...

Package ctconfig

import "github.com/letsencrypt/boulder/ctpolicy/ctconfig"
Overview
Index

Overview ▾

type CTConfig

CTConfig is the top-level config object expected to be embedded in an executable's JSON config struct. 

type CTConfig struct {
    // Stagger is duration (e.g. "200ms") indicating how long to wait for a log
    // from one operator group to accept a certificate before attempting
    // submission to a log run by a different operator instead.
    Stagger config.Duration
    // LogListFile is a path to a JSON log list file. The file must match Chrome's
    // schema: https://www.gstatic.com/ct/log_list/v3/log_list_schema.json
    LogListFile string `validate:"required"`
    // SCTLogs is a list of CT log names to submit precerts to in order to get SCTs.
    SCTLogs []string `validate:"min=1,dive,required"`
    // InfoLogs is a list of CT log names to submit precerts to on a best-effort
    // basis. Logs are included here for the sake of wider distribution of our
    // precerts, and to exercise logs that in the qualification process.
    InfoLogs []string
    // FinalLogs is a list of CT log names to submit final certificates to.
    // This may include duplicates from the lists above, to submit both precerts
    // and final certs to the same log.
    FinalLogs []string
}

type CTGroup

CTGroup represents a group of CT Logs. Although capable of holding logs grouped by any arbitrary feature, is today primarily used to hold logs which are all operated by the same legal entity. 

type CTGroup struct {
    Name string
    Logs []LogDescription
}

type LogDescription

LogDescription contains the information needed to submit certificates to a CT log and verify returned receipts. If TemporalSet is non-nil then URI and Key should be empty. 

type LogDescription struct {
    URI             string
    Key             string
    SubmitFinalCert bool

    *TemporalSet
}

func (LogDescription) Info 

func (ld LogDescription) Info(exp time.Time) (string, string, error)

Info returns the URI and key of the log, either from a plain log description or from the earliest valid shard from a temporal log set

type LogID

LogID holds enough information to uniquely identify a CT Log: its log_id (the base64-encoding of the SHA-256 hash of its public key) and its human- readable name/description. This is used to extract other log parameters (such as its URL and public key) from the Chrome Log List. 

type LogID struct {
    Name        string
    ID          string
    SubmitFinal bool
}

type LogShard

LogShard describes a single shard of a temporally sharded CT log 

type LogShard struct {
    URI         string
    Key         string
    WindowStart time.Time
    WindowEnd   time.Time
}

type TemporalSet

TemporalSet contains a set of temporal shards of a single log 

type TemporalSet struct {
    Name   string
    Shards []LogShard
}

func (*TemporalSet) Setup 

func (ts *TemporalSet) Setup() error

Setup initializes the TemporalSet by parsing the start and end dates and verifying WindowEnd > WindowStart