Documentation
¶
Overview ¶
Package segverifier implements primitives for verifying path segments.
A Unit contains a path segment, and all the revocations that reference IFIDs in that path segment.
When a unit is verified, it spawns one goroutine for the path segment's verification, and one goroutine for the verification of each revocation. It then collects the results from all workers (forcefully terminating them if the unit's context is Done). A UnitResult object is returned, containing a reference to the Unit itself and a map of errors. The map only contains non-nil errors as values, and the keys are represented by the following:
- If the path segment verification failed, its error is contained at key -1
- If a revocation verification failed, its error is contained at key x, where x is the position of the revocation in the slice of SignedRevInfos passed to BuildVerificationUnits.
Index ¶
- func StartVerification(ctx context.Context, store infra.TrustStore, server net.Addr, ...) (chan UnitResult, int)
- func Verify(ctx context.Context, store infra.TrustStore, server net.Addr, ...)
- func VerifyRevInfo(ctx context.Context, store infra.TrustStore, server net.Addr, ...) error
- func VerifySegment(ctx context.Context, store infra.TrustStore, server net.Addr, ...) error
- type ElemResult
- type RevVerificationFailed
- type RevVerified
- type SegVerificationFailed
- type SegVerified
- type Unit
- type UnitResult
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func StartVerification ¶ added in v0.2.0
func StartVerification(ctx context.Context, store infra.TrustStore, server net.Addr, segMetas []*seg.Meta, sRevInfos []*path_mgmt.SignedRevInfo) (chan UnitResult, int)
StartVerification builds the units for the given segMetas and sRevInfos and spawns verify method on the units. StartVerification returns a channel for the UnitResult and the expected amount of results.
func Verify ¶ added in v0.2.0
func Verify(ctx context.Context, store infra.TrustStore, server net.Addr, segMetas []*seg.Meta, sRevInfos []*path_mgmt.SignedRevInfo, verifiedSeg SegVerified, verifiedRev RevVerified, segError SegVerificationFailed, revError RevVerificationFailed)
Verify starts the verification for the given segMeta and sRevInfos. The verifiedSeg and verifiedRev callbacks are called for verified segs/revs. The segError/revError callbacks are called for verification errors.
func VerifyRevInfo ¶
func VerifyRevInfo(ctx context.Context, store infra.TrustStore, server net.Addr, signedRevInfo *path_mgmt.SignedRevInfo) error
Types ¶
type ElemResult ¶
type RevVerificationFailed ¶ added in v0.2.0
type RevVerificationFailed func(*path_mgmt.SignedRevInfo, error)
RevVerificationFailed is the callback for a failed revocation verification. The function must return immediately.
type RevVerified ¶ added in v0.2.0
type RevVerified func(context.Context, *path_mgmt.SignedRevInfo)
RevVerified is the callback for a successful revocation verification. The function must adhere to the given context.
type SegVerificationFailed ¶ added in v0.2.0
SegVerificationFailed is the callback for a failed segment verification. The function must return immediately.
type SegVerified ¶ added in v0.2.0
SegVerified is the callback for a successful segment verification. The function must adhere to the given context.
type Unit ¶
type Unit struct {
SegMeta *seg.Meta
SRevInfos []*path_mgmt.SignedRevInfo
}
Unit contains multiple verification items.
func BuildUnits ¶
func BuildUnits(segMetas []*seg.Meta, sRevInfos []*path_mgmt.SignedRevInfo) []*Unit
BuildUnits constructs one verification unit for each segment, together with its associated revocations.
func (*Unit) Verify ¶
func (u *Unit) Verify(ctx context.Context, store infra.TrustStore, server net.Addr, unitResults chan UnitResult)
Verify verifies a single unit, putting the results of verifications on unitResults.
type UnitResult ¶
func (*UnitResult) SegError ¶ added in v0.2.0
func (r *UnitResult) SegError() error
SegError returns the verification error of the segment or nil if there was none.
Source Files