github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/internal/enforcer/nfqdatapath/tokenaccessor/interfaces.go

github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/internal/enforcer/nfqdatapath/tokenaccessor/interfaces.go (about)

     1  package tokenaccessor
     2  
     3  import (
     4  	"crypto/ecdsa"
     5  	"time"
     6  
     7  	"go.aporeto.io/enforcerd/trireme-lib/controller/internal/enforcer/utils/ephemeralkeys"
     8  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/claimsheader"
     9  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/pkiverifier"
    10  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/secrets"
    11  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/tokens"
    12  )
    13  
    14  // TokenAccessor define an interface to access LockedTokenEngine
    15  type TokenAccessor interface {
    16  	GetTokenValidity() time.Duration
    17  	GetTokenServerID() string
    18  
    19  	// Token creation methods.
    20  	CreateAckPacketToken(proto314 bool, secretKey []byte, claims *tokens.ConnectionClaims, encodedBuf []byte) ([]byte, error)
    21  	CreateSynPacketToken(claims *tokens.ConnectionClaims, encodedBuf []byte, nonce []byte, claimsHeader *claimsheader.ClaimsHeader, secrets secrets.Secrets) ([]byte, error)
    22  
    23  	CreateSynAckPacketToken(proto314 bool, claims *tokens.ConnectionClaims, encodedBuf []byte, nonce []byte, claimsHeader *claimsheader.ClaimsHeader, secrets secrets.Secrets, secretKey []byte) ([]byte, error)
    24  	// Token parsing methods.
    25  	ParsePacketToken(privateKey *ephemeralkeys.PrivateKey, data []byte, secrets secrets.Secrets, c *tokens.ConnectionClaims, b bool) ([]byte, *claimsheader.ClaimsHeader, *pkiverifier.PKIControllerInfo, []byte, string, bool, error)
    26  	ParseAckToken(proto314 bool, secretKey []byte, nonce []byte, data []byte, connClaims *tokens.ConnectionClaims) error
    27  
    28  	Randomize([]byte, []byte) error
    29  	Sign([]byte, *ecdsa.PrivateKey) ([]byte, error)
    30  }