package minimal

import "github.com/google/certificate-transparency-go/gossip/minimal"

Package minimal provides a minimal gossip implementation for CT which uses X.509 certificate extensions to hold gossiped STH values for logs. This allows STH values to be exchanged between participating logs without any changes to the log software (although participating logs will need to add additional trusted roots for the gossip sources).

Index

Types

type Goshawk 

type Goshawk struct {
	// contains filtered or unexported fields
}

Goshawk is an agent that retrieves certificates from a destination log that have STH values embedded in them. Each STH is then checked for consistency against the source log.

func NewGoshawk 

func NewGoshawk(ctx context.Context, cfg *configpb.GoshawkConfig, hc *http.Client, scanOpts scanner.ScannerOptions) (*Goshawk, error)

NewGoshawk creates a gossiper from the given configuration protobuf and optional http client.

func NewGoshawkFromFile 

func NewGoshawkFromFile(ctx context.Context, filename string, hc *http.Client, scanOpts scanner.ScannerOptions) (*Goshawk, error)

NewGoshawkFromFile creates a Goshawk from the given filename, which should contain text-protobuf encoded configuration data, together with an optional http Client.

func (*Goshawk) CertificateMatches 

func (hawk *Goshawk) CertificateMatches(cert *x509.Certificate) bool

CertificateMatches identifies certificates in the log that have the STH extension.

func (*Goshawk) Fly 

func (hawk *Goshawk) Fly(ctx context.Context)

Fly starts a collection of goroutines to perform log scanning and STH consistency checking. It should be terminated by cancelling the passed-in context.

func (*Goshawk) PrecertificateMatches 

func (hawk *Goshawk) PrecertificateMatches(*ct.Precertificate) bool

PrecertificateMatches identifies those precertificates in the log that are of interest: none.

func (*Goshawk) Scanner 

func (hawk *Goshawk) Scanner(ctx context.Context)

Scanner runs a continuous scan of the destination log.

type Gossiper 

type Gossiper struct {
	// contains filtered or unexported fields
}

Gossiper is an agent that retrieves STH values from a set of source logs and distributes it to a destination log in the form of an X.509 certificate with the STH value embedded in it.

func NewGossiper 

func NewGossiper(ctx context.Context, cfg *configpb.GossipConfig, hc *http.Client) (*Gossiper, error)

NewGossiper creates a gossiper from the given configuration protobuf and optional http client.

func NewGossiperFromFile 

func NewGossiperFromFile(ctx context.Context, filename string, hc *http.Client) (*Gossiper, error)

NewGossiperFromFile creates a gossiper from the given filename, which should contain text-protobuf encoded configuration data, together with an optional http Client.

func (*Gossiper) CheckRootIncluded 

func (g *Gossiper) CheckRootIncluded(ctx context.Context) error

CheckRootIncluded checks whether the gossiper's root certificate is included by all destination logs.

func (*Gossiper) Run 

func (g *Gossiper) Run(ctx context.Context)

Run starts a gossiper set of goroutines. It should be terminated by cancelling the passed-in context.

func (*Gossiper) Submitter 

func (g *Gossiper) Submitter(ctx context.Context, s <-chan sthInfo)

Submitter periodically services the provided channel and submits the certificates received on it to the destination logs.

Source Files

goshawk.go gossip.go instance.go serialization.go

Directories

PathSynopsis
gossip/minimal/configpbPackage configpb holds a config protobuf for minimal gossip binaries.
gossip/minimal/goshawkThe goshawk binary scans a destination log for gossiped STH values and checks consistency against the source logs.
gossip/minimal/gosminThe gosmin binary runs a minimal gossip implementation.
gossip/minimal/x509extPackage x509ext holds extensions types and values for minimal gossip.
Version
v1.0.21
Published
Aug 17, 2018
Platform
windows/amd64
Imports
30 packages
Last checked
41 minutes ago

Tools for package owners.