevelKey Key) (Key, error)

DeriveKey derives the following key given an input and a higher-level key, as stated in https://docs.scion.org/en/latest/cryptography/drkey.html#prf-derivation-specification The input buffer is overwritten.

func (Key) String

func (k Key) String() string

type KeyType

type KeyType uint8

keyType represents the different types of keys (host->AS, AS->host, host->host).

const (
	AsAs KeyType = iota
	AsHost
	HostAS
	HostHost
)

Key types.

type Level1DB

type Level1DB interface {
	GetLevel1Key(ctx context.Context, meta Level1Meta) (Level1Key, error)
	InsertLevel1Key(ctx context.Context, key Level1Key) error
	DeleteExpiredLevel1Keys(ctx context.Context, cutoff time.Time) (int, error)

	io.Closer
	db.LimitSetter
}

Level1DB is the drkey database interface for level 1.

type Level1Key

type Level1Key struct {
	Epoch        Epoch
	ProtoId      Protocol
	SrcIA, DstIA addr.IA
	Key          Key
}

Level1Key represents a level 1 DRKey.

type Level1Meta

type Level1Meta struct {
	Validity     time.Time
	ProtoId      Protocol
	SrcIA, DstIA addr.IA
}

/ Level1Meta contains metadata to obtain a Level1 key.

type Level2DB

type Level2DB interface {
	GetASHostKey(ctx context.Context, meta ASHostMeta) (ASHostKey, error)
	GetHostASKey(ctx context.Context, meta HostASMeta) (HostASKey, error)
	GetHostHostKey(ctx context.Context, meta HostHostMeta) (HostHostKey, error)
	InsertASHostKey(ctx context.Context, key ASHostKey) error
	InsertHostASKey(ctx context.Context, key HostASKey) error
	InsertHostHostKey(ctx context.Context, key HostHostKey) error
	DeleteExpiredASHostKeys(ctx context.Context, cutoff time.Time) (int, error)
	DeleteExpiredHostASKeys(ctx context.Context, cutoff time.Time) (int, error)
	DeleteExpiredHostHostKeys(ctx context.Context, cutoff time.Time) (int, error)

	io.Closer
	db.LimitSetter
}

Level2DB is the drkey database interface for end-host keys.

type Protocol

type Protocol uint16

Protocol is the 2-byte size protocol identifier

func ProtocolStringToId

func ProtocolStringToId(protocol string) (Protocol, bool)

func (Protocol) IsPredefined

func (p Protocol) IsPredefined() bool

IsPredefined checks whether this is a well-known, built-in protocol identifier, i.e. Generic, SCMP or DNS. Returns false for all other protocol identifiers ("niche protocols").

func (Protocol) String

func (p Protocol) String() string

type SecretValue

type SecretValue struct {
	Epoch   Epoch
	ProtoId Protocol
	Key     Key
}

SecretValue represents a DRKey secret value.

func DeriveSV

func DeriveSV(protoID Protocol, epoch Epoch, asSecret []byte) (SecretValue, error)

DeriveSV constructs a valid SV. asSecret is typically the AS master secret.

type SecretValueDB

type SecretValueDB interface {
	GetValue(ctx context.Context, meta SecretValueMeta, asSecret []byte) (SecretValue, error)
	InsertValue(ctx context.Context, proto Protocol, epoch Epoch) error
	DeleteExpiredValues(ctx context.Context, cutoff time.Time) (int, error)

	io.Closer
	db.LimitSetter
}

SecretValueDB is the database for Secret Values.

type SecretValueMeta

type SecretValueMeta struct {
	Validity time.Time
	ProtoId  Protocol
}

SecretValueMeta represents the information about a DRKey secret value.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL