fulcio

package
v0.0.22 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 7, 2025 License: MPL-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type OIDCProvider 

type OIDCProvider interface {
	// Enabled returns true if the provider is enabled.
	Enabled(ctx context.Context) bool

	// Provide returns an OIDC token scoped to the provided audience.
	Provide(ctx context.Context, audience string) (string, error)
}

OIDCProvider is what providers need to implement to participate in furnishing OIDC tokens.

type SignerVerifier 

type SignerVerifier struct {

	// Protects these fields from mutating from refresh().
	sync.Mutex
	// contains filtered or unexported fields
}

SignerVerifier implements types.CosignerSignerVerifier using "keyless" signatures. If its signing certificate expires, it will refresh it by requesting a new cert from fulcio using the same key.

func NewSigner 

func NewSigner(provider OIDCProvider, fulcioClient api.LegacyClient) (*SignerVerifier, error)

NewSigner returns a "keyless" fulcio signer.

func (*SignerVerifier) Cosign 

func (sv *SignerVerifier) Cosign(ctx context.Context, payload io.Reader) (oci.Signature, error)

func (*SignerVerifier) PublicKey 

func (sv *SignerVerifier) PublicKey(opts ...signature.PublicKeyOption) (crypto.PublicKey, error)

func (*SignerVerifier) SignMessage 

func (sv *SignerVerifier) SignMessage(message io.Reader, opts ...signature.SignOption) ([]byte, error)

func (*SignerVerifier) VerifySignature 

func (sv *SignerVerifier) VerifySignature(signature, message io.Reader, opts ...signature.VerifyOption) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.