Documentation ¶
Overview ¶
The xar package provides for reading and writing XAR archives.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type File ¶
type File struct { Type FileType Info FileInfo Id uint64 Name string EncodingMimetype string CompressedChecksum FileChecksum ExtractedChecksum FileChecksum // The size of the archived file (the size of the file after decompressing) Size int64 // contains filtered or unexported fields }
func (*File) Open ¶
func (f *File) Open() (rc io.ReadCloser, err os.Error)
Open returns a ReadCloser that provides access to the file's uncompressed content.
func (*File) OpenRaw ¶
func (f *File) OpenRaw() (rc io.ReadCloser, err os.Error)
OpenRaw returns a ReadCloser that provides access to the file's raw content. The encoding of the raw content is specified in the File's EncodingMimetype field.
func (*File) VerifyChecksum ¶
Verify that the compressed content of the File in the archive matches the stored checksum.
type FileChecksum ¶
type FileChecksum struct { Kind FileChecksumKind Sum []byte }
type FileChecksumKind ¶
type FileChecksumKind int
const ( FileChecksumKindSHA1 FileChecksumKind = iota FileChecksumKindMD5 )
type Reader ¶
type Reader struct { File map[uint64]*File Certificates []*x509.Certificate SignatureCreationTime uint64 SignatureError os.Error // contains filtered or unexported fields }
func NewReader ¶
NewReader returns a new reader reading from r, which is assumed to have the given size in bytes.
func OpenReader ¶
OpenReader will open the XAR file specified by name and return a Reader.
func (*Reader) HasSignature ¶
This is a convenience method that returns true if the opened XAR archive has a signature. Internally, it checks whether the SignatureCreationTime field of the Reader is > 0.
func (*Reader) ValidSignature ¶
This is a convenience method that returns true of the signature if the opened XAR archive was successfully verified.
For a signature to be valid, it must have been signed by the leaf certificate in the certificate chain of the archive.
If there is more than one certificate in the chain, each certificate must come before the one that has issued it. This is verified by checking whether the signature of each certificate can be verified against the public key of the certificate following it.
The Reader does not do anything to check whether the leaf certificate and/or any intermediate certificates are trusted. It is up to users of this package to determine whether they wish to trust a given certificate chain. If an archive has a signature, the certificate chain of the archive can be accessed through the Certificates field of the Reader.
Internally, this method checks whether the SignatureError field is non-nil, and whether the SignatureCreationTime is > 0.
If the signature is not valid, and the XAR file has a signature, the SignatureError field of the Reader can be used to determine a possible cause.