memory

package
v0.0.0-...-ff04220 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 4, 2025 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package memory implements server state using non-persistent memory to complement internal/token.Service for state that must persist between protocol sessions.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type KeyTypeAndRsaBits 

type KeyTypeAndRsaBits struct {
	Type    protocol.KeyType
	RsaBits int
}

KeyTypeAndRsaBits identifies an owner/manufacturer key by its type and bit size.

type State 

type State struct {
	RVBlobs   map[protocol.GUID]*cose.Sign1[protocol.To1d, []byte]
	Vouchers  map[protocol.GUID]*fdo.Voucher
	OwnerKeys map[KeyTypeAndRsaBits]struct {
		Key   crypto.Signer
		Chain []*x509.Certificate
	}
}

State implements interfaces for state which must be persisted between protocol sessions, but not between server processes.

func NewState 

func NewState() (*State, error)

NewState initializes the in-memory state.

func (*State) AddVoucher 

func (s *State) AddVoucher(_ context.Context, ov *fdo.Voucher) error

AddVoucher stores the voucher of a device owned by the service.

func (*State) ManufacturerKey 

func (s *State) ManufacturerKey(ctx context.Context, keyType protocol.KeyType, rsaBits int) (crypto.Signer, []*x509.Certificate, error)

ManufacturerKey returns the signer of a given key type and its certificate chain (required). If key type is not RSAPKCS or RSAPSS then rsaBits is ignored. Otherwise it must be either 2048 or 3072.

func (*State) NewVoucher 

func (s *State) NewVoucher(_ context.Context, ov *fdo.Voucher) error

NewVoucher creates and stores a voucher for a newly initialized device. Note that the voucher may have entries if the server was configured for auto voucher extension.

func (*State) OwnerKey 

func (s *State) OwnerKey(ctx context.Context, keyType protocol.KeyType, rsaBits int) (crypto.Signer, []*x509.Certificate, error)

OwnerKey returns the private key matching a given key type and optionally its certificate chain. If key type is not RSAPKCS or RSAPSS then rsaBits is ignored. Otherwise it must be either 2048 or 3072.

func (*State) RVBlob 

func (s *State) RVBlob(ctx context.Context, guid protocol.GUID) (*cose.Sign1[protocol.To1d, []byte], *fdo.Voucher, error)

RVBlob returns the owner rendezvous blob for a device.

func (*State) RemoveVoucher 

func (s *State) RemoveVoucher(ctx context.Context, guid protocol.GUID) (*fdo.Voucher, error)

RemoveVoucher untracks a voucher, possibly by deleting it or marking it as removed, and returns it for extension.

func (*State) ReplaceVoucher 

func (s *State) ReplaceVoucher(_ context.Context, oldGUID protocol.GUID, ov *fdo.Voucher) error

ReplaceVoucher stores a new voucher, possibly deleting or marking the previous voucher as replaced.

func (*State) SetRVBlob 

func (s *State) SetRVBlob(ctx context.Context, ov *fdo.Voucher, to1d *cose.Sign1[protocol.To1d, []byte], exp time.Time) error

SetRVBlob sets the owner rendezvous blob for a device.

func (*State) Voucher 

func (s *State) Voucher(_ context.Context, guid protocol.GUID) (*fdo.Voucher, error)

Voucher retrieves a voucher by GUID.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.