verifier

Documentation

Index

• func RegisterVerifier(k Verifier, providerType VerifierType) error
• type Identity
  • func VerifyIdentity(ctx context.Context, doc *processor.Document) ([]Identity, error)
• type Verifier
• type VerifierType

Functions

func RegisterVerifier

func RegisterVerifier(k Verifier, providerType VerifierType) error

RegisterVerifier registers the providers that are available for verification

Types

type Identity

type Identity struct {
	ID       string
	Key      key.Key
	Verified bool
}

Identity struct elements might be nil/empty if the key is invalid or the ID of the identity can't be determined. Verified indicates that the identity has been verified, usually based on signature matching the key. This shouldn't be used to indicate that the Identity is trusted in any way.

func VerifyIdentity

func VerifyIdentity(ctx context.Context, doc *processor.Document) ([]Identity, error)

VerifyIdentity goes through the registered providers and verifies the signatures in the payload

type Verifier

type Verifier interface {
	// Verify takes in bytes and returns a list of identities. Those
	// identities are marked as verified if the payload can be tied back to
	// an identity, usually through signature validation. In cases where
	// signatures can't be verified, it is still valuable to return data
	// about the unverified identity. Upstream caller is expected to know
	// which verifier it needs to based on what type of enveloper or
	// signature is being verified.
	Verify(ctx context.Context, payloadBytes []byte) ([]Identity, error)
	// Type returns the verifier type
	Type() VerifierType
}

Verifier allows for multiple signature or identity verifiers that will check envelopes, signatures, and other payloads for linking a payload back to an identity. In most cases this will be done through verifying one or more signatures against known public keys.

type VerifierType

type VerifierType string