protocol

package

v0.0.0-...-bf2633c Latest Latest Go to latest Published: Sep 22, 2018 License: Apache-2.0 Imports: 8 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/sevki/google-roughtime

Links

Open Source Insights

Documentation ¶

Overview ¶

Package protocol implements the core of the Roughtime protocol.

Index ¶

Constants
Variables
func CalculateChainNonce(prevReply, blind []byte) (nonce [NonceSize]byte)
func CreateCertificate(minTime, maxTime uint64, publicKey, rootPrivateKey []byte) (certBytes []byte, err error)
func CreateReplies(nonces [][]byte, midpoint uint64, radius uint32, cert []byte, ...) ([][]byte, error)
func CreateRequest(rand io.Reader, prevReply []byte) (nonce, blind [NonceSize]byte, request []byte, err error)
func Decode(bytes []byte) (map[uint32][]byte, error)
func Encode(msg map[uint32][]byte) ([]byte, error)
func VerifyReply(replyBytes, publicKey []byte, nonce [NonceSize]byte) (time uint64, radius uint32, err error)

Constants ¶

View Source

const (
	// NonceSize is the number of bytes in a nonce.
	NonceSize = sha512.Size
	// MinRequestSize is the minimum number of bytes in a request.
	MinRequestSize = 1024
)

Variables ¶

View Source

var (

	// TagNonce names the bytestring containing the client's nonce.
	TagNonce = tagNONC
)

Functions ¶

func CalculateChainNonce ¶

func CalculateChainNonce(prevReply, blind []byte) (nonce [NonceSize]byte)

CalculateChainNonce calculates the nonce to be used in the next request in a chain given a reply and a blinding factor.

func CreateCertificate ¶

func CreateCertificate(minTime, maxTime uint64, publicKey, rootPrivateKey []byte) (certBytes []byte, err error)

CreateCertificate returns a signed certificate, using rootPrivateKey, delegating authority for the given timestamp to publicKey.

func CreateReplies ¶

func CreateReplies(nonces [][]byte, midpoint uint64, radius uint32, cert []byte, privateKey []byte) ([][]byte, error)

CreateReplies signs, using privateKey, a batch of nonces along with the given time and radius in microseconds. It returns one reply for each nonce using that signature and includes cert in each.

func CreateRequest ¶

func CreateRequest(rand io.Reader, prevReply []byte) (nonce, blind [NonceSize]byte, request []byte, err error)

CreateRequest creates a Roughtime request given an entropy source and the contents of a previous reply for chaining. If this request is the first of a chain, prevReply can be empty. It returns the nonce (needed to verify the reply), the blind (needed to prove correct chaining to an external party) and the request itself.

func Decode ¶

func Decode(bytes []byte) (map[uint32][]byte, error)

Decode parses the output of encode back into a map of tags to bytestrings.

func Encode ¶

func Encode(msg map[uint32][]byte) ([]byte, error)

Encode converts a map of tags to bytestrings into an encoded message. The number of elements in msg and the sum of the lengths of all the bytestrings must be ≤ 2**32.

func VerifyReply ¶

func VerifyReply(replyBytes, publicKey []byte, nonce [NonceSize]byte) (time uint64, radius uint32, err error)

VerifyReply parses the Roughtime reply in replyBytes, authenticates it using publicKey and verifies that nonce is included in it. It returns the included timestamp and radius.

Types ¶

This section is empty.

Source Files ¶

View all Source files

protocol.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL