renewal

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2020 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// SigningKey is the signing key type.
	SigningKey = KeyType(cert.SigningKeyJSON)
	// RevocationKey is the revocation key type.
	RevocationKey = KeyType(cert.RevocationKeyJSON)
)

KeyType values

Variables

View Source 
var (
	// ErrMissingProtectedField indicates a missing protected field.
	ErrMissingProtectedField = serrors.New("missing protected field")
	// ErrNotUTF8 indicates an invalid encoding.
	ErrNotUTF8 = serrors.New("not utf-8 encoded")
)
View Source 
var ErrInvalidKeyType = serrors.New("invalid key type")

ErrInvalidKeyType indicates an inexistent key type.

Functions

This section is empty.

Types

type CritRequest 

type CritRequest struct{}

CritRequest is the "crit" section for the renewal request (see: https://tools.ietf.org/html/rfc7515#section-4.1.11).

func (CritRequest) MarshalJSON 

func (CritRequest) MarshalJSON() ([]byte, error)

MarshalJSON returns a json array with the expected crit elements.

func (CritRequest) UnmarshalJSON 

func (CritRequest) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all expected elements and no other are in the array.

type EncodedProtected 

type EncodedProtected string

EncodedProtected is the base64url encoded utf-8 metadata.

func EncodeProtected 

func EncodeProtected(p Protected) (EncodedProtected, error)

EncodeProtected encodes the protected header.

func (EncodedProtected) Decode 

func (e EncodedProtected) Decode() (Protected, error)

Decode decodes and returns the protected header.

type EncodedRequest 

type EncodedRequest string

EncodedRequest is the base64Url encoded marshaled renewal request.

func EncodeRequest 

func EncodeRequest(r *Request) (EncodedRequest, error)

EncodeRequest encodes the renewal request.

func (EncodedRequest) Decode 

func (e EncodedRequest) Decode() (Request, error)

Decode decodes and returns the request.

type EncodedRequestInfo 

type EncodedRequestInfo string

EncodedRequestInfo is the base64url encoded marshaled request info.

func EncodeRequestInfo 

func EncodeRequestInfo(r *RequestInfo) (EncodedRequestInfo, error)

EncodeRequestInfo encodes the base request.

func (EncodedRequestInfo) Decode 

func (e EncodedRequestInfo) Decode() (RequestInfo, error)

Decode decodes and returns the request info.

type KeyMeta 

type KeyMeta struct {
	// Key is the public key.
	Key []byte `json:"key"`
}

KeyMeta is the meta information about a key.

type KeyType 

type KeyType string

KeyType is the type of the key used in renewal. Can either be `signing` or `revocation`.

func (KeyType) MarshalText 

func (t KeyType) MarshalText() ([]byte, error)

MarshalText validates the KeyType before

func (*KeyType) UnmarshalText 

func (t *KeyType) UnmarshalText(b []byte) error

UnmarshalText allows to do validation on KeyType when parsing

func (KeyType) Validate 

func (t KeyType) Validate() error

Validate validates that the KeyType has a valid value.

type Keys 

type Keys struct {
	Signing    KeyMeta `json:"signing"`
	Revocation KeyMeta `json:"revocation"`
}

Keys contains the public keys.

type POP 

type POP struct {
	Protected EncodedProtected    `json:"protected"`
	Signature scrypto.JWSignature `json:"signature"`
}

POP is a proof of possession.

func (POP) SigInput 

func (p POP) SigInput(info EncodedRequestInfo) []byte

SigInput computes the signature input according to rfc7517 (see: https://tools.ietf.org/html/rfc7515#section-5.1)

type Protected 

type Protected struct {
	Algorithm  string             `json:"alg"`
	KeyType    KeyType            `json:"key_type"`
	KeyVersion scrypto.KeyVersion `json:"key_version"`
	Crit       CritRequest        `json:"crit"`
}

Protected contains the signature metadata.

func (*Protected) UnmarshalJSON 

func (p *Protected) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all fields are set.

type Request 

type Request struct {
	Encoded EncodedRequestInfo `json:"payload"`
	POPs    []POP              `json:"signatures"`
}

Request is the renewal request.

type RequestInfo 

type RequestInfo struct {
	// Subject identifies the subject of the requested certificate.
	Subject addr.IA `json:"subject"`
	// Version indicates the requested certificate version.
	Version scrypto.Version `json:"version"`
	// FormatVersion is the request format version.
	FormatVersion cert.FormatVersion `json:"format_version"`
	// Description is the requested human-readable description of the certificate.
	Description string `json:"description"`
	// OptionalDistributionPoints contains optional certificate revocation
	// distribution points.
	OptionalDistributionPoints []addr.IA `json:"optional_distribution_points"`
	// Validity defines the requested validity period of the certificate.
	Validity *scrypto.Validity `json:"validity"`
	// Keys holds all keys authenticated by this certificate.
	Keys Keys `json:"keys"`
	// Issuer identifies the Issuer this request is addressed to.
	Issuer addr.IA `json:"issuer"`
	// RequestTime indicates when this request was created.
	RequestTime util.UnixTime `json:"request_time"`
}

RequestInfo is the information of the renewal request.

type SignedRequest 

type SignedRequest struct {
	Encoded          EncodedRequest      `json:"payload"`
	EncodedProtected EncodedProtected    `json:"protected"`
	Signature        scrypto.JWSignature `json:"signature"`
}

SignedRequest is a signed renewal request.

func ParseSignedRequest 

func ParseSignedRequest(raw []byte) (SignedRequest, error)

ParseSignedRequest parses the raw signed request.

func (SignedRequest) SigInput 

func (s SignedRequest) SigInput() []byte

SigInput computes the signature input according to rfc7517 (see: https://tools.ietf.org/html/rfc7515#section-5.1)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.