cubefs
45 строк · 1.3 Кб
1// Copyright 2018 The CubeFS Authors.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
12// implied. See the License for the specific language governing
13// permissions and limitations under the License.
14
15package cryptoutil
16
17const (
18TicketVersion = 1
19TicketAge = 24 * 60 * 60
20)
21
22// CryptoKey store the session key
23type CryptoKey struct {
24Ctime int64 `json:"c_time"`
25Key []byte `json:"key"`
26}
27
28/*
29* MITM thread:
30* (1) talking to the right party (nonce, key encryption)
31* (2) replay attack (IP, timestamp constrains)
32*
33* Other thread: Client capability changes (ticket timestamp)
34*/
35
36// Ticket is a temperary struct to store permissions/caps for clients to
37// access principle
38type Ticket struct {
39Version uint8 `json:"version"`
40ServiceID string `json:"service_id"`
41SessionKey CryptoKey `json:"session_key"`
42Exp int64 `json:"exp"`
43IP string `json:"ip"`
44Caps []byte `json:"caps"`
45}
46