github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tao/tempSuite.go.testfilew

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tao/tempSuite.go.testfilew (about)

     1  //  Copyright (c) 2014, Google Inc.  All rights reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package tao
    16  
    17  // Temporary
    18  const (
    19  	Basic128BitCipherSuite = "sign:ecdsap256,crypt:aes128-ctr-hmacsha256,derive:hdkf-sha256"
    20  	Basic256BitCipherSuite = "sign:ecdsap384,crypt:aes256-ctr-hmacsha384,derive:hdkf-sha256"
    21  )
    22  
    23  var TaoCryptoSuite string
    24  
    25  
    26  type Tao interface {
    27  	// GetTaoName returns the Tao principal name assigned to the caller.
    28  	GetTaoName() (name auth.Prin, err error)
    29  
    30  	// ExtendTaoName irreversibly extends the Tao principal name of the caller.
    31  	ExtendTaoName(subprin auth.SubPrin) error
    32  
    33  	// GetRandomBytes returns a slice of n random bytes.
    34  	GetRandomBytes(n int) (bytes []byte, err error)
    35  
    36  	// Rand produces an io.Reader for random bytes from this Tao.
    37  	Rand() io.Reader
    38  
    39  	// GetSharedSecret returns a slice of n secret bytes.
    40  	GetSharedSecret(n int, policy string) (bytes []byte, err error)
    41  
    42  	// Attest requests the Tao host sign a statement on behalf of the caller. The
    43  	// optional issuer, time and expiration will be given default values if nil.
    44  	// TODO(kwalsh) Maybe create a struct for these optional params? Or use
    45  	// auth.Says instead (in which time and expiration are optional) with a
    46  
    47  	Attest(issuer *auth.Prin, time, expiration *int64, message auth.Form) (*Attestation, error)
    48  
    49  	// Seal encrypts data so only certain hosted programs can unseal it.
    50  	Seal(data []byte, policy string) (sealed []byte, err error)
    51  
    52  	// Unseal decrypts data that has been sealed by the Seal() operation, but only
    53  	// if the policy specified during the Seal() operation is satisfied.
    54  	Unseal(sealed []byte) (data []byte, policy string, err error)
    55  
    56  	// InitCounter initializes a counter with given label.
    57  	InitCounter(label string, c int64) error
    58  
    59  	// GetCounter retrieves a counter with given label.
    60  	GetCounter(label string) (int64, error)
    61  
    62  	// RollbackProtectedSeal encrypts data under rollback protection
    63  	// so only certain hosted programs can unseal it.
    64  	RollbackProtectedSeal(label string, data []byte, policy string) ([]byte, error)
    65  
    66  	// RollbackProtectedUnseal decrypts data under rollback protection.
    67  	RollbackProtectedUnseal(sealed []byte) ([]byte, string, error)
    68  }