pki

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 16, 2019 License: BSD-3-Clause Imports: 8 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	TYPE_UNKNOWN = iota
	TYPE_CER
	TYPE_MFT
	TYPE_ROA
	TYPE_CRL
	TYPE_ROACER
	TYPE_MFTCER
	TYPE_CAREPO
	TYPE_TAL
)

Variables

View Source 
var (
	CARepository = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 48, 5}
	Manifest     = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 48, 10}
)

Functions

func DetermineType 

func DetermineType(path string) int

Types

type CallbackExplore 

type CallbackExplore func(*PKIFile, *SeekFile, bool)

type FileSeeker 

type FileSeeker interface {
	GetFile(*PKIFile) (*SeekFile, error)
	GetRepository(*PKIFile, CallbackExplore) error
}

type Log 

type Log interface {
	Debugf(string, ...interface{})
	Printf(string, ...interface{})
	Errorf(string, ...interface{})
	Warnf(string, ...interface{})
}

type PKIFile 

type PKIFile struct {
	Parent *PKIFile
	Repo   string
	Path   string
	Type   int
	Trust  bool
}

func ExtractPathCert 

func ExtractPathCert(cert *librpki.RPKI_Certificate) []*PKIFile

func ExtractPathManifest 

func ExtractPathManifest(mft *librpki.RPKI_Manifest) []*PKIFile

func (*PKIFile) ComputePath 

func (f *PKIFile) ComputePath() string

type Resource 

type Resource struct {
	Type     int
	Parent   *Resource
	File     *PKIFile
	Resource interface{}
	Childs   []*Resource
}

func ObjectToResource 

func ObjectToResource(data interface{}) *Resource

func (*Resource) GetIdentifier 

func (res *Resource) GetIdentifier() (bool, []byte)

type SeekFile 

type SeekFile struct {
	Repo string
	File string
	Data []byte
}

type SimpleManager 

type SimpleManager struct {
	PathOfResource  map[*Resource]*PKIFile
	ToExplore       []*PKIFile
	FileSeeker      FileSeeker
	Validator       *Validator
	Explored        map[string]bool
	ToExploreUnique map[string]bool
	Log             Log
}

func NewSimpleManager 

func NewSimpleManager() *SimpleManager

func (*SimpleManager) AddInitial 

func (sm *SimpleManager) AddInitial(fileList []*PKIFile)

func (*SimpleManager) Explore 

func (sm *SimpleManager) Explore(notMFT bool, addInvalidChilds bool) int

addInvalidChilds is a strict mode: visible at LACNIC with manifests with short expiration date. The certificate can still be valid while its discovery path will not

func (*SimpleManager) ExploreAdd 

func (sm *SimpleManager) ExploreAdd(file *PKIFile, data *SeekFile, addInvalidChilds bool)

func (*SimpleManager) GetNextExplore 

func (sm *SimpleManager) GetNextExplore() (*PKIFile, bool, error)

func (*SimpleManager) GetNextFile 

func (sm *SimpleManager) GetNextFile(curExplore *PKIFile) (*SeekFile, error)

func (*SimpleManager) GetNextRepository 

func (sm *SimpleManager) GetNextRepository(curExplore *PKIFile, callback CallbackExplore) error

func (*SimpleManager) HasMore 

func (sm *SimpleManager) HasMore() bool

func (*SimpleManager) PutFiles 

func (sm *SimpleManager) PutFiles(fileList []*PKIFile)

type Validator 

type Validator struct {
	TALs map[string]*Resource

	// Key by SubjectKeyIdentifier
	ValidObjects map[string]*Resource
	Objects      map[string]*Resource

	CertsSerial map[string]*Resource
	Revoked     map[string]bool

	// Key by parent certificate
	ValidCRL map[string]*Resource
	CRL      map[string]*Resource

	// Key by parent certificate
	ValidROA map[string]*Resource // Make sure EE certificates are unique for a ROA
	ROA      map[string]*Resource

	// Key by parent certificate
	ValidManifest map[string]*Resource // Make sure EE certificates are unique for a ROA
	Manifest      map[string]*Resource

	Time time.Time
}

func NewValidator 

func NewValidator() *Validator

func (*Validator) AddCRL 

func (v *Validator) AddCRL(crl *pkix.CertificateList) (bool, *Resource, error)

func (*Validator) AddCert 

func (v *Validator) AddCert(cert *librpki.RPKI_Certificate, trust bool) (bool, []*PKIFile, *Resource, error)

func (*Validator) AddManifest 

func (v *Validator) AddManifest(pkifile *PKIFile, mft *librpki.RPKI_Manifest) (bool, []*PKIFile, *Resource, error)

func (*Validator) AddROA 

func (v *Validator) AddROA(pkifile *PKIFile, roa *librpki.RPKI_ROA) (bool, *Resource, error)

func (*Validator) AddResource 

func (v *Validator) AddResource(pkifile *PKIFile, data []byte) (bool, []*PKIFile, *Resource, error)

func (*Validator) AddTAL 

func (v *Validator) AddTAL(tal *librpki.RPKI_TAL) ([]*PKIFile, *Resource, error)

func (*Validator) GetRepositories 

func (v *Validator) GetRepositories()

func (*Validator) GetValidROAs 

func (v *Validator) GetValidROAs()

func (*Validator) InvalidateObject 

func (v *Validator) InvalidateObject(keyid []byte)

func (*Validator) ValidateCertificate 

func (v *Validator) ValidateCertificate(cert *librpki.RPKI_Certificate, trust bool) error

func (*Validator) ValidateROA 

func (v *Validator) ValidateROA(roa *librpki.RPKI_ROA) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.