README
¶
tlog
This package implements transparency logging.
Documentation
¶
Index ¶
- Constants
- func CreateX509Cert(subject string, signer dsse.SignerVerifier) ([]byte, error)
- func WithTUFDownloader(tufDownloader tuf.Downloader) func(*Rekor)
- func WithTUFPublicKeysDir(dir string) func(*Rekor)
- type DockerTLExtension
- type MockTransparencyLog
- type Payload
- type Rekor
- func (tl *Rekor) UnmarshalEntry(entry []byte) (*models.LogEntryAnon, error)
- func (tl *Rekor) UploadEntry(ctx context.Context, subject string, encPayload, signature []byte, ...) (*DockerTLExtension, error)
- func (tl *Rekor) VerifyEntry(ctx context.Context, ext *DockerTLExtension, encPayload, publicKey []byte) (time.Time, error)
- func (tl *Rekor) VerifyEntryPayload(entry *models.LogEntryAnon, payload, publicKey []byte) error
- type TransparencyLog
Constants ¶
View Source
const ( UseMockTL = true TestEntry = `` /* 3051-byte string literal not displayed */ )
View Source
const (
DefaultRekorURL = "https://rekor.sigstore.dev"
)
View Source
const RekorTLExtKind = "Rekor"
Variables ¶
This section is empty.
Functions ¶
func CreateX509Cert ¶
func CreateX509Cert(subject string, signer dsse.SignerVerifier) ([]byte, error)
CreateX509Cert generates a self-signed x509 cert for TL submission.
func WithTUFDownloader ¶ added in v0.6.0
func WithTUFDownloader(tufDownloader tuf.Downloader) func(*Rekor)
func WithTUFPublicKeysDir ¶ added in v0.6.0
Types ¶
type DockerTLExtension ¶ added in v0.6.0
type MockTransparencyLog ¶ added in v0.6.0
type MockTransparencyLog struct {
UploadLogEntryFunc func(ctx context.Context, subject string, payload, signature []byte, signer dsse.SignerVerifier) (*DockerTLExtension, error)
VerifyLogEntryFunc func(ctx context.Context, ext *DockerTLExtension, payload, publicKey []byte) (time.Time, error)
}
func (*MockTransparencyLog) UploadEntry ¶ added in v0.6.0
func (tl *MockTransparencyLog) UploadEntry(ctx context.Context, subject string, payload, signature []byte, signer dsse.SignerVerifier) (*DockerTLExtension, error)
func (*MockTransparencyLog) VerifyEntry ¶ added in v0.6.0
func (tl *MockTransparencyLog) VerifyEntry(ctx context.Context, ext *DockerTLExtension, payload, publicKey []byte) (time.Time, error)
type Rekor ¶ added in v0.6.0
type Rekor struct {
// contains filtered or unexported fields
}
func NewRekorLog ¶ added in v0.6.0
func (*Rekor) UnmarshalEntry ¶ added in v0.6.0
func (tl *Rekor) UnmarshalEntry(entry []byte) (*models.LogEntryAnon, error)
func (*Rekor) UploadEntry ¶ added in v0.6.0
func (tl *Rekor) UploadEntry(ctx context.Context, subject string, encPayload, signature []byte, signer dsse.SignerVerifier) (*DockerTLExtension, error)
UploadEntry submits a PK token signature to the transparency log.
func (*Rekor) VerifyEntry ¶ added in v0.6.0
func (tl *Rekor) VerifyEntry(ctx context.Context, ext *DockerTLExtension, encPayload, publicKey []byte) (time.Time, error)
VerifyEntry verifies a transparency log entry.
func (*Rekor) VerifyEntryPayload ¶ added in v0.6.0
func (tl *Rekor) VerifyEntryPayload(entry *models.LogEntryAnon, payload, publicKey []byte) error
VerifyEntryPayload checks that the TL entry payload matches envelope payload.
type TransparencyLog ¶ added in v0.6.0
type TransparencyLog interface {
UploadEntry(ctx context.Context, subject string, payload, signature []byte, signer dsse.SignerVerifier) (*DockerTLExtension, error)
VerifyEntry(ctx context.Context, entry *DockerTLExtension, payload, publicKey []byte) (time.Time, error)
}
func GetMockTL ¶
func GetMockTL() TransparencyLog
Source Files
Click to show internal directories.
Click to hide internal directories.