Documentation ¶
Index ¶
- func Digest(r io.Reader, hash crypto.Hash) ([]byte, error)
- func DigestBytes(data []byte, hash crypto.Hash) ([]byte, error)
- func GeneratePublicKeyID(pub interface{}, hash crypto.Hash) (string, error)
- func HashFromString(name string) (crypto.Hash, error)
- func HashToString(h crypto.Hash) (string, error)
- func HexEncode(src []byte) []byte
- func PublicPemBytes(pub interface{}) ([]byte, error)
- func TryParseCertificate(data []byte) (*x509.Certificate, error)
- func TryParseKeyFromReader(r io.Reader) (interface{}, error)
- func TryParsePEMBlock(block *pem.Block) (interface{}, error)
- type DigestSet
- func CalculateDigestSet(r io.Reader, hashes []crypto.Hash) (DigestSet, error)
- func CalculateDigestSetFromBytes(data []byte, hashes []crypto.Hash) (DigestSet, error)
- func CalculateDigestSetFromFile(path string, hashes []crypto.Hash) (DigestSet, error)
- func NewDigestSet(digestsByName map[string]string) (DigestSet, error)
- type DigestValue
- type ECDSASigner
- type ECDSAVerifier
- type ED25519Signer
- type ED25519Verifier
- type ErrInvalidCertificate
- type ErrInvalidPemBlock
- type ErrInvalidSigner
- type ErrUnsupportedHash
- type ErrUnsupportedKeyType
- type ErrUnsupportedPEM
- type ErrVerifyFailed
- type KeyIdentifier
- type RSASigner
- type RSAVerifier
- type Signer
- type SignerOption
- type TrustBundler
- type Verifier
- type VerifierOption
- type X509Signer
- func (s *X509Signer) Certificate() *x509.Certificate
- func (s *X509Signer) Intermediates() []*x509.Certificate
- func (s *X509Signer) KeyID() (string, error)
- func (s *X509Signer) Roots() []*x509.Certificate
- func (s *X509Signer) Sign(r io.Reader) ([]byte, error)
- func (s *X509Signer) Verifier() (Verifier, error)
- type X509Verifier
- func (v *X509Verifier) BelongsToRoot(root *x509.Certificate) error
- func (v *X509Verifier) Bytes() ([]byte, error)
- func (v *X509Verifier) Certificate() *x509.Certificate
- func (v *X509Verifier) Intermediates() []*x509.Certificate
- func (v *X509Verifier) KeyID() (string, error)
- func (v *X509Verifier) Roots() []*x509.Certificate
- func (v *X509Verifier) Verify(body io.Reader, sig []byte) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GeneratePublicKeyID ¶
func PublicPemBytes ¶
func TryParseCertificate ¶
func TryParseCertificate(data []byte) (*x509.Certificate, error)
func TryParseKeyFromReader ¶
func TryParsePEMBlock ¶
Types ¶
type DigestSet ¶
type DigestSet map[DigestValue]string
func CalculateDigestSet ¶
func (*DigestSet) Equal ¶
Equal returns true if every digest for hash functions both artifacts have in common are equal. If the two artifacts don't have any digests from common hash functions, equal will return false. If any digest from common hash functions differ between the two artifacts, equal will return false.
func (DigestSet) MarshalJSON ¶
func (*DigestSet) UnmarshalJSON ¶
type DigestValue ¶
type ECDSASigner ¶
type ECDSASigner struct {
// contains filtered or unexported fields
}
func NewECDSASigner ¶
func NewECDSASigner(priv *ecdsa.PrivateKey, hash crypto.Hash) *ECDSASigner
func (*ECDSASigner) KeyID ¶
func (s *ECDSASigner) KeyID() (string, error)
func (*ECDSASigner) Verifier ¶
func (s *ECDSASigner) Verifier() (Verifier, error)
type ECDSAVerifier ¶
type ECDSAVerifier struct {
// contains filtered or unexported fields
}
func NewECDSAVerifier ¶
func NewECDSAVerifier(pub *ecdsa.PublicKey, hash crypto.Hash) *ECDSAVerifier
func (*ECDSAVerifier) Bytes ¶
func (v *ECDSAVerifier) Bytes() ([]byte, error)
func (*ECDSAVerifier) KeyID ¶
func (v *ECDSAVerifier) KeyID() (string, error)
type ED25519Signer ¶
type ED25519Signer struct {
// contains filtered or unexported fields
}
func NewED25519Signer ¶
func NewED25519Signer(priv ed25519.PrivateKey) *ED25519Signer
func (*ED25519Signer) KeyID ¶
func (s *ED25519Signer) KeyID() (string, error)
func (*ED25519Signer) Verifier ¶
func (s *ED25519Signer) Verifier() (Verifier, error)
type ED25519Verifier ¶
type ED25519Verifier struct {
// contains filtered or unexported fields
}
func NewED25519Verifier ¶
func NewED25519Verifier(pub ed25519.PublicKey) *ED25519Verifier
func (*ED25519Verifier) Bytes ¶
func (v *ED25519Verifier) Bytes() ([]byte, error)
func (*ED25519Verifier) KeyID ¶
func (v *ED25519Verifier) KeyID() (string, error)
type ErrInvalidCertificate ¶
type ErrInvalidCertificate struct{}
func (ErrInvalidCertificate) Error ¶
func (e ErrInvalidCertificate) Error() string
type ErrInvalidPemBlock ¶
type ErrInvalidPemBlock struct{}
func (ErrInvalidPemBlock) Error ¶
func (e ErrInvalidPemBlock) Error() string
type ErrInvalidSigner ¶
type ErrInvalidSigner struct{}
func (ErrInvalidSigner) Error ¶
func (e ErrInvalidSigner) Error() string
type ErrUnsupportedHash ¶
type ErrUnsupportedHash string
func (ErrUnsupportedHash) Error ¶
func (e ErrUnsupportedHash) Error() string
type ErrUnsupportedKeyType ¶
type ErrUnsupportedKeyType struct {
// contains filtered or unexported fields
}
func (ErrUnsupportedKeyType) Error ¶
func (e ErrUnsupportedKeyType) Error() string
type ErrUnsupportedPEM ¶
type ErrUnsupportedPEM struct {
// contains filtered or unexported fields
}
func (ErrUnsupportedPEM) Error ¶
func (e ErrUnsupportedPEM) Error() string
type ErrVerifyFailed ¶
type ErrVerifyFailed struct{}
func (ErrVerifyFailed) Error ¶
func (e ErrVerifyFailed) Error() string
type KeyIdentifier ¶
type RSASigner ¶
type RSASigner struct {
// contains filtered or unexported fields
}
func NewRSASigner ¶
func NewRSASigner(priv *rsa.PrivateKey, hash crypto.Hash) *RSASigner
type RSAVerifier ¶
type RSAVerifier struct {
// contains filtered or unexported fields
}
func NewRSAVerifier ¶
func NewRSAVerifier(pub *rsa.PublicKey, hash crypto.Hash) *RSAVerifier
func (*RSAVerifier) Bytes ¶
func (v *RSAVerifier) Bytes() ([]byte, error)
func (*RSAVerifier) KeyID ¶
func (v *RSAVerifier) KeyID() (string, error)
type Signer ¶
type Signer interface { KeyIdentifier Sign(r io.Reader) ([]byte, error) Verifier() (Verifier, error) }
func NewSigner ¶
func NewSigner(priv interface{}, opts ...SignerOption) (Signer, error)
func NewSignerFromReader ¶
func NewSignerFromReader(r io.Reader, opts ...SignerOption) (Signer, error)
type SignerOption ¶
type SignerOption func(*signerOptions)
func SignWithCertificate ¶
func SignWithCertificate(cert *x509.Certificate) SignerOption
func SignWithHash ¶
func SignWithHash(h crypto.Hash) SignerOption
func SignWithIntermediates ¶
func SignWithIntermediates(intermediates []*x509.Certificate) SignerOption
func SignWithRoots ¶
func SignWithRoots(roots []*x509.Certificate) SignerOption
type TrustBundler ¶
type TrustBundler interface { Certificate() *x509.Certificate Intermediates() []*x509.Certificate Roots() []*x509.Certificate }
type Verifier ¶
type Verifier interface { KeyIdentifier Verify(body io.Reader, sig []byte) error Bytes() ([]byte, error) }
func NewVerifier ¶
func NewVerifier(pub interface{}, opts ...VerifierOption) (Verifier, error)
func NewVerifierFromReader ¶
func NewVerifierFromReader(r io.Reader, opts ...VerifierOption) (Verifier, error)
type VerifierOption ¶
type VerifierOption func(*verifierOptions)
func VerifyWithHash ¶
func VerifyWithHash(h crypto.Hash) VerifierOption
func VerifyWithIntermediates ¶
func VerifyWithIntermediates(intermediates []*x509.Certificate) VerifierOption
func VerifyWithRoots ¶
func VerifyWithRoots(roots []*x509.Certificate) VerifierOption
func VerifyWithTrustedTime ¶
func VerifyWithTrustedTime(t time.Time) VerifierOption
type X509Signer ¶
type X509Signer struct {
// contains filtered or unexported fields
}
func NewX509Signer ¶
func NewX509Signer(signer Signer, cert *x509.Certificate, intermediates, roots []*x509.Certificate) (*X509Signer, error)
func (*X509Signer) Certificate ¶
func (s *X509Signer) Certificate() *x509.Certificate
func (*X509Signer) Intermediates ¶
func (s *X509Signer) Intermediates() []*x509.Certificate
func (*X509Signer) KeyID ¶
func (s *X509Signer) KeyID() (string, error)
func (*X509Signer) Roots ¶
func (s *X509Signer) Roots() []*x509.Certificate
func (*X509Signer) Verifier ¶
func (s *X509Signer) Verifier() (Verifier, error)
type X509Verifier ¶
type X509Verifier struct {
// contains filtered or unexported fields
}
func NewX509Verifier ¶
func NewX509Verifier(cert *x509.Certificate, intermediates, roots []*x509.Certificate, trustedTime time.Time) (*X509Verifier, error)
func (*X509Verifier) BelongsToRoot ¶
func (v *X509Verifier) BelongsToRoot(root *x509.Certificate) error
func (*X509Verifier) Bytes ¶
func (v *X509Verifier) Bytes() ([]byte, error)
func (*X509Verifier) Certificate ¶
func (v *X509Verifier) Certificate() *x509.Certificate
func (*X509Verifier) Intermediates ¶
func (v *X509Verifier) Intermediates() []*x509.Certificate
func (*X509Verifier) KeyID ¶
func (v *X509Verifier) KeyID() (string, error)
func (*X509Verifier) Roots ¶
func (v *X509Verifier) Roots() []*x509.Certificate
Click to show internal directories.
Click to hide internal directories.