...

Package ctpolicy

import "github.com/letsencrypt/boulder/ctpolicy"
Overview
Index
Subdirectories

Overview ▾

type CTPolicy

CTPolicy is used to hold information about SCTs required from various groupings 

type CTPolicy struct {
    // contains filtered or unexported fields
}

func New 

func New(pub pubpb.PublisherClient, sctLogs loglist.List, infoLogs loglist.List, finalLogs loglist.List, stagger time.Duration, log blog.Logger, stats prometheus.Registerer) *CTPolicy

New creates a new CTPolicy struct

func (*CTPolicy) GetSCTs 

func (ctp *CTPolicy) GetSCTs(ctx context.Context, cert core.CertDER, expiration time.Time) (core.SCTDERs, error)

GetSCTs retrieves exactly two SCTs from the total collection of configured log groups, with at most one SCT coming from each group. It expects that all logs run by a single operator (e.g. Google) are in the same group, to guarantee that SCTs from logs in different groups do not end up coming from the same operator. As such, it enforces Google's current CT Policy, which requires that certs have two SCTs from logs run by different operators.

func (*CTPolicy) SubmitFinalCert 

func (ctp *CTPolicy) SubmitFinalCert(cert core.CertDER, expiration time.Time)

SubmitFinalCert submits finalized certificates created from precertificates to any configured "final" logs, but does not care about success.

Subdirectories

Name Synopsis
..
ctconfig
loglist
schema