signing

package

v2.0.0-...-98cc131 Latest Latest Go to latest Published: Jul 26, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/open-component-model/ocm

Documentation ¶

Index ¶

Constants
Variables
func Apply(printer common.Printer, state *WalkingState, cv ocm.ComponentVersionAccess, ...) (*metav1.DigestSpec, error)
func ArtefactDigest(r *compdesc.Resource) metav1.ArtefactDigest
func DigesterType(digest *metav1.DigestSpec) ocm.DigesterType
func GetDigestMode(cd *compdesc.ComponentDescriptor, def ...string) string
func GetDigests(cd *compdesc.ComponentDescriptor) *metav1.NestedComponentDigests
func NewVersionInfo(cd *compdesc.ComponentDescriptor, parent *DigestContext) (*VersionInfo, *DigestContext)
func RequireReProcessing(vi *VersionInfo, ctx *DigestContext, opts *Options) bool
type DigestContext
- func NewDigestContext(cd *compdesc.ComponentDescriptor, parent *DigestContext) *DigestContext
- func (dc *DigestContext) GetDigests() metav1.NestedDigests
- func (dc *DigestContext) IsRoot() bool
- func (dc *DigestContext) Propagate(d *metav1.DigestSpec) error
- func (dc *DigestContext) Use(ctx *DigestContext) error
- func (dc *DigestContext) ValidFor(ctx *DigestContext) bool
type Option
- func DigestMode(name string) Option
- func Hash(h signing.Hasher) Option
- func HashByAlgo(name string) Option
- func Issuer(name string) Option
- func PrivateKey(name string, key interface{}) Option
- func PublicKey(name string, key interface{}) Option
- func Recursive(flags ...bool) Option
- func Registry(h signing.Registry) Option
- func Resolver(h ...ocm.ComponentVersionResolver) Option
- func RootCertificates(pool *x509.CertPool) Option
- func Sign(h signing.Signer, name string) Option
- func SignatureName(name string, reset ...bool) Option
- func SkipAccessTypes(names ...string) Option
- func Update(flags ...bool) Option
- func VerifyDigests(flags ...bool) Option
- func VerifySignature(names ...string) Option
type Options
- func NewOptions(list ...Option) *Options
- func (o *Options) ApplySigningOption(opts *Options)
- func (o *Options) Complete(registry signing.Registry) error
- func (o *Options) DoSign() bool
- func (o *Options) DoUpdate() bool
- func (o *Options) DoVerify() bool
- func (o *Options) Dup() *Options
- func (opts *Options) Eval(list ...Option) *Options
- func (o *Options) Nested() *Options
- func (o *Options) PrivateKey() interface{}
- func (o *Options) PublicKey(sig string) interface{}
- func (o *Options) SignatureConfigured(name string) bool
- func (o *Options) SignatureName() string
- func (o *Options) StopRecursion() *Options
- func (o *Options) StoreLocally() bool
- func (o *Options) WithDigestMode(mode string) *Options
type RootContextInfo
- func (dc *RootContextInfo) GetPreset(nv common.NameVersion) *metav1.NestedComponentDigests
type VersionInfo
- func (vi *VersionInfo) CreateContext(cd *compdesc.ComponentDescriptor, parent *DigestContext) *DigestContext
- func (vi *VersionInfo) GetContext(nv common.NameVersion) *DigestContext
type WalkingState
- func NewWalkingState(lctx ...logging.Context) WalkingState
- func (s *WalkingState) GetContext(nv common.NameVersion, ctxkey common.NameVersion) *DigestContext

Constants ¶

View Source

const (
	DIGESTMODE_LOCAL = "local" // (default) store nested digests locally in component descriptor
	DIGESTMODE_TOP   = "top"   // store aggregated nested digests in signed component version
)

Variables ¶

View Source

var REALM = logging.NewRealm("signing")

Functions ¶

func Apply ¶

func Apply(printer common.Printer, state *WalkingState, cv ocm.ComponentVersionAccess, opts *Options, closecv ...bool) (*metav1.DigestSpec, error)

func ArtefactDigest ¶

func ArtefactDigest(r *compdesc.Resource) metav1.ArtefactDigest

func DigesterType ¶

func DigesterType(digest *metav1.DigestSpec) ocm.DigesterType

func GetDigestMode ¶

func GetDigestMode(cd *compdesc.ComponentDescriptor, def ...string) string

GetDigestMode checks whether the versio has already been digested. If so, the digest mode used at this time fixes the mode for all further signing processes. If a version is still undigested, any mode possible and is optionally defaulted by an additional argument.

func GetDigests ¶

func GetDigests(cd *compdesc.ComponentDescriptor) *metav1.NestedComponentDigests

func NewVersionInfo ¶

func NewVersionInfo(cd *compdesc.ComponentDescriptor, parent *DigestContext) (*VersionInfo, *DigestContext)

func RequireReProcessing ¶

func RequireReProcessing(vi *VersionInfo, ctx *DigestContext, opts *Options) bool

Types ¶

type DigestContext ¶

type DigestContext struct {
	*RootContextInfo

	Key        common.NameVersion
	Parent     *DigestContext
	Descriptor *compdesc.ComponentDescriptor
	Digest     *metav1.DigestSpec
	Signed     bool
	Source     common.NameVersion
	Refs       map[common.NameVersion]*metav1.DigestSpec
}

func NewDigestContext ¶

func NewDigestContext(cd *compdesc.ComponentDescriptor, parent *DigestContext) *DigestContext

func (*DigestContext) GetDigests ¶

func (dc *DigestContext) GetDigests() metav1.NestedDigests

func (*DigestContext) IsRoot ¶

func (dc *DigestContext) IsRoot() bool

func (*DigestContext) Propagate ¶

func (dc *DigestContext) Propagate(d *metav1.DigestSpec) error

func (*DigestContext) Use ¶

func (dc *DigestContext) Use(ctx *DigestContext) error

func (*DigestContext) ValidFor ¶

func (dc *DigestContext) ValidFor(ctx *DigestContext) bool

type Option ¶

type Option interface {
	ApplySigningOption(o *Options)
}

func DigestMode ¶

func DigestMode(name string) Option

func Hash ¶

func Hash(h signing.Hasher) Option

func HashByAlgo ¶

func HashByAlgo(name string) Option

func Issuer ¶

func Issuer(name string) Option

func PrivateKey ¶

func PrivateKey(name string, key interface{}) Option

func PublicKey ¶

func PublicKey(name string, key interface{}) Option

func Recursive ¶

func Recursive(flags ...bool) Option

func Registry ¶

func Registry(h signing.Registry) Option

func Resolver ¶

func Resolver(h ...ocm.ComponentVersionResolver) Option

func RootCertificates ¶

func RootCertificates(pool *x509.CertPool) Option

func Sign ¶

func Sign(h signing.Signer, name string) Option

func SignatureName ¶

func SignatureName(name string, reset ...bool) Option

func SkipAccessTypes ¶

func SkipAccessTypes(names ...string) Option

func Update ¶

func Update(flags ...bool) Option

func VerifyDigests ¶

func VerifyDigests(flags ...bool) Option

func VerifySignature ¶

func VerifySignature(names ...string) Option

type Options ¶

type Options struct {
	Update            bool
	Recursively       bool
	DigestMode        string
	Verify            bool
	Signer            signing.Signer
	Issuer            string
	VerifySignature   bool
	RootCerts         *x509.CertPool
	Hasher            signing.Hasher
	Keys              signing.KeyRegistry
	Registry          signing.Registry
	Resolver          ocm.ComponentVersionResolver
	SkipAccessTypes   map[string]bool
	SignatureNames    []string
	NormalizationAlgo string
	Keyless           bool
}

func NewOptions ¶

func NewOptions(list ...Option) *Options

func (*Options) ApplySigningOption ¶

func (o *Options) ApplySigningOption(opts *Options)

func (*Options) Complete ¶

func (o *Options) Complete(registry signing.Registry) error

func (*Options) DoSign ¶

func (o *Options) DoSign() bool

func (*Options) DoUpdate ¶

func (o *Options) DoUpdate() bool

func (*Options) DoVerify ¶

func (o *Options) DoVerify() bool

func (*Options) Dup ¶

func (o *Options) Dup() *Options

func (*Options) Eval ¶

func (opts *Options) Eval(list ...Option) *Options

func (*Options) Nested ¶

func (o *Options) Nested() *Options

func (*Options) PrivateKey ¶

func (o *Options) PrivateKey() interface{}

func (*Options) PublicKey ¶

func (o *Options) PublicKey(sig string) interface{}

func (*Options) SignatureConfigured ¶

func (o *Options) SignatureConfigured(name string) bool

func (*Options) SignatureName ¶

func (o *Options) SignatureName() string

func (*Options) StopRecursion ¶

func (o *Options) StopRecursion() *Options

func (*Options) StoreLocally ¶

func (o *Options) StoreLocally() bool

func (*Options) WithDigestMode ¶

func (o *Options) WithDigestMode(mode string) *Options

type RootContextInfo ¶

type RootContextInfo struct {
	CtxKey     common.NameVersion
	Sign       bool
	DigestType ocm.DigesterType
	Hasher     signing.Hasher
	In         map[common.NameVersion]*metav1.NestedComponentDigests
	Out        map[common.NameVersion]*metav1.NestedComponentDigests
}

func (*RootContextInfo) GetPreset ¶

func (dc *RootContextInfo) GetPreset(nv common.NameVersion) *metav1.NestedComponentDigests

type VersionInfo ¶

type VersionInfo struct {
	// contains filtered or unexported fields
}

VersionInfo keeps track of handled component versions and provides the digest context used for a dedicated root component this component version is digested for (by following component references).

func (*VersionInfo) CreateContext ¶

func (vi *VersionInfo) CreateContext(cd *compdesc.ComponentDescriptor, parent *DigestContext) *DigestContext

func (*VersionInfo) GetContext ¶

func (vi *VersionInfo) GetContext(nv common.NameVersion) *DigestContext

type WalkingState ¶

type WalkingState struct {
	common.WalkingState[*VersionInfo, *DigestContext]
}

func NewWalkingState ¶

func NewWalkingState(lctx ...logging.Context) WalkingState

func (*WalkingState) GetContext ¶

func (s *WalkingState) GetContext(nv common.NameVersion, ctxkey common.NameVersion) *DigestContext

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL