renewal

package

v0.5.0 Latest Latest Go to latest Published: Mar 30, 2020 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/scionproto/scion

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type CritRequest
- func (CritRequest) MarshalJSON() ([]byte, error)
- func (CritRequest) UnmarshalJSON(b []byte) error
type EncodedProtected
- func EncodeProtected(p Protected) (EncodedProtected, error)
- func (e EncodedProtected) Decode() (Protected, error)
type EncodedRequest
- func EncodeRequest(r *Request) (EncodedRequest, error)
- func (e EncodedRequest) Decode() (Request, error)
type EncodedRequestInfo
- func EncodeRequestInfo(r *RequestInfo) (EncodedRequestInfo, error)
- func (e EncodedRequestInfo) Decode() (RequestInfo, error)
type KeyMeta
type KeyType
- func (t KeyType) MarshalText() ([]byte, error)
- func (t *KeyType) UnmarshalText(b []byte) error
- func (t KeyType) Validate() error
type Keys
type POP
- func (p POP) SigInput(info EncodedRequestInfo) []byte
type Protected
- func (p *Protected) UnmarshalJSON(b []byte) error
type Request
type RequestInfo
type SignedRequest
- func ParseSignedRequest(raw []byte) (SignedRequest, error)
- func (s SignedRequest) SigInput() []byte

Constants ¶

View Source

const (
	// SigningKey is the signing key type.
	SigningKey = KeyType(cert.SigningKeyJSON)
	// RevocationKey is the revocation key type.
	RevocationKey = KeyType(cert.RevocationKeyJSON)
)

KeyType values

Variables ¶

View Source

var (
	// ErrMissingProtectedField indicates a missing protected field.
	ErrMissingProtectedField = serrors.New("missing protected field")
	// ErrNotUTF8 indicates an invalid encoding.
	ErrNotUTF8 = serrors.New("not utf-8 encoded")
)

View Source

var ErrInvalidKeyType = serrors.New("invalid key type")

ErrInvalidKeyType indicates an inexistent key type.

Functions ¶

This section is empty.

Types ¶

type CritRequest ¶

type CritRequest struct{}

CritRequest is the "crit" section for the renewal request (see: https://tools.ietf.org/html/rfc7515#section-4.1.11).

func (CritRequest) MarshalJSON ¶

func (CritRequest) MarshalJSON() ([]byte, error)

MarshalJSON returns a json array with the expected crit elements.

func (CritRequest) UnmarshalJSON ¶

func (CritRequest) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all expected elements and no other are in the array.

type EncodedProtected ¶

type EncodedProtected string

EncodedProtected is the base64url encoded utf-8 metadata.

func EncodeProtected ¶

func EncodeProtected(p Protected) (EncodedProtected, error)

EncodeProtected encodes the protected header.

func (EncodedProtected) Decode ¶

func (e EncodedProtected) Decode() (Protected, error)

Decode decodes and returns the protected header.

type EncodedRequest ¶

type EncodedRequest string

EncodedRequest is the base64Url encoded marshaled renewal request.

func EncodeRequest ¶

func EncodeRequest(r *Request) (EncodedRequest, error)

EncodeRequest encodes the renewal request.

func (EncodedRequest) Decode ¶

func (e EncodedRequest) Decode() (Request, error)

Decode decodes and returns the request.

type EncodedRequestInfo ¶

type EncodedRequestInfo string

EncodedRequestInfo is the base64url encoded marshaled request info.

func EncodeRequestInfo ¶

func EncodeRequestInfo(r *RequestInfo) (EncodedRequestInfo, error)

EncodeRequestInfo encodes the base request.

func (EncodedRequestInfo) Decode ¶

func (e EncodedRequestInfo) Decode() (RequestInfo, error)

Decode decodes and returns the request info.

type KeyMeta ¶

type KeyMeta struct {
	// Key is the public key.
	Key []byte `json:"key"`
}

KeyMeta is the meta information about a key.

type KeyType ¶

type KeyType string

KeyType is the type of the key used in renewal. Can either be `signing` or `revocation`.

func (KeyType) MarshalText ¶

func (t KeyType) MarshalText() ([]byte, error)

MarshalText validates the KeyType before

func (*KeyType) UnmarshalText ¶

func (t *KeyType) UnmarshalText(b []byte) error

UnmarshalText allows to do validation on KeyType when parsing

func (KeyType) Validate ¶

func (t KeyType) Validate() error

Validate validates that the KeyType has a valid value.

type Keys ¶

type Keys struct {
	Signing    KeyMeta `json:"signing"`
	Revocation KeyMeta `json:"revocation"`
}

Keys contains the public keys.

type POP ¶

type POP struct {
	Protected EncodedProtected    `json:"protected"`
	Signature scrypto.JWSignature `json:"signature"`
}

POP is a proof of possession.

func (POP) SigInput ¶

func (p POP) SigInput(info EncodedRequestInfo) []byte

SigInput computes the signature input according to rfc7517 (see: https://tools.ietf.org/html/rfc7515#section-5.1)

type Protected ¶

type Protected struct {
	Algorithm  string             `json:"alg"`
	KeyType    KeyType            `json:"key_type"`
	KeyVersion scrypto.KeyVersion `json:"key_version"`
	Crit       CritRequest        `json:"crit"`
}

Protected contains the signature metadata.

func (*Protected) UnmarshalJSON ¶

func (p *Protected) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all fields are set.

type Request ¶

type Request struct {
	Encoded EncodedRequestInfo `json:"payload"`
	POPs    []POP              `json:"signatures"`
}

Request is the renewal request.

type RequestInfo ¶

type RequestInfo struct {
	// Subject identifies the subject of the requested certificate.
	Subject addr.IA `json:"subject"`
	// Version indicates the requested certificate version.
	Version scrypto.Version `json:"version"`
	// FormatVersion is the request format version.
	FormatVersion cert.FormatVersion `json:"format_version"`
	// Description is the requested human-readable description of the certificate.
	Description string `json:"description"`
	// OptionalDistributionPoints contains optional certificate revocation
	// distribution points.
	OptionalDistributionPoints []addr.IA `json:"optional_distribution_points"`
	// Validity defines the requested validity period of the certificate.
	Validity *scrypto.Validity `json:"validity"`
	// Keys holds all keys authenticated by this certificate.
	Keys Keys `json:"keys"`
	// Issuer identifies the Issuer this request is addressed to.
	Issuer addr.IA `json:"issuer"`
	// RequestTime indicates when this request was created.
	RequestTime util.UnixTime `json:"request_time"`
}

RequestInfo is the information of the renewal request.

type SignedRequest ¶

type SignedRequest struct {
	Encoded          EncodedRequest      `json:"payload"`
	EncodedProtected EncodedProtected    `json:"protected"`
	Signature        scrypto.JWSignature `json:"signature"`
}

SignedRequest is a signed renewal request.

func ParseSignedRequest ¶

func ParseSignedRequest(raw []byte) (SignedRequest, error)

ParseSignedRequest parses the raw signed request.

func (SignedRequest) SigInput ¶

func (s SignedRequest) SigInput() []byte

SigInput computes the signature input according to rfc7517 (see: https://tools.ietf.org/html/rfc7515#section-5.1)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL