demosec

package
v0.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 9, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

demosec gives a proof-of-concept demo of how security will be implemented in NTSchema

Generated by the generator, DO NOT modify manually

Index

Constants

This section is empty.

Variables

View Source
var (
	ContentKeyNodeDesc *schema.NodeImplDesc
)

Functions

func CreateContentKeyNode

func CreateContentKeyNode(node *schema.Node) schema.NodeImpl

func NewKeyStoragePolicy

func NewKeyStoragePolicy() schema.Policy

func NewSignedByPolicy

func NewSignedByPolicy() schema.Policy

Types

type ContentKey

type ContentKey struct {
	// contains filtered or unexported fields
}

type ContentKeyNode

type ContentKeyNode struct {
	schema.BaseNodeImpl
}

ContentKeyNode handles the generation and fetching of content key, as a proof of concept demo

func (*ContentKeyNode) CastTo

func (n *ContentKeyNode) CastTo(ptr any) any

func (*ContentKeyNode) Decrypt

func (n *ContentKeyNode) Decrypt(mNode schema.MatchedNode, encryptedContent enc.Wire) enc.Wire

func (*ContentKeyNode) Encrypt

func (n *ContentKeyNode) Encrypt(mNode schema.MatchedNode, ck ContentKey, content enc.Wire) enc.Wire

func (*ContentKeyNode) GenKey

func (n *ContentKeyNode) GenKey(mNode schema.MatchedNode) ContentKey

func (*ContentKeyNode) NodeImplTrait

func (n *ContentKeyNode) NodeImplTrait() schema.NodeImpl

type DemoHmacKey

type DemoHmacKey struct {
	KeyName  enc.Name // In this demo KeyName = CertName
	KeyBits  enc.Buffer
	CertData enc.Buffer
}

type DemoHmacKeyStore

type DemoHmacKeyStore struct {
	Keys []DemoHmacKey
}

func NewDemoHmacKeyStore

func NewDemoHmacKeyStore() *DemoHmacKeyStore

func (*DemoHmacKeyStore) AddTrustAnchor

func (store *DemoHmacKeyStore) AddTrustAnchor(cert enc.Buffer) error

AddTrustAnchor simulates the addition of a trust anchor (self-signed certificate)

func (*DemoHmacKeyStore) EnrollKey

func (store *DemoHmacKeyStore) EnrollKey(keyName enc.Name, keyBits enc.Buffer, signKeyName enc.Name) error

EnrollKey simulates the creation of a certificate

func (*DemoHmacKeyStore) GetKey

func (store *DemoHmacKeyStore) GetKey(keyName enc.Name) *DemoHmacKey

GetKey returns the key & cert of a specific key name

func (*DemoHmacKeyStore) SaveKey

func (store *DemoHmacKeyStore) SaveKey(name enc.Name, keyBits enc.Buffer, cert enc.Buffer) error

SaveKey simulates storing a fetched certificate

type EncryptedContent

type EncryptedContent struct {
	//+field:binary
	KeyId []byte `tlv:"0x82"`
	//+field:binary
	Iv []byte `tlv:"0x84"`
	//+field:natural
	ContentLength uint64 `tlv:"0x86"`
	//+field:wire
	CipherText enc.Wire `tlv:"0x88"`
}

+tlv-model:nocopy

func ParseEncryptedContent

func ParseEncryptedContent(reader enc.ParseReader, ignoreCritical bool) (*EncryptedContent, error)

func (*EncryptedContent) Bytes

func (value *EncryptedContent) Bytes() []byte

func (*EncryptedContent) Encode

func (value *EncryptedContent) Encode() enc.Wire

type EncryptedContentEncoder

type EncryptedContentEncoder struct {
	CipherText_length uint
	// contains filtered or unexported fields
}

func (*EncryptedContentEncoder) Encode

func (encoder *EncryptedContentEncoder) Encode(value *EncryptedContent) enc.Wire

func (*EncryptedContentEncoder) EncodeInto

func (encoder *EncryptedContentEncoder) EncodeInto(value *EncryptedContent, wire enc.Wire)

func (*EncryptedContentEncoder) Init

func (encoder *EncryptedContentEncoder) Init(value *EncryptedContent)

type EncryptedContentParsingContext

type EncryptedContentParsingContext struct {
}

func (*EncryptedContentParsingContext) Init

func (context *EncryptedContentParsingContext) Init()

func (*EncryptedContentParsingContext) Parse

func (context *EncryptedContentParsingContext) Parse(reader enc.ParseReader, ignoreCritical bool) (*EncryptedContent, error)

type KeyStoragePolicy

type KeyStoragePolicy struct {
	KeyStore *DemoHmacKeyStore
	// contains filtered or unexported fields
}

KeyStoragePolicy is a policy that stored HMAC keys in a memory storage.

func (*KeyStoragePolicy) Apply

func (p *KeyStoragePolicy) Apply(node *schema.Node)

func (*KeyStoragePolicy) PolicyTrait

func (p *KeyStoragePolicy) PolicyTrait() schema.Policy

type SignedByPolicy

type SignedByPolicy struct {
	Mapping     map[string]any
	KeyStore    *DemoHmacKeyStore
	KeyNodePath string
	// contains filtered or unexported fields
}

SignedByPolicy is a demo policy that specifies the trust schema.

func (*SignedByPolicy) Apply

func (p *SignedByPolicy) Apply(node *schema.Node)

func (*SignedByPolicy) ConvertName

func (p *SignedByPolicy) ConvertName(mNode *schema.MatchedNode) *schema.MatchedNode

ConvertName converts a Data name to the name of the key to sign it. In real-world scenario, there should be two functions: - one suggests the key for the data produced by the current node - one checks if the signing key for a fetched data is correct In this simple demo I merge them into one for simplicity

func (*SignedByPolicy) PolicyTrait

func (p *SignedByPolicy) PolicyTrait() schema.Policy

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL