sigstore

package
v2.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 12, 2022 License: AGPL-3.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func VerifySignature 

func VerifySignature(content, signature, publicKey []byte) error

VerifySignature checks if the signature of content can be verified using publicKey. signature is expected to be base64 encoded. publicKey is expected to be PEM encoded.

Types

type Rekor added in v2.2.0 

type Rekor struct {
	// contains filtered or unexported fields
}

Rekor allows to interact with the transparency log at: https://rekor.sigstore.dev For more information see Rekor's Swagger definition: https://www.sigstore.dev/swagger/#/

func NewRekor added in v2.2.0 

func NewRekor() (*Rekor, error)

NewRekor creates a new instance of Rekor to interact with the transparency log at: https://rekor.sigstore.dev

func (*Rekor) SearchByHash added in v2.2.0 

func (r *Rekor) SearchByHash(ctx context.Context, hash string) ([]string, error)

SearchByHash searches for the hash of an artifact in Rekor transparency log. A list of UUIDs will be returned, since multiple entries could be present for a single artifact in Rekor.

func (*Rekor) VerifyEntry added in v2.2.0 

func (r *Rekor) VerifyEntry(ctx context.Context, uuid, publicKey string) error

VerifyEntry performs log entry verification (see verifyLogEntry) and verifies that the provided publicKey was used to sign the entry. An error is returned if any verification fails.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.