trc

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 14, 2019 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package trc contains the TRC implementation according to the new control-plane PKI design.

This package will replace the parent package, once the package is stable and all code interacting with the trust material has been adapated.

WARNING: Do not use this package other than for testing.

Index

Constants

View Source 
const (
	// ErrInvalidKeyMeta indicates an invalid key metadata.
	ErrInvalidKeyMeta common.ErrMsg = "invalid key meta"
	// ErrInvalidKeyVersion indicates an invalid key version.
	ErrInvalidKeyVersion common.ErrMsg = "invalid key_version"
)
View Source 
const (
	// ErrMissingProofOfPossession indicates that the proof_of_possession is missing.
	ErrMissingProofOfPossession common.ErrMsg = "missing proof_of_possession"
	// ErrUnexpectedProofOfPossession indicates an unexpected proof_of_possession.
	ErrUnexpectedProofOfPossession common.ErrMsg = "unexpected proof_of_possession"
)
View Source 
const (
	// ErrInvalidKeyType indicates an inexistent key type.
	ErrInvalidKeyType common.ErrMsg = "invalid key type"
	// ErrInvalidAttribute indicates an inexistent attribute.
	ErrInvalidAttribute common.ErrMsg = "invalid attribute"
	// ErrInvalidAttributesSize indicates invalid number of attributes in the attributes list.
	ErrInvalidAttributesSize common.ErrMsg = "invalid attributes size"
	// ErrDuplicateAttributes indicates attribute duplication in the attributes list.
	ErrDuplicateAttributes common.ErrMsg = "duplicate attributes"
)

Parsing errors with context.

View Source 
const (
	// ErrAuthoritativeButNotCore indicates a primary AS that is authoritative but not core.
	ErrAuthoritativeButNotCore common.ErrMsg = "authoritative but not core"
	// ErrUnexpectedKey indicates that a primary AS has an excess key. Voting ASes must
	// have an online and offline key. Non-Voting ASes must not have an offline
	// key. Issuer ASes must have an online key. Core-only ASes must not have
	// any key.
	ErrUnexpectedKey common.ErrMsg = "unexpected key"
	// ErrMissingKey indicates that the primary AS is missing a key.
	ErrMissingKey common.ErrMsg = "missing key"
	// ErrInvalidPrimaryAS indicates an invalid primary AS entry.
	ErrInvalidPrimaryAS common.ErrMsg = "invalid primary as entry"
)

Invariant errors

View Source 
const (
	IssuingKeyJSON = "issuing"
	OnlineKeyJSON  = "online"
	OfflineKeyJSON = "offline"
)
View Source 
const (
	// ErrInvalidCrit indicates that the value for the crit key is invalid.
	ErrInvalidCrit common.ErrMsg = "invalid crit"
	// ErrInvalidSignatureType indicates an invalid signature type.
	ErrInvalidSignatureType common.ErrMsg = "invalid signature type"
)
View Source 
const (
	// ErrInvariantViolation indicates a TRC invariant violation.
	ErrInvariantViolation common.ErrMsg = "TRC invariant violation"
	// ErrInvalidValidityPeriod indicates an invalid validity period.
	ErrInvalidValidityPeriod common.ErrMsg = "invalid validity period"
	// ErrVotingQuorumTooLarge indicates that the number of voting ASes is smaller
	// than the voting quorum.
	ErrVotingQuorumTooLarge common.ErrMsg = "voting quorum too large"
)

Invariant errors with context

View Source 
const (
	// ErrImmutableBaseVersion indicates an invalid update to the base_version.
	ErrImmutableBaseVersion common.ErrMsg = "base_version is immutable"
	// ErrImmutableISD indicates an invalid update to the ISD identifier.
	ErrImmutableISD common.ErrMsg = "isd is immutable"
	// ErrImmutableTrustResetAllowed indicates an invalid update to trust_reset_allowed.
	ErrImmutableTrustResetAllowed common.ErrMsg = "trust_reset_allowed is immutable"
	// ErrInvalidVersionIncrement indicates an invalid version increment.
	ErrInvalidVersionIncrement common.ErrMsg = "TRC version must be incremented by one"
	// ErrMissingVote indicates an AS has not cast vote during a regular update
	// that changes its online key.
	ErrMissingVote common.ErrMsg = "missing vote"
	// ErrNotInsidePreviousValidityPeriod indicates the validity periods do not overlap.
	ErrNotInsidePreviousValidityPeriod common.ErrMsg = "not inside previous validity period"
	// ErrQuorumUnmet indicates that not enough votes have been cast.
	ErrQuorumUnmet common.ErrMsg = "voting_quorum unmet"
	// ErrWrongVotingKeyType indicates the vote is cast with the wrong key type.
	ErrWrongVotingKeyType common.ErrMsg = "vote with wrong key type"
	// ErrWrongVotingKeyVersion indicates the vote is cast with the wrong key version
	ErrWrongVotingKeyVersion common.ErrMsg = "vote with wrong key version"
)

Update validation errors with context.

View Source 
const (
	// ErrInvalidVote indicates an invalid vote.
	ErrInvalidVote common.ErrMsg = "invalid vote"
	// ErrSanityCheck indicates a sanity check error.
	ErrSanityCheck common.ErrMsg = "sanity check error"
)

Update validation error wrappers.

View Source 
const (
	// ErrDecodeProtectedFailed indicates the signatrue metadata fails to decode.
	ErrDecodeProtectedFailed common.ErrMsg = "unable to decode protected signature metadata"
	// ErrUnexpectedVoteSignature indicates an unexpected voting signature.
	ErrUnexpectedVoteSignature common.ErrMsg = "unexpected vote signature"
	// ErrUnexpectedPOPSignature indicates an unexpected proof of possession signature.
	ErrUnexpectedPOPSignature common.ErrMsg = "unexpected proof of possession signature"
	// ErrInvalidProtected indicates that the protected signature metadata is invalid.
	ErrInvalidProtected common.ErrMsg = "invalid protected signature metadata"
	// ErrMissingVoteSignature indicates a voting signature of an AS is missing.
	ErrMissingVoteSignature common.ErrMsg = "missing vote signature"
	// ErrMissingPOPSignature indicates a missing proof of possession signature.
	ErrMissingPOPSignature common.ErrMsg = "missing proof of possession signature"
	// ErrVoteVerification indicates the signature verification of a vote failed.
	ErrVoteVerification common.ErrMsg = "vote signature verification error"
	// ErrPOPVerification indicates the signature verification of a proof of possession failed.
	ErrPOPVerification common.ErrMsg = "proof of possession signature verification error"
	// ErrDuplicateVoteSignature indicates a duplicate voting signature for the same AS.
	ErrDuplicateVoteSignature common.ErrMsg = "duplicate vote signature"
	// ErrDuplicatePOPSignature indicates a duplicate proof of possession signature
	// for the same AS and key type.
	ErrDuplicatePOPSignature common.ErrMsg = "duplicate proof of possession signature"
)
View Source 
const ErrUnsupportedFormat common.ErrMsg = "unsupported TRC format"

ErrUnsupportedFormat indicates an invalid TRC format.

Variables

View Source 
var (
	// ErrAttributesNotSet indicates the attributes in a primary AS are not set.
	ErrAttributesNotSet = errors.New("attributes not set")
	// ErrKeysNotSet indicates the keys in a primary AS are not set.
	ErrKeysNotSet = errors.New("keys not set")
)

Parsing errors

View Source 
var (
	// ErrAlgorithmNotSet indicates the key algorithm is not set.
	ErrAlgorithmNotSet = errors.New("algorithm not set")
	// ErrASNotSet indicates the as is not set.
	ErrASNotSet = errors.New("as not set")
	// ErrCritNotSet indicates that crit is not set.
	ErrCritNotSet = errors.New("crit not set")
	// ErrNotUTF8 indicates an invalid encoding.
	ErrNotUTF8 = errors.New("not utf-8 encoded")
	// ErrSignatureTypeNotSet indicates the signature type is not set.
	ErrSignatureTypeNotSet = errors.New("signature type not set")
)
View Source 
var (
	// ErrBaseWithNonZeroGracePeriod indicates a base TRC with a non-zero grace period.
	ErrBaseWithNonZeroGracePeriod = errors.New("trust reset with non-zero grace period")
	// ErrBaseWithVotes indicates a base TRC with votes. This violates the TRC invariant.
	ErrBaseWithVotes = errors.New("base TRC with votes")
	// ErrNoIssuingAS indicates that the TRC has no issuing AS.
	ErrNoIssuingAS = errors.New("missing issuing AS")
	// ErrUpdateWithZeroGracePeriod indicates a TRC update with a zero grace
	// period. A grace period of zero is only allowed in trust resets, that are
	// not covered by TRC updates.
	ErrUpdateWithZeroGracePeriod = errors.New("update with zero grace period")
	// ErrZeroVotingQuorum indicates that the voting quorum is zero.
	ErrZeroVotingQuorum = errors.New("voting quorum of zero")
)

Invariant errors

View Source 
var (
	// ErrISDNotSet indicates isd is not set.
	ErrISDNotSet = errors.New("isd not set")
	// ErrVersionNotSet indicates version is not set.
	ErrVersionNotSet = errors.New("version not set")
	// ErrBaseVersionNotSet indicates base_version is not set.
	ErrBaseVersionNotSet = errors.New("base_version not set")
	// ErrDescriptionNotSet indicates description is not set.
	ErrDescriptionNotSet = errors.New("description not set")
	// ErrVotingQuorumNotSet indicates voting_quorum is not set.
	ErrVotingQuorumNotSet = errors.New("voting_quorum not set")
	// ErrFormatVersionNotSet indicates format_version is not set.
	ErrFormatVersionNotSet = errors.New("format_version not set")
	// ErrGracePeriodNotSet indicates grace_period is not set.
	ErrGracePeriodNotSet = errors.New("grace_period not set")
	// ErrTrustResetAllowedNotSet indicates trust_reset_allowed is not set.
	ErrTrustResetAllowedNotSet = errors.New("trust_reset_allowed not set")
	// ErrValidityNotSet indicates validity is not set.
	ErrValidityNotSet = errors.New("validity not set")
	// ErrPrimaryASesNotSet indicates primary_ases is not set.
	ErrPrimaryASesNotSet = errors.New("primary_ases not set")
	// ErrVotesNotSet indicates votes is not set.
	ErrVotesNotSet = errors.New("votes not set")
	// ErrProofOfPossessionNotSet indicates proof_of_possession is not set.
	ErrProofOfPossessionNotSet = errors.New("proof_of_possession not set")

	// ErrKeyTypeNotSet indicates key_type is not set.
	ErrKeyTypeNotSet = errors.New("key_type not set")
	// ErrKeyVersionNotSet indicates key_version is not set.
	ErrKeyVersionNotSet = errors.New("key_version not set")
)

Parse errors

View Source 
var (
	// ErrBaseNotUpdate indicates that the new TRC is a base TRC.
	ErrBaseNotUpdate = errors.New("base TRC, not update")
	// ErrNoVotingRight indicates the vote is cast by an AS without voting rights.
	ErrNoVotingRight = errors.New("AS has no voting rights")
	// ErrUnexpectedVote indicates that a TRC has an unexpected vote attached.
	ErrUnexpectedVote = errors.New("unexpected vote")
)

Update validation errors.

Functions

func EncodeSigned 

func EncodeSigned(signed Signed) ([]byte, error)

EncodeSigned encodes the signed TRC to raw bytes.

func SigInput 

func SigInput(protected EncodedProtected, trc Encoded) common.RawBytes

SigInput computes the signature input according to rfc7517 (see: https://tools.ietf.org/html/rfc7515#section-5.1)

func ValidateKeyUpdate 

func ValidateKeyUpdate(prev, next scrypto.KeyMeta) (bool, error)

ValidateKeyUpdate validates that the prev and next key meta are consistent. If the algorithm and key are not modified by the update, the version must not change. If they are modified, the version must be increased by one. The return value indicates, whether the update is a modification.

Types

type ASToKeyMeta 

type ASToKeyMeta map[addr.AS]scrypto.KeyMeta

ASToKeyMeta maps an AS to its key metadata for a single key type.

type Attribute 

type Attribute string

Attribute indicates the capability of a primary AS. 

const (
	// Authoritative indicates an authoritative AS.
	Authoritative Attribute = "authoritative"
	// Core indicates a core AS.
	Core Attribute = "core"
	// Issuing indicates an issuing AS.
	Issuing Attribute = "issuing"
	// Voting indicates a voting AS. A voting AS must also be a core AS.
	Voting Attribute = "voting"
)

func (*Attribute) UnmarshalText 

func (t *Attribute) UnmarshalText(b []byte) error

UnmarshalText checks that the attribute is valid. It can either be "authoritative", "core", "issuing", or "voting".

type AttributeChange 

type AttributeChange int

AttributeChange indicates the type of attribute change in a TRC update. 

const (
	// AttributeAdded indicates an attribute is added.
	AttributeAdded AttributeChange = iota
	// AttributeRemoved indicates an attribute is removed.
	AttributeRemoved
)

type AttributeChanges 

type AttributeChanges map[addr.AS]map[Attribute]AttributeChange

AttributeChanges contains all attribute changes for a TRC update.

func (AttributeChanges) Sensitive 

func (c AttributeChanges) Sensitive() bool

Sensitive indicates whether the attribute changes are sensitive.

type Attributes 

type Attributes []Attribute

Attributes holds all attributes of a primary AS.

func (Attributes) Contains 

func (t Attributes) Contains(attr Attribute) bool

Contains indicates whether the attribute is contained.

func (Attributes) MarshalJSON 

func (t Attributes) MarshalJSON() ([]byte, error)

MarshalJSON validates the attributes list during marshaling. It has to be a value receiver.

func (*Attributes) UnmarshalJSON 

func (t *Attributes) UnmarshalJSON(b []byte) error

UnmarshalJSON validates the attributes list during parsing.

func (*Attributes) Validate 

func (t *Attributes) Validate() error

Validate checks that the attributes list is valid.

type Crit 

type Crit struct{}

Crit is the "crit" section (see: https://tools.ietf.org/html/rfc7515#section-4.1.11).

func (Crit) MarshalJSON 

func (Crit) MarshalJSON() ([]byte, error)

MarshalJSON returns a json array with the expected crit elements.

func (Crit) UnmarshalJSON 

func (c Crit) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all expected elements and no other are in the array.

type DecodedSignature 

type DecodedSignature struct {
	EncodedProtected EncodedProtected
	Protected        Protected
	Signature        []byte
}

DecodedSignature holds the signature with the decoded protected meta data.

type Encoded 

type Encoded []byte

Encoded is the the base64url encoded marshaled TRC.

func Encode 

func Encode(trc *TRC) (Encoded, error)

Encode encodes and returns the packed TRC.

func (Encoded) Decode 

func (p Encoded) Decode() (*TRC, error)

Decode returns the decoded Decode.

type EncodedProtected 

type EncodedProtected []byte

EncodedProtected is the base64url encoded utf-8 metadata.

func EncodeProtected 

func EncodeProtected(p Protected) (EncodedProtected, error)

EncodeProtected encodes the protected header.

func (EncodedProtected) Decode 

func (h EncodedProtected) Decode() (Protected, error)

Decode decodes and return the protected header.

type FormatVersion 

type FormatVersion uint8

FormatVersion indicates the TRC format version. Currently, only format version 1 is supported.

func (*FormatVersion) UnmarshalJSON 

func (v *FormatVersion) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that the FormatVersion is supported.

type KeyChanges 

type KeyChanges struct {
	Modified map[KeyType]ASToKeyMeta
	Fresh    map[KeyType]ASToKeyMeta
}

KeyChanges contains all new keys in a TRC update.

func (*KeyChanges) Sensitive 

func (c *KeyChanges) Sensitive() bool

Sensitive indicates whether the key changes are sensitive (i.e. any offline key changes).

type KeyType 

type KeyType int

KeyType indicates the type of the key authenticated by the TRC.

Because KeyType is used as a map key, it cannot be a string type. (see: https://github.com/golang/go/issues/33298) 

const (

	// IssuingKey is the issuing key type.
	IssuingKey KeyType
	// OnlineKey is the online key type.
	OnlineKey
	// OfflineKey is the offline key type.
	OfflineKey
)

func (KeyType) MarshalText 

func (t KeyType) MarshalText() ([]byte, error)

MarshalText is implemented to allow KeyType to be used as JSON map key. This must be a value receiver in order for KeyType fields in a struct to marshal correctly.

func (KeyType) String 

func (t KeyType) String() string

func (*KeyType) UnmarshalText 

func (t *KeyType) UnmarshalText(b []byte) error

UnmarshalText allows KeyType to be used as a map key and do validation when parsing.

type POPVerifier 

type POPVerifier struct {
	// TRC holds the TRC to be verified.
	TRC *TRC
	// NextEncoded is the encoded next TRC used for signature input.
	Encoded Encoded
	// Signatures contains all signatures attached to the new TRC.
	Signatures []Signature
}

POPVerifier verifies the proof of possession signature on a TRC. The caller must make sure the TRC is validate, POPVerifier simply checks that the signatures are verifiable.

func (POPVerifier) Verify 

func (v POPVerifier) Verify() error

Verify checks that all proof of possession signatures mentioned in the TRC are present and verifiable, and that no others are attached.

type POPs 

type POPs map[addr.AS]map[KeyType]DecodedSignature

POPs maps ASes to their decoded proof of possession.

type Period 

type Period struct {
	time.Duration
}

Period indicates a time duration.

func (Period) MarshalJSON 

func (t Period) MarshalJSON() ([]byte, error)

MarshalJSON packs the duration as seconds expressed in a uint32.

func (*Period) UnmarshalJSON 

func (t *Period) UnmarshalJSON(b []byte) error

UnmarshalJSON parses seconds expressed as a uint32.

type PrimaryAS 

type PrimaryAS struct {
	Attributes Attributes                  `json:"attributes"`
	Keys       map[KeyType]scrypto.KeyMeta `json:"keys"`
}

PrimaryAS holds the attributes and keys of a primary AS.

func (*PrimaryAS) Is 

func (p *PrimaryAS) Is(attr Attribute) bool

Is returns true if the primary AS holds this property.

func (*PrimaryAS) UnmarshalJSON 

func (p *PrimaryAS) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all fields are set.

func (*PrimaryAS) ValidateInvariant 

func (p *PrimaryAS) ValidateInvariant() error

ValidateInvariant ensures that the TRC invariant holds for the primary AS.

type PrimaryASes 

type PrimaryASes map[addr.AS]PrimaryAS

PrimaryASes holds all primary ASes and maps them to their attributes and keys.

func (*PrimaryASes) Count 

func (p *PrimaryASes) Count(attribute Attribute) int

Count counts all primary ASes with the given attribute.

func (*PrimaryASes) ValidateInvariant 

func (p *PrimaryASes) ValidateInvariant() error

ValidateInvariant ensures that the TRC invariant holds for the primary ASes.

func (*PrimaryASes) WithAttribute 

func (p *PrimaryASes) WithAttribute(attribute Attribute) PrimaryASes

WithAttribute returns all primary ASes with the given attribute.

type Protected 

type Protected struct {
	Algorithm  string             `json:"alg"`
	Type       SignatureType      `json:"type"`
	KeyType    KeyType            `json:"key_type"`
	KeyVersion scrypto.KeyVersion `json:"key_version"`
	AS         addr.AS            `json:"as"`
	Crit       Crit               `json:"crit"`
}

Protected is the signature metadata.

func (*Protected) UnmarshalJSON 

func (p *Protected) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all fields are set.

type Signature 

type Signature struct {
	EncodedProtected EncodedProtected `json:"protected"`
	Signature        []byte           `json:"signature"`
}

Signature contains the signature and packed metadata for one single key.

type SignatureType 

type SignatureType string

SignatureType indicates the purpose of a signature. 

const (
	// POPSignature indicates the purpose of the signature is to proof possession.
	POPSignature SignatureType = "proof_of_possession"
	// VoteSignature indicates the purpose of the signature is to cast a vote.
	VoteSignature SignatureType = "vote"
)

func (*SignatureType) UnmarshalText 

func (t *SignatureType) UnmarshalText(b []byte) error

UnmarshalText checks that signature type is supported.

type Signed 

type Signed struct {
	EncodedTRC Encoded     `json:"payload"`
	Signatures []Signature `json:"signatures"`
}

Signed contains the packed TRC payload and the attached signatures.

func ParseSigned 

func ParseSigned(raw []byte) (Signed, error)

ParseSigned parses the raw signed TRC.

type TRC 

type TRC struct {
	// ISD is the integer identifier from 1 to 4095.
	ISD addr.ISD `json:"isd"`
	// Version is the version number of the TRC.
	// The value scrypto.LatestVer is reserved and shall not be used.
	Version scrypto.Version `json:"trc_version"`
	// BaseVersion indicates the initial TRC version for this TRC chain.
	// If BaseVersion equals TRCVersion this TRC is a base TRC.
	BaseVersion scrypto.Version `json:"base_version"`
	// Description is an human-readable description of the ISD.
	Description string `json:"description"`
	// VotingQuorum is the number of signatures the next TRC needs from voting
	// ASes in this TRC for an update to be valid. This is a pointer to check
	// the field is set during parsing.
	VotingQuorumPtr *uint8 `json:"voting_quorum"`
	// FormatVersion is the TRC format version.
	FormatVersion FormatVersion `json:"format_version"`
	// GracePeriod indicates how long the previous unexpired version of the TRC
	// should still be considered active, i.e., TRCvi is still active until the
	// following time has passed (or TRCvi+2 has been announced):
	//  TRC(i+1).Validity.NotBefore + TRC(i+1).GracePeriod
	GracePeriod *Period `json:"grace_period"`
	// TrustResetAllowed indicates whether a trust reset is allowed for this ISD.
	TrustResetAllowedPtr *bool `json:"trust_reset_allowed"`
	// Validity indicates the validity period of the TRC.
	Validity *scrypto.Validity `json:"validity"`
	// PrimaryASes contains all primary ASes in the ISD.
	PrimaryASes PrimaryASes `json:"primary_ases"`
	// Votes maps voting ASes to their cast vote.
	Votes map[addr.AS]Vote `json:"votes"`
	// ProofOfPossession maps ASes to their key types they need to show proof of possession.
	ProofOfPossession map[addr.AS][]KeyType `json:"proof_of_possession"`
}

TRC is the trust root configuration for an ISD.

func (*TRC) Base 

func (t *TRC) Base() bool

Base returns true if this TRC is a base TRC.

func (*TRC) TrustResetAllowed 

func (t *TRC) TrustResetAllowed() bool

TrustResetAllowed returns whether trust resets are allowed according to the TRC. It provides a convenience wrapper around TrustResetAllowedPtr.

func (*TRC) UnmarshalJSON 

func (t *TRC) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all fields are set.

func (*TRC) ValidateInvariant 

func (t *TRC) ValidateInvariant() error

ValidateInvariant ensures that the TRC invariant holds.

func (*TRC) VotingQuorum 

func (t *TRC) VotingQuorum() int

VotingQuorum returns the voting quorum. It provides a convenience wrapper around VotingQuorumPtr.

type UpdateInfo 

type UpdateInfo struct {
	// Type indicates the TRC update type.
	Type UpdateType
	// KeyChanges contains all modified keys that have to show proof of possession.
	KeyChanges *KeyChanges
	// AttributeChanges contains all attribute changes.
	AttributeChanges AttributeChanges
}

UpdateInfo contains details about the TRC update.

type UpdateType 

type UpdateType string

UpdateType indicates the type of TRC update. 

const (
	// RegularUpdate is a TRC update where the VotingQuorum parameter is not
	// changed, and in the PrimaryASes section, only the issuing and online keys
	// can change. No other parts of the PrimaryASes section may change.
	RegularUpdate UpdateType = "regular"
	// SensitiveUpdate is a TRC update that does not qualify as regular.
	SensitiveUpdate UpdateType = "sensitive"
)

type UpdateValidator 

type UpdateValidator struct {
	// Prev is the previous TRC. It's version must be Next.Version - 1.
	Prev *TRC
	// Next is the updated TRC.
	Next *TRC
}

UpdateValidator is used to validate TRC updates.

func (*UpdateValidator) UpdateInfo 

func (v *UpdateValidator) UpdateInfo() (UpdateInfo, error)

UpdateInfo returns information about the TRC update.

func (*UpdateValidator) Validate 

func (v *UpdateValidator) Validate() (UpdateInfo, error)

Validate validates a TRC update. In case it is valid, the key changes and attribute changes are returned.

type UpdateVerifier 

type UpdateVerifier struct {
	// Prev is the previous TRC. Its version must be Next.Version - 1.
	Prev *TRC
	// Next is the updated TRC.
	Next *TRC
	// NextEncoded is the encoded next TRC used for signature input.
	NextEncoded Encoded
	// Signatures contains all signatures attached to the new TRC.
	Signatures []Signature
}

UpdateVerifier verifies a signed TRC update. The caller must first use the UpdateValidator to check the update validity. UpdateVerifier simply checks that the signatures are verifiable (including the proof of possession).

func (UpdateVerifier) Verify 

func (v UpdateVerifier) Verify() error

Verify checks that all signatures mentioned in the next TRC are present and verifiable, and that no others are attached.

type Vote 

type Vote struct {
	// KeyType is the type of key that is used to issue the signature.
	KeyType KeyType `json:"key_type"`
	// KeyVersion is the key version of the key that is used to issue the signautre.
	KeyVersion scrypto.KeyVersion `json:"key_version"`
}

Vote identifies the expected vote.

func (*Vote) UnmarshalJSON 

func (v *Vote) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all fields are set.

type Votes 

type Votes map[addr.AS]DecodedSignature

Votes maps ASes to their decoded vote.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.