tuf

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 15, 2023 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultRemoteRoot is the default remote TUF root location.
	DefaultRemoteRoot = "https://tuf-repo-cdn.sigstore.dev"

	// TufRootEnv is the name of the environment variable that locates an alternate local TUF root location.
	TufRootEnv = "TUF_ROOT"

	// SigstoreNoCache is the name of the environment variable that, if set, configures this code to only store root data in memory.
	SigstoreNoCache = "SIGSTORE_NO_CACHE"
)

Variables

This section is empty.

Functions

func Initialize 

func Initialize(_ context.Context, mirror string, root []byte) error

func NewSigstoreTufRepo 

func NewSigstoreTufRepo(t *testing.T, root TestSigstoreRoot) (tuf.LocalStore, *tuf.Repo)

This creates a new sigstore TUF repo whose signers can be used to create dynamic signed Rekor entries.

Types

type MetadataStatus 

type MetadataStatus struct {
	Version    int    `json:"version"`
	Size       int    `json:"len"`
	Expiration string `json:"expiration"`
	Error      string `json:"error"`
}

type RootStatus 

type RootStatus struct {
	Local    string                    `json:"local"`
	Remote   string                    `json:"remote"`
	Metadata map[string]MetadataStatus `json:"metadata"`
	Targets  []string                  `json:"targets"`
}

JSON output representing the configured root status

func GetRootStatus 

func GetRootStatus(ctx context.Context) (*RootStatus, error)

GetRootStatus gets the current root status for info logging

type StatusKind 

type StatusKind int
const (
	UnknownStatus StatusKind = iota
	Active
	Expired
)

func (StatusKind) MarshalText 

func (s StatusKind) MarshalText() ([]byte, error)

func (StatusKind) String 

func (s StatusKind) String() string

func (*StatusKind) UnmarshalText 

func (s *StatusKind) UnmarshalText(text []byte) error

type TUF 

type TUF struct {
	sync.Mutex
	// contains filtered or unexported fields
}

func NewFromEnv 

func NewFromEnv(_ context.Context) (*TUF, error)

TODO: Remove ctx arg.

func (*TUF) GetTarget 

func (t *TUF) GetTarget(name string) ([]byte, error)

func (*TUF) GetTargetsByMeta 

func (t *TUF) GetTargetsByMeta(usage UsageKind, fallbacks []string) ([]TargetFile, error)

Get target files by a custom usage metadata tag. If there are no files found, use the fallback target names to fetch the targets by name.

func (*TUF) Mirror 

func (t *TUF) Mirror() string

Mirror returns the mirror configured; note if the object was configured with a legacy reference to the GCS HTTP endpoint for sigstore's public good trust root, this will return DefaultRemoteRoot which is a CDN fronting that DefaultRemoteGCSBucket

type TargetFile 

type TargetFile struct {
	Target []byte
	Status StatusKind
}

type TestSigstoreRoot 

type TestSigstoreRoot struct {
	Rekor             signature.Verifier
	FulcioCertificate *x509.Certificate
}

type UsageKind 

type UsageKind int
const (
	UnknownUsage UsageKind = iota
	Fulcio
	Rekor
	CTFE
)

func (UsageKind) MarshalText 

func (u UsageKind) MarshalText() ([]byte, error)

func (UsageKind) String 

func (u UsageKind) String() string

func (*UsageKind) UnmarshalText 

func (u *UsageKind) UnmarshalText(text []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.