當前位置: 首頁>>代碼示例>>Golang>>正文

Golang Verifier.ToPrincipal方法代碼示例

本文整理匯總了Golang中github.com/jlmucb/cloudproxy/go/tao.Verifier.ToPrincipal方法的典型用法代碼示例。如果您正苦於以下問題:Golang Verifier.ToPrincipal方法的具體用法?Golang Verifier.ToPrincipal怎麽用?Golang Verifier.ToPrincipal使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在github.com/jlmucb/cloudproxy/go/tao.Verifier的用法示例。


在下文中一共展示了Verifier.ToPrincipal方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。

示例1: newTempCAGuard

func newTempCAGuard(v *tao.Verifier) (tao.Guard, error) {
	g := tao.NewTemporaryDatalogGuard()
	vprin := v.ToPrincipal()
	rule := fmt.Sprintf(subprinRule, vprin)

	if err := g.AddRule(rule); err != nil {
		return nil, err
	}
	return g, nil
}
開發者ID:William-J-Earl,項目名稱:cloudproxy,代碼行數:10,代碼來源:demo_server.go

示例2: printRequest

func printRequest(req *taoca.Request, subjectKey *tao.Verifier, serial int64, peer string) {
	t := "Server (can't sign certificates)"
	if *req.CSR.IsCa {
		t = "Certificate Authority (can sign certificates)"
	}
	name := req.CSR.Name
	fmt.Printf("\n"+
		"A new Certificate Signing Request has been received:\n"+
		"  Country: %s\n"+
		"  Province: %s\n"+
		"  Locality: %s\n"+
		"  Organization: %s\n"+
		"  Organizational Unit: %s\n"+
		"  Common Name: %s\n"+
		"  Validity Period: %d years\n"+
		"  Type: %s\n"+
		"  Serial: %d\n"+
		"  Public Key Principal: %s\n"+
		"  Requesting Principal: %s\n"+
		"\n",
		*name.Country, *name.State, *name.City,
		*name.Organization, *name.OrganizationalUnit, *name.CommonName,
		*req.CSR.Years, t, serial, subjectKey.ToPrincipal(), peer)
}
開發者ID:kevinawalsh,項目名稱:taoca,代碼行數:24,代碼來源:server.go

示例3: VerifySecretDisclosureDirective

// This function performs the following checks on a secret disclosure directive.
// (1) the directive signature is valid with respect to signerKey of directive
// (2) Either
//       - policyKey matches the signerKey of directive
//       - directive cert is a valid program cert (signed by policyKey) certifying the signerKey
//         of directive as belonging to 'delegator'
// (3) the directive message is a statement of the form:
//         'policyKey/'delegator' says delegate can read protectedObjectId'
//     where delegate is a Tao Principal and protectedObjectId is a (serialized) protected
//     object message id.
func VerifySecretDisclosureDirective(policyKey *tao.Keys, directive *DirectiveMessage) (*auth.Prin,
	*auth.Prin, *string, *po.ObjectIdMessage, error) {

	// Check type of directive
	if directive.Type == nil || *(directive.Type) != DirectiveMessage_SECRET_DISCLOSURE {
		return nil, nil, nil, nil, errors.New(
			"secret_disclosure: directive not of secret disclosure type.")
	}

	var verifier *tao.Verifier
	var delegatorStr string
	// Check directive signer matches policy key.
	if bytes.Compare(
		auth.Marshal(policyKey.SigningKey.ToPrincipal()), directive.GetSigner()) == 0 {
		verifier = policyKey.SigningKey.GetVerifier()
		delegatorStr = verifier.ToPrincipal().String()

	} else {
		// Check if program cert is valid, signed by policy key,
		// cert public key matches signer and cert name matches speaker
		// of says statement.
		cert, err := x509.ParseCertificate(directive.Cert)
		if err != nil {
			return nil, nil, nil, nil, errors.New(
				"error parsing directive program cert")
		}
		rootCert := x509.NewCertPool()
		rootCert.AddCert(policyKey.Cert)
		verifyOptions := x509.VerifyOptions{Roots: rootCert}
		_, err = cert.Verify(verifyOptions)
		if err != nil {
			return nil, nil, nil, nil, errors.New(
				"program cert not valid")
		}
		verifier, err = tao.FromX509(cert)
		delegatorStr = cert.Subject.CommonName
		if err != nil {
			return nil, nil, nil, nil, err
		}
		if bytes.Compare(auth.Marshal(verifier.ToPrincipal()), directive.GetSigner()) != 0 {
			return nil, nil, nil, nil, errors.New(
				"secret_disclosure: directive signer doesn't match program key.")
		}
	}

	// Verify signature.
	ok, err := verifier.Verify(directive.GetSerializedStatement(), SigningContext,
		directive.GetSignature())
	if err != nil {
		return nil, nil, nil, nil, err
	}
	if !ok {
		return nil, nil, nil, nil,
			errors.New("secret_disclosure: directive signature check failed.")
	}

	// Validate and return statement.
	statement, err := auth.UnmarshalForm(directive.GetSerializedStatement())
	if err != nil {
		return nil, nil, nil, nil, err
	}
	var saysStatement *auth.Says
	if ptr, ok := statement.(*auth.Says); ok {
		saysStatement = ptr
	} else if val, ok := statement.(auth.Says); ok {
		saysStatement = &val
	} else {
		return nil, nil, nil, nil,
			errors.New("secret_disclosure: directive statement not a 'Says'")
	}
	stmtSpeaker, ok := saysStatement.Speaker.(auth.Prin)
	if !ok {
		return nil, nil, nil, nil,
			errors.New("secret_disclosure: directive speaker not a 'Prin'")
	}
	if stmtSpeaker.String() != delegatorStr {
		return nil, nil, nil, nil, errors.New(
			"secret_disclosure: directive statement speaker does not match signer")
	}
	pred, ok := saysStatement.Message.(auth.Pred)
	if !ok {
		return nil, nil, nil, nil,
			errors.New("secret_disclosure: directive message not a 'Pred'")
	}
	predName := pred.Name
	if predName == "" {
		return nil, nil, nil, nil,
			errors.New("secret_disclosure: directive predicate name is empty")
	}
	if len(pred.Arg) != 2 {
//.........這裏部分代碼省略.........
開發者ID:tmroeder,項目名稱:cloudproxy,代碼行數:101,代碼來源:secret_disclosure.go


注:本文中的github.com/jlmucb/cloudproxy/go/tao.Verifier.ToPrincipal方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。