Versions in this module Expand all Collapse all v0 v0.2.1 Apr 12, 2021 Changes in this version + const ExperimentalEnv + const ServerEnv + func CertToPem(c *x509.Certificate) []byte + func Descriptors(ref name.Reference) ([]v1.Descriptor, error) + func DestinationRef(ref name.Reference, img *remote.Descriptor) (name.Reference, error) + func Experimental() bool + func FindTlogEntry(rekorClient *client.Rekor, b64Sig string, payload, pubKey []byte) (string, error) + func GeneratePrivateKey() (*ecdsa.PrivateKey, error) + func KeyToPem(pub crypto.PublicKey) ([]byte, error) + func LoadCerts(pemStr string) ([]*x509.Certificate, error) + func LoadECDSAPrivateKey(key []byte, pass []byte) (signature.ECDSASignerVerifier, error) + func Munge(desc v1.Descriptor) string + func PublicKeyPem(ctx context.Context, key signature.PublicKeyProvider) ([]byte, error) + func TlogServer() string + func TrustedCert(cert *x509.Certificate, roots *x509.CertPool) error + func Upload(signature, payload []byte, dstTag name.Reference, cert, chain string) error + func UploadTLog(signature, payload []byte, pemBytes []byte) (string, error) + type CheckOpts struct + Annotations map[string]interface{} + Claims bool + PubKey PublicKey + Roots *x509.CertPool + Tlog bool + type Keys struct + PrivateBytes []byte + PublicBytes []byte + func GenerateKeyPair(pf PassFunc) (*Keys, error) + type PassFunc func(bool) ([]byte, error) + type PublicKey interface + func LoadPublicKey(ctx context.Context, keyRef string) (PublicKey, error) + type PublicKeyProvider interface + PublicKey func(context.Context) (crypto.PublicKey, error) + type SignedPayload struct + Base64Signature string + Cert *x509.Certificate + Chain []*x509.Certificate + Payload []byte + func FetchSignatures(ctx context.Context, ref name.Reference) ([]SignedPayload, *v1.Descriptor, error) + func FetchSignaturesYaml(ctx context.Context, payloadPath string) ([]SignedPayload, error) + func Verify(ctx context.Context, ref name.Reference, co CheckOpts, payloadPath string) ([]SignedPayload, error) + func (sp *SignedPayload) TrustedCert(roots *x509.CertPool) error + func (sp *SignedPayload) VerifyClaims(d *v1.Descriptor, ss *payload.Simple) error + func (sp *SignedPayload) VerifyKey(ctx context.Context, pubKey PublicKey) error + func (sp *SignedPayload) VerifyTlog(rc *client.Rekor, publicKeyPem []byte) (string, error)