Google Git
Sign in
vanadium / release.go.x.ref / 6941403a675525cfc02fbdf20122b19bed628e4f / . / security / caveat / caveat.go
blob: a0083813d5f5c68146b2e5cb448d045cda93d955 [file] [log] [blame]
Asim Shankar45054a62014-05-15 10:32:54 -0700[diff] [blame]1// Package caveat provides common security.Caveat implementations.
2package caveat
3
4import (
5 "fmt"
6 "time"
7
8 "veyron2/security"
9 "veyron2/vom"
10)
11
Tilak Sharmad6ade0e2014-08-20 16:28:32 -0700[diff] [blame]12// UniversalCaveat takes a Caveat and returns a ServiceCaveat bound to all principals.
13func UniversalCaveat(cav security.Caveat) security.ServiceCaveat {
14 return security.ServiceCaveat{Service: security.AllPrincipals, Caveat: cav}
15}
16
Asim Shankar45054a62014-05-15 10:32:54 -0700[diff] [blame]17// Expiry is a security.Caveat that restricts the validity period of
18// the credential bearing this caveat.
19type Expiry struct {
20 IssueTime time.Time
21 ExpiryTime time.Time
22}
23
24func (c *Expiry) Validate(context security.Context) error {
25 now := time.Now()
26 if now.Before(c.IssueTime) || now.After(c.ExpiryTime) {
27 return fmt.Errorf("%#v forbids credential from being used at this time(%v)", c, now)
28 }
29 return nil
30}
31
32// MethodRestriction is a security.Caveat that restricts the set of
33// methods that can be invoked by a credential bearing the caveat.
34// An empty set indicates that no methods can be invoked.
35type MethodRestriction []string
36
37func (c MethodRestriction) Validate(ctx security.Context) error {
38 // If the context has an empty Method then the caveat validates.
39 if ctx.Method() == "" {
40 return nil
41 }
42 for _, m := range c {
43 if m == ctx.Method() {
44 return nil
45 }
46 }
47 return fmt.Errorf("%#v forbids invocation of method %s", c, ctx.Method())
48}
49
50// PeerIdentity is a security.Caveat that restricts the bearer of a credential
51// with this caveat from making or receiving RPCs to a limited set of peers -
Asim Shankar6bc64582014-08-27 12:51:42 -0700[diff] [blame]52// those whose identities match one of the provided security.BlessingPatterns.
Asim Shankar45054a62014-05-15 10:32:54 -0700[diff] [blame]53// An empty set indicates that no peers can be communicated with.
Asim Shankar6bc64582014-08-27 12:51:42 -0700[diff] [blame]54type PeerIdentity []security.BlessingPattern
Asim Shankar45054a62014-05-15 10:32:54 -0700[diff] [blame]55
56// Validate checks that the identity of the peer is present on the set of services
Asim Shankar6bc64582014-08-27 12:51:42 -0700[diff] [blame]57// identified by the BlessingPatterns on the caveat.
Asim Shankar45054a62014-05-15 10:32:54 -0700[diff] [blame]58func (c PeerIdentity) Validate(ctx security.Context) error {
59 for _, p := range c {
Asim Shankar6bc64582014-08-27 12:51:42 -0700[diff] [blame]60 if ctx.LocalID() != nil && p.MatchedBy(ctx.LocalID().Names()...) {
Asim Shankar45054a62014-05-15 10:32:54 -0700[diff] [blame]61 return nil
62 }
63 }
64 return fmt.Errorf("%#v forbids RPCing with peer %s", c, ctx.LocalID())
65}
66
Andres Erbsencdeacfe2014-06-11 14:55:16 -0700[diff] [blame]67// NetworkType is a security.Caveat that restricts communication with the
68// remote process to a particular network ("tcp", "udp", "bluetooth" etc.)
69type NetworkType string
70
71func (cav NetworkType) Validate(ctx security.Context) error {
72 if ctx.RemoteEndpoint().Addr().Network() == string(cav) {
73 return nil
74 }
75 return fmt.Errorf("required network type %q, got %q", cav, ctx.RemoteEndpoint().Addr().Network())
76}
77
Asim Shankar45054a62014-05-15 10:32:54 -0700[diff] [blame]78func init() {
79 vom.Register(Expiry{})
80 vom.Register(MethodRestriction(nil))
81 vom.Register(PeerIdentity(nil))
Andres Erbsencdeacfe2014-06-11 14:55:16 -0700[diff] [blame]82 vom.Register(NetworkType(""))
Asim Shankar45054a62014-05-15 10:32:54 -0700[diff] [blame]83}