Cryptosaur is an engine in the Arcology module responsible for cryptographic security. This engine only runs on Arcology Prime.
Messages
Certificates
Cryptosaur.setCertificateCryptosaur.setCertificate {type} {PEM-data}
This message sets a certificate for the given type and name. The only supported type is pemCertAndKey
. The PEM-encoded certificate must include, at minimum, the certificate and the private key. It may additionally contain the certificate chain.
Tables
Cryptosaur creates the following tables at start up.
Arc.certificates
The Arc.certificates
table stores SSL certificates for use by Esper (the socket engine) to communicate via HTTPS. Eventually it might store other kinds of certificates.
The table is indexed by type
and by name
. The only supported type is sslCertificate
. The name is the domain name for this certificate.
The table stores structs of the following form:
{
type: 'sslCertificate
name: "multiverse.kronosaur.com" // The domain (CN of subject)
certificates: {array of CERT structs} // The domain's certificate chain
privateKey: KEY struct // The private key
}
A CERT has the following format:
{
type: 'X509
name: "multiverse.kronosaur.com"
subject: {DN of subject}
issuer: {DN of issuer}
data: {PEM encoded string}
}
A KEY has the following format:
{
type: 'keyEnvelope
data: {PEM encoded string}
}