Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(433)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: services/vanadium/security/wire_blessings.go

Issue 1418013004: Principal Service: Add support for multiple user accounts (Closed) Base URL: https://github.com/domokit/mojo.git@master
Patch Set: Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« services/vanadium/security/principal_service.go ('K') | « services/vanadium/security/public_key.go ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 package main 5 package main
6 6
7 import vpkg "mojo/services/vanadium/security/interfaces/principal" 7 import vpkg "mojo/services/vanadium/security/interfaces/principal"
8 8
9 // wireBlessings encapsulates wire format of a set of a Vanadium blessings 9 // wireBlessings encapsulates wire format of a set of a Vanadium blessings
10 // and the corresponding cryptographic proof that binds them to a principal 10 // and the corresponding cryptographic proof that binds them to a principal
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
50 // Given a Hash, the message digest of a caveat is: 50 // Given a Hash, the message digest of a caveat is:
51 // Hash(Hash(Id), Hash(ParamVom)) 51 // Hash(Hash(Id), Hash(ParamVom))
52 type caveat struct { 52 type caveat struct {
53 Id [16]byte // The identifier of the caveat validation function. 53 Id [16]byte // The identifier of the caveat validation function.
54 ParamVom []byte // VOM-encoded bytes of the parameters to be provided to the validation function. 54 ParamVom []byte // VOM-encoded bytes of the parameters to be provided to the validation function.
55 } 55 }
56 56
57 func newBlessing(wb *wireBlessings) *vpkg.Blessing { 57 func newBlessing(wb *wireBlessings) *vpkg.Blessing {
58 // TODO(ataly, gauthamt): Below we only consider the first certificate c hain 58 // TODO(ataly, gauthamt): Below we only consider the first certificate c hain
59 // in the wireBlessings object. We should handle the case when the wireB lessings 59 // in the wireBlessings object. We should handle the case when the wireB lessings
60 » // object has more than one certificate chain. 60 » // object has more than one certificate chain. This issue would become m oot
61 » // TODO(ataly, gauthamt): We should validate all caveats present in the certificates. 61 » // if the vpkg.Blessing type matched the wireBlessing type.
62 » // TODO(ataly, gauthamt): We should validate all caveats present in the
63 » // certificates.
62 var chain []vpkg.Certificate 64 var chain []vpkg.Certificate
63 for _, c := range wb.CertificateChains[0] { 65 for _, c := range wb.CertificateChains[0] {
64 chain = append(chain, vpkg.Certificate{Extension: c.Extension}) 66 chain = append(chain, vpkg.Certificate{Extension: c.Extension})
65 } 67 }
66 return &vpkg.Blessing{chain} 68 return &vpkg.Blessing{chain}
67 } 69 }
OLDNEW
« services/vanadium/security/principal_service.go ('K') | « services/vanadium/security/public_key.go ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698