demosec

package
v1.5.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 30, 2025 License: MIT Imports: 16 Imported by: 4

Documentation

Overview

demosec gives a proof-of-concept demo of how security will be implemented in NTSchema

Code generated by ndn tlv codegen DO NOT EDIT.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ContentKeyNodeDesc *schema.NodeImplDesc
)

Functions

func CreateContentKeyNode 

func CreateContentKeyNode(node *schema.Node) schema.NodeImpl

(AI GENERATED DESCRIPTION): Creates a ContentKeyNode under the given schema node, adding a leaf for `<contentKeyID>` whose content type is set to Key and which is marked as non‑fresh.

func NewKeyStoragePolicy 

func NewKeyStoragePolicy() schema.Policy

(AI GENERATED DESCRIPTION): Creates a new KeyStoragePolicy instance and returns it as a schema.Policy.

func NewSignedByPolicy 

func NewSignedByPolicy() schema.Policy

(AI GENERATED DESCRIPTION): Creates a new SignedByPolicy policy instance (with default/empty configuration).

Types

type ContentKey 

type ContentKey struct {
	// contains filtered or unexported fields
}

type ContentKeyNode 

type ContentKeyNode struct {
	schema.BaseNodeImpl
}

ContentKeyNode handles the generation and fetching of content key, as a proof of concept demo

func (*ContentKeyNode) CastTo 

func (n *ContentKeyNode) CastTo(ptr any) any

(AI GENERATED DESCRIPTION): Attempts to cast the `ContentKeyNode` to the requested pointer type, returning the node itself, its embedded `BaseNodeImpl`, or `nil` if the type is unsupported.

func (*ContentKeyNode) Decrypt 

func (n *ContentKeyNode) Decrypt(mNode schema.MatchedNode, encryptedContent enc.Wire) enc.Wire

(AI GENERATED DESCRIPTION): Decrypts the provided encrypted payload by fetching the corresponding content key via the node’s NeedChan, then decrypting the data with AES‑CBC and returning the plaintext wire.

func (*ContentKeyNode) Encrypt 

func (n *ContentKeyNode) Encrypt(mNode schema.MatchedNode, ck ContentKey, content enc.Wire) enc.Wire

(AI GENERATED DESCRIPTION): Encrypts the given content using AES‑CBC with the provided 32‑byte key and a random IV, then packages the ciphertext together with the key ID, IV, and original length into an encoded EncryptedContent wire.

func (*ContentKeyNode) GenKey 

func (n *ContentKeyNode) GenKey(mNode schema.MatchedNode) ContentKey

(AI GENERATED DESCRIPTION): Generates a random 32‑byte content key, registers it under a new child name derived from the supplied matched node, and returns the key’s identifier and key bits.

func (*ContentKeyNode) NodeImplTrait 

func (n *ContentKeyNode) NodeImplTrait() schema.NodeImpl

(AI GENERATED DESCRIPTION): Returns the ContentKeyNode instance as a NodeImpl, enabling it to be used where a schema NodeImpl is required.

func (*ContentKeyNode) String added in v1.4.3 

func (n *ContentKeyNode) String() string

(AI GENERATED DESCRIPTION): Returns a human‑readable string that identifies the node as a `ContentKeyNode` and includes the string representation of its underlying `Node`.

type DemoHmacKey 

type DemoHmacKey struct {
	KeyName  enc.Name // In this demo KeyName = CertName
	KeyBits  enc.Buffer
	CertData enc.Buffer
}

type DemoHmacKeyStore 

type DemoHmacKeyStore struct {
	Keys []DemoHmacKey
}

func NewDemoHmacKeyStore 

func NewDemoHmacKeyStore() *DemoHmacKeyStore

(AI GENERATED DESCRIPTION): Creates a new DemoHmacKeyStore instance with an empty slice of DemoHmacKey entries.

func (*DemoHmacKeyStore) AddTrustAnchor 

func (store *DemoHmacKeyStore) AddTrustAnchor(cert enc.Buffer) error

AddTrustAnchor simulates the addition of a trust anchor (self-signed certificate)

func (*DemoHmacKeyStore) EnrollKey 

func (store *DemoHmacKeyStore) EnrollKey(keyName enc.Name, keyBits enc.Buffer, signKeyName enc.Name) error

EnrollKey simulates the creation of a certificate

func (*DemoHmacKeyStore) GetKey 

func (store *DemoHmacKeyStore) GetKey(keyName enc.Name) *DemoHmacKey

GetKey returns the key & cert of a specific key name

func (*DemoHmacKeyStore) SaveKey 

func (store *DemoHmacKeyStore) SaveKey(name enc.Name, keyBits enc.Buffer, cert enc.Buffer) error

SaveKey simulates storing a fetched certificate

type EncryptedContent 

type EncryptedContent struct {
	//+field:binary
	KeyId []byte `tlv:"0x82"`
	//+field:binary
	Iv []byte `tlv:"0x84"`
	//+field:natural
	ContentLength uint64 `tlv:"0x86"`
	//+field:wire
	CipherText enc.Wire `tlv:"0x88"`
}

+tlv-model:nocopy

func ParseEncryptedContent 

func ParseEncryptedContent(reader enc.WireView, ignoreCritical bool) (*EncryptedContent, error)

func (*EncryptedContent) Bytes 

func (value *EncryptedContent) Bytes() []byte

func (*EncryptedContent) Encode 

func (value *EncryptedContent) Encode() enc.Wire

type EncryptedContentEncoder 

type EncryptedContentEncoder struct {
	Length uint

	CipherText_length uint
	// contains filtered or unexported fields
}

func (*EncryptedContentEncoder) Encode 

func (encoder *EncryptedContentEncoder) Encode(value *EncryptedContent) enc.Wire

func (*EncryptedContentEncoder) EncodeInto 

func (encoder *EncryptedContentEncoder) EncodeInto(value *EncryptedContent, wire enc.Wire)

func (*EncryptedContentEncoder) Init 

func (encoder *EncryptedContentEncoder) Init(value *EncryptedContent)

type EncryptedContentParsingContext 

type EncryptedContentParsingContext struct {
}

func (*EncryptedContentParsingContext) Init 

func (context *EncryptedContentParsingContext) Init()

func (*EncryptedContentParsingContext) Parse 

func (context *EncryptedContentParsingContext) Parse(reader enc.WireView, ignoreCritical bool) (*EncryptedContent, error)

type KeyStoragePolicy 

type KeyStoragePolicy struct {
	KeyStore *DemoHmacKeyStore
	// contains filtered or unexported fields
}

KeyStoragePolicy is a policy that stored HMAC keys in a memory storage.

func (*KeyStoragePolicy) Apply 

func (p *KeyStoragePolicy) Apply(node *schema.Node)

(AI GENERATED DESCRIPTION): Recursively attaches the policy’s onAttach, onSearch, and onSave event handlers to a schema node and all its descendant nodes.

func (*KeyStoragePolicy) PolicyTrait 

func (p *KeyStoragePolicy) PolicyTrait() schema.Policy

(AI GENERATED DESCRIPTION): Returns the KeyStoragePolicy instance as a `schema.Policy`, enabling it to satisfy the `PolicyTrait` interface.

func (*KeyStoragePolicy) String added in v1.4.3 

func (p *KeyStoragePolicy) String() string

(AI GENERATED DESCRIPTION): Returns the string `"KeyStoragePolicy"` as the textual representation of this policy type.

type SignedByPolicy 

type SignedByPolicy struct {
	Mapping     map[string]any
	KeyStore    *DemoHmacKeyStore
	KeyNodePath string
	// contains filtered or unexported fields
}

SignedByPolicy is a demo policy that specifies the trust schema.

func (*SignedByPolicy) Apply 

func (p *SignedByPolicy) Apply(node *schema.Node)

(AI GENERATED DESCRIPTION): Attaches a SignedByPolicy to a node by registering its onAttach, onGetDataSigner, and onValidateData callbacks to the node’s corresponding events, panicking if the node does not provide a data‑validation event.

func (*SignedByPolicy) ConvertName 

func (p *SignedByPolicy) ConvertName(mNode *schema.MatchedNode) *schema.MatchedNode

ConvertName converts a Data name to the name of the key to sign it. In real-world scenario, there should be two functions: - one suggests the key for the data produced by the current node - one checks if the signing key for a fetched data is correct In this simple demo I merge them into one for simplicity

func (*SignedByPolicy) PolicyTrait 

func (p *SignedByPolicy) PolicyTrait() schema.Policy

(AI GENERATED DESCRIPTION): Returns the `SignedByPolicy` instance as a `schema.Policy`, enabling it to satisfy the Policy interface.

func (*SignedByPolicy) String added in v1.4.3 

func (p *SignedByPolicy) String() string

(AI GENERATED DESCRIPTION): Returns the string literal `"SignedByPolicy"` as the human‑readable name of the policy.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.