utils

package
v0.4.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 7, 2017 License: Apache-2.0, BSD-3-Clause Imports: 27 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CanonicalKeyID

func CanonicalKeyID(k data.PublicKey) (string, error)

CanonicalKeyID returns the ID of the public bytes version of a TUF key. On regular RSA/ECDSA TUF keys, this is just the key ID. On X509 RSA/ECDSA TUF keys, this is the key ID of the public key part of the key in the leaf cert

func CertBundleToKey added in v0.4.0

func CertBundleToKey(leafCert *x509.Certificate, intCerts []*x509.Certificate) (data.PublicKey, error)

CertBundleToKey creates a TUF key from a leaf certs and a list of intermediates

func CertChainToPEM added in v0.4.0

func CertChainToPEM(certChain []*x509.Certificate) ([]byte, error)

CertChainToPEM is a utility function returns a PEM encoded chain of x509 Certificates, in the order they are passed

func CertToKey added in v0.4.0

func CertToKey(cert *x509.Certificate) data.PublicKey

CertToKey transforms a single input certificate into its corresponding PublicKey

func CertToPEM added in v0.4.0

func CertToPEM(cert *x509.Certificate) []byte

CertToPEM is a utility function returns a PEM encoded x509 Certificate

func CertsToKeys added in v0.4.0

func CertsToKeys(leafCerts map[string]*x509.Certificate, intCerts map[string][]*x509.Certificate) map[string]data.PublicKey

CertsToKeys transforms each of the input certificate chains into its corresponding PublicKey

func ConsistentName

func ConsistentName(role string, hashSha256 []byte) string

ConsistentName generates the appropriate HTTP URL path for the role, based on whether the repo is marked as consistent. The RemoteStore is responsible for adding file extensions.

func DoHash

func DoHash(alg string, d []byte) []byte

DoHash returns the digest of d using the hashing algorithm named in alg

func Download

func Download(url url.URL) (*http.Response, error)

Download does a simple download from a URL

func ECDSAToPrivateKey added in v0.4.0

func ECDSAToPrivateKey(ecdsaPrivKey *ecdsa.PrivateKey) (data.PrivateKey, error)

ECDSAToPrivateKey converts an ecdsa.Private key to a TUF data.PrivateKey type

func ED25519ToPrivateKey added in v0.4.0

func ED25519ToPrivateKey(privKeyBytes []byte) (data.PrivateKey, error)

ED25519ToPrivateKey converts a serialized ED25519 key to a TUF data.PrivateKey type

func EncryptPrivateKey added in v0.4.0

func EncryptPrivateKey(key data.PrivateKey, role, gun, passphrase string) ([]byte, error)

EncryptPrivateKey returns an encrypted PEM key given a Privatekey and a passphrase

func FileExists

func FileExists(path string) bool

FileExists returns true if a file (or dir) exists at the given path, false otherwise

func FindRoleIndex

func FindRoleIndex(rs []*data.Role, name string) int

FindRoleIndex returns the index of the role named <name> or -1 if no matching role is found.

func GenerateECDSAKey added in v0.4.0

func GenerateECDSAKey(random io.Reader) (data.PrivateKey, error)

GenerateECDSAKey generates an ECDSA Private key and returns a TUF PrivateKey

func GenerateED25519Key added in v0.4.0

func GenerateED25519Key(random io.Reader) (data.PrivateKey, error)

GenerateED25519Key generates an ED25519 private key and returns a TUF PrivateKey. The serialization format we use is just the public key bytes followed by the private key bytes

func GenerateRSAKey added in v0.4.0

func GenerateRSAKey(random io.Reader, bits int) (data.PrivateKey, error)

GenerateRSAKey generates an RSA private key and returns a TUF PrivateKey

func GetIntermediateCerts added in v0.4.0

func GetIntermediateCerts(certs []*x509.Certificate) []*x509.Certificate

GetIntermediateCerts parses a list of x509 Certificates and returns all of the ones marked as a CA, to be used as intermediates

func GetLeafCerts added in v0.4.0

func GetLeafCerts(certs []*x509.Certificate) []*x509.Certificate

GetLeafCerts parses a list of x509 Certificates and returns all of them that aren't CA

func KeyToPEM added in v0.4.0

func KeyToPEM(privKey data.PrivateKey, role string) ([]byte, error)

KeyToPEM returns a PEM encoded key from a Private Key

func LoadCertBundleFromFile added in v0.4.0

func LoadCertBundleFromFile(filename string) ([]*x509.Certificate, error)

LoadCertBundleFromFile loads certificates from the []byte provided. The data is expected to be PEM Encoded and contain one of more certificates with PEM type "CERTIFICATE"

func LoadCertBundleFromPEM added in v0.4.0

func LoadCertBundleFromPEM(pemBytes []byte) ([]*x509.Certificate, error)

LoadCertBundleFromPEM loads certificates from the []byte provided. The data is expected to be PEM Encoded and contain one of more certificates with PEM type "CERTIFICATE"

func LoadCertFromFile added in v0.4.0

func LoadCertFromFile(filename string) (*x509.Certificate, error)

LoadCertFromFile loads the first certificate from the file provided. The data is expected to be PEM Encoded and contain one of more certificates with PEM type "CERTIFICATE"

func LoadCertFromPEM added in v0.4.0

func LoadCertFromPEM(pemBytes []byte) (*x509.Certificate, error)

LoadCertFromPEM returns the first certificate found in a bunch of bytes or error if nothing is found. Taken from https://golang.org/src/crypto/x509/cert_pool.go#L85.

func NewCertificate added in v0.4.0

func NewCertificate(gun string, startTime, endTime time.Time) (*x509.Certificate, error)

NewCertificate returns an X509 Certificate following a template, given a GUN and validity interval.

func ParsePEMPrivateKey added in v0.4.0

func ParsePEMPrivateKey(pemBytes []byte, passphrase string) (data.PrivateKey, error)

ParsePEMPrivateKey returns a data.PrivateKey from a PEM encoded private key. It only supports RSA (PKCS#1) and attempts to decrypt using the passphrase, if encrypted.

func ParsePEMPublicKey added in v0.4.0

func ParsePEMPublicKey(pubKeyBytes []byte) (data.PublicKey, error)

ParsePEMPublicKey returns a data.PublicKey from a PEM encoded public key or certificate.

func RSAToPrivateKey added in v0.4.0

func RSAToPrivateKey(rsaPrivKey *rsa.PrivateKey) (data.PrivateKey, error)

RSAToPrivateKey converts an rsa.Private key to a TUF data.PrivateKey type

func ReadRoleFromPEM added in v0.4.0

func ReadRoleFromPEM(pemBytes []byte) string

ReadRoleFromPEM returns the value from the role PEM header, if it exists

func RemoveUnusedKeys

func RemoveUnusedKeys(t *data.SignedTargets)

RemoveUnusedKeys determines which keys in the slice of IDs are no longer used in the given targets file and removes them from the delegated keys map

func StrSliceContains

func StrSliceContains(ss []string, s string) bool

StrSliceContains checks if the given string appears in the slice

func StrSliceContainsI

func StrSliceContainsI(ss []string, s string) bool

StrSliceContainsI checks if the given string appears in the slice in a case insensitive manner

func StrSliceRemove

func StrSliceRemove(ss []string, s string) []string

StrSliceRemove removes the the given string from the slice, returning a new slice

func UnusedDelegationKeys

func UnusedDelegationKeys(t data.SignedTargets) []string

UnusedDelegationKeys prunes a list of keys, returning those that are no longer in use for a given targets file

func Upload

func Upload(url string, body io.Reader) (*http.Response, error)

Upload does a simple JSON upload to a URL

func ValidateCertificate added in v0.4.0

func ValidateCertificate(c *x509.Certificate, checkExpiry bool) error

ValidateCertificate returns an error if the certificate is not valid for notary Currently this is only ensuring the public key has a large enough modulus if RSA, using a non SHA1 signature algorithm, and an optional time expiry check

func X509PublicKeyID added in v0.4.0

func X509PublicKeyID(certPubKey data.PublicKey) (string, error)

X509PublicKeyID returns a public key ID as a string, given a data.PublicKey that contains an X509 Certificate

Types

type ErrBadTypeCast

type ErrBadTypeCast struct{}

ErrBadTypeCast is used by PopX functions when the item cannot be typed to X

func (ErrBadTypeCast) Error

func (err ErrBadTypeCast) Error() string

type ErrEmptyStack

type ErrEmptyStack struct {
	// contains filtered or unexported fields
}

ErrEmptyStack is used when an action that requires some content is invoked and the stack is empty

func (ErrEmptyStack) Error

func (err ErrEmptyStack) Error() string

type NoopCloser

type NoopCloser struct {
	io.Reader
}

NoopCloser is a simple Reader wrapper that does nothing when Close is called

func (*NoopCloser) Close

func (nc *NoopCloser) Close() error

Close does nothing for a NoopCloser

type RoleList

type RoleList []string

RoleList is a list of roles

func (RoleList) Len

func (r RoleList) Len() int

Len returns the length of the list

func (RoleList) Less

func (r RoleList) Less(i, j int) bool

Less returns true if the item at i should be sorted before the item at j. It's an unstable partial ordering based on the number of segments, separated by "/", in the role name

func (RoleList) Swap

func (r RoleList) Swap(i, j int)

Swap the items at 2 locations in the list

type Stack

type Stack struct {
	// contains filtered or unexported fields
}

Stack is a simple type agnostic stack implementation

func NewStack

func NewStack() *Stack

NewStack create a new stack

func (*Stack) Empty

func (s *Stack) Empty() bool

Empty returns true if the stack is empty

func (*Stack) Pop

func (s *Stack) Pop() (interface{}, error)

Pop removes and returns the top item on the stack, or returns ErrEmptyStack if the stack has no content

func (*Stack) PopString

func (s *Stack) PopString() (string, error)

PopString attempts to cast the top item on the stack to the string type. If this succeeds, it removes and returns the top item. If the item is not of the string type, ErrBadTypeCast is returned. If the stack is empty, ErrEmptyStack is returned

func (*Stack) Push

func (s *Stack) Push(item interface{})

Push adds an item to the top of the stack.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL