-
Notifications
You must be signed in to change notification settings - Fork 4
/
types.go
76 lines (61 loc) · 1.65 KB
/
types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
package cert
import (
"github.com/tendermint/tendermint/crypto"
"time"
)
const (
CommonSubjAminoRoute = "certificate/CommonSubject"
QSCSubjAminoRoute = "certificate/QSCSubject"
QCPSubjAminoRoute = "certificate/QCPSubject"
)
type Subject interface{}
type CommonSubject struct {
CN string `json:"cn"`
}
type QSCSubject struct {
ChainId string `json:"chain_id"`
Name string `json:"name"`
Banker crypto.PubKey `json:"banker"`
}
type QCPSubject struct {
ChainId string `json:"chain_id"`
QCPChain string `json:"qcp_chain"`
}
type CertificateSigningRequest struct {
Subj Subject `json:"subj"`
IsCa bool `json:"is_ca"`
NotBefore time.Time `json:"not_before"`
NotAfter time.Time `json:"not_after"`
PublicKey crypto.PubKey `json:"public_key"`
}
type Issuer struct {
Subj Subject `json:"subj"`
PublicKey crypto.PubKey `json:"public_key"`
}
type Certificate struct {
CSR CertificateSigningRequest `json:"csr"`
CA Issuer `json:"ca"`
Signature []byte `json:"signature"`
}
func (crt Certificate) PublicKey() crypto.PubKey {
return crt.CSR.PublicKey
}
type TrustCrts struct {
PublicKeys []crypto.PubKey `json:"public_keys"`
}
func VerityCrt(caPublicKeys []crypto.PubKey, crt Certificate) bool {
ok := false
// Check issuer
for _, value := range caPublicKeys {
if value.Equals(crt.CA.PublicKey) {
ok = crt.CA.PublicKey.VerifyBytes(MustMarshalJson(crt.CSR), crt.Signature)
break
}
}
// Check timestamp
now := time.Now().Unix()
if now <= crt.CSR.NotBefore.Unix() || now >= crt.CSR.NotAfter.Unix() {
ok = false
}
return ok
}