Documentation
¶
Overview ¶
Package signer provides notation signing functionality. It implements the notation.Signer interface by providing builtinSigner for local signing and PluginSigner for remote signing.
Index ¶
- func New(key crypto.PrivateKey, certChain []*x509.Certificate) (notation.Signer, error)deprecated
- func NewFromFiles(keyPath, certChainPath string) (notation.Signer, error)
- func NewFromPlugin(plugin plugin.SignPlugin, keyID string, pluginConfig map[string]string) (notation.Signer, error)deprecated
- type GenericSigner
- type PluginSigner
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func New
deprecated
func New(key crypto.PrivateKey, certChain []*x509.Certificate) (notation.Signer, error)
New returns a builtinSigner given key and cert chain
Deprecated: New function exists for historical compatibility and should not be used. To create GenericSigner, use NewGenericSigner() function.
func NewFromFiles ¶
NewFromFiles returns a builtinSigner given key and certChain paths.
func NewFromPlugin
deprecated
func NewFromPlugin(plugin plugin.SignPlugin, keyID string, pluginConfig map[string]string) (notation.Signer, error)
NewFromPlugin creates a notation.Signer that signs artifacts and generates signatures by delegating the one or more operations to the named plugin, as defined in https://github.com/notaryproject/notaryproject/blob/main/specs/plugin-extensibility.md#signing-interfaces.
Deprecated: NewFromPlugin function exists for historical compatibility and should not be used. To create PluginSigner, use NewPluginSigner() function.
Types ¶
type GenericSigner ¶ added in v1.2.0
type GenericSigner struct {
// contains filtered or unexported fields
}
GenericSigner implements notation.Signer and embeds signature.Signer
func NewGenericSigner ¶ added in v1.2.0
func NewGenericSigner(key crypto.PrivateKey, certChain []*x509.Certificate) (*GenericSigner, error)
NewGenericSigner returns a builtinSigner given key and cert chain
func NewGenericSignerFromFiles ¶ added in v1.2.0
func NewGenericSignerFromFiles(keyPath, certChainPath string) (*GenericSigner, error)
NewGenericSignerFromFiles returns a builtinSigner given key and certChain paths.
func (*GenericSigner) Sign ¶ added in v1.2.0
func (s *GenericSigner) Sign(ctx context.Context, desc ocispec.Descriptor, opts notation.SignerSignOptions) ([]byte, *signature.SignerInfo, error)
Sign signs the artifact described by its descriptor and returns the marshalled envelope.
type PluginSigner ¶ added in v1.2.0
type PluginSigner struct {
// contains filtered or unexported fields
}
PluginSigner signs artifacts and generates signatures. It implements notation.Signer
func NewPluginSigner ¶ added in v1.2.0
func NewPluginSigner(plugin plugin.SignPlugin, keyID string, pluginConfig map[string]string) (*PluginSigner, error)
NewPluginSigner creates a notation.Signer that signs artifacts and generates signatures by delegating the one or more operations to the named plugin, as defined in https://github.com/notaryproject/notaryproject/blob/main/specs/plugin-extensibility.md#signing-interfaces.
func (*PluginSigner) PluginAnnotations ¶ added in v1.2.0
func (s *PluginSigner) PluginAnnotations() map[string]string
PluginAnnotations returns signature manifest annotations returned from plugin
func (*PluginSigner) Sign ¶ added in v1.2.0
func (s *PluginSigner) Sign(ctx context.Context, desc ocispec.Descriptor, opts notation.SignerSignOptions) ([]byte, *signature.SignerInfo, error)
Sign signs the artifact described by its descriptor and returns the marshalled envelope.
Source Files