Documentation ¶
Overview ¶
Package crypto provides signing functionality for Trillian.
Index ¶
- func HashLogRoot(root trillian.SignedLogRoot) ([]byte, error)
- func SignatureAlgorithm(k gocrypto.PublicKey) sigpb.DigitallySigned_SignatureAlgorithm
- func Verify(pub crypto.PublicKey, data []byte, sig *sigpb.DigitallySigned) error
- func VerifyObject(pub crypto.PublicKey, obj interface{}, sig *sigpb.DigitallySigned) error
- type Signer
- func (s *Signer) Public() crypto.PublicKey
- func (s *Signer) Sign(data []byte) (*sigpb.DigitallySigned, error)
- func (s *Signer) SignLogRoot(root *trillian.SignedLogRoot) (*sigpb.DigitallySigned, error)
- func (s *Signer) SignMapRoot(root *trillian.SignedMapRoot) (*sigpb.DigitallySigned, error)
- func (s *Signer) SignObject(obj interface{}) (*sigpb.DigitallySigned, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func HashLogRoot ¶
func HashLogRoot(root trillian.SignedLogRoot) ([]byte, error)
HashLogRoot hashes SignedLogRoot objects using ObjectHash with "RootHash", "TimestampNanos", and "TreeSize", used as keys in a map.
func SignatureAlgorithm ¶
func SignatureAlgorithm(k gocrypto.PublicKey) sigpb.DigitallySigned_SignatureAlgorithm
SignatureAlgorithm returns the algorithm used for this public key. Only ECDSA and RSA keys are supported. Other key types will return sigpb.DigitallySigned_ANONYMOUS.
func VerifyObject ¶
func VerifyObject(pub crypto.PublicKey, obj interface{}, sig *sigpb.DigitallySigned) error
VerifyObject verifies the output of Signer.SignObject.
Types ¶
type Signer ¶
Signer is responsible for signing log-related data and producing the appropriate application specific signature objects.
func NewSHA256Signer ¶
NewSHA256Signer creates a new SHA256 based Signer.
func (*Signer) Sign ¶
func (s *Signer) Sign(data []byte) (*sigpb.DigitallySigned, error)
Sign obtains a signature after first hashing the input data.
func (*Signer) SignLogRoot ¶ added in v1.0.5
func (s *Signer) SignLogRoot(root *trillian.SignedLogRoot) (*sigpb.DigitallySigned, error)
SignLogRoot hashes and signs the supplied (to-be) SignedLogRoot and returns a signature. Hashing is performed by github.com/benlaurie/objecthash.
func (*Signer) SignMapRoot ¶ added in v1.0.5
func (s *Signer) SignMapRoot(root *trillian.SignedMapRoot) (*sigpb.DigitallySigned, error)
SignMapRoot hashes and signs the supplied (to-be) SignedMapRoot and returns a signature. Hashing is performed by github.com/benlaurie/objecthash.
func (*Signer) SignObject ¶
func (s *Signer) SignObject(obj interface{}) (*sigpb.DigitallySigned, error)
SignObject signs the requested object using ObjectHash.
Directories ¶
Path | Synopsis |
---|---|
Package keys provides access to public and private keys for signing and verification of signatures.
|
Package keys provides access to public and private keys for signing and verification of signatures. |
der/proto
Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler.
|
Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler. |
pem/proto
Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler.
|
Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler. |
pkcs11
Package pkcs11 provides access to private keys using a PKCS#11 interface.
|
Package pkcs11 provides access to private keys using a PKCS#11 interface. |
pkcs11/proto
Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler.
|
Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler. |
testonly
Package testonly contains code and data that should only be used by tests.
|
Package testonly contains code and data that should only be used by tests. |
Package keyspb is a generated protocol buffer package.
|
Package keyspb is a generated protocol buffer package. |
Package sigpb is a generated protocol buffer package.
|
Package sigpb is a generated protocol buffer package. |