signing

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 21, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DIGESTMODE_LOCAL = "local" // (default) store nested digests locally in component descriptor
	DIGESTMODE_TOP   = "top"   // store aggregated nested digests in signed component version
)

Variables

View Source 
var REALM = logging.NewRealm("signing")

Functions

func Apply 

func Apply(printer common.Printer, state *WalkingState, cv ocm.ComponentVersionAccess, opts *Options, closecv ...bool) (*metav1.DigestSpec, error)

func ArtefactDigest added in v0.3.0 

func ArtefactDigest(r *compdesc.Resource) metav1.ArtefactDigest

func DigesterType added in v0.3.0 

func DigesterType(digest *metav1.DigestSpec) ocm.DigesterType

func GetDigestMode added in v0.3.0 

func GetDigestMode(cd *compdesc.ComponentDescriptor, def ...string) string

GetDigestMode checks whether the versio has already been digested. If so, the digest mode used at this time fixes the mode for all further signing processes. If a version is still undigested, any mode possible and is optionally defaulted by an additional argument.

func GetDigests added in v0.3.0 

func GetDigests(cd *compdesc.ComponentDescriptor) *metav1.NestedComponentDigests

func NewVersionInfo added in v0.3.0 

func NewVersionInfo(cd *compdesc.ComponentDescriptor, parent *DigestContext) (*VersionInfo, *DigestContext)

func RequireReProcessing 

func RequireReProcessing(vi *VersionInfo, ctx *DigestContext, opts *Options) bool

Types

type DigestContext added in v0.3.0 

type DigestContext struct {
	*RootContextInfo

	Key        common.NameVersion
	Parent     *DigestContext
	Descriptor *compdesc.ComponentDescriptor
	Digest     *metav1.DigestSpec
	Signed     bool
	Source     common.NameVersion
	Refs       map[common.NameVersion]*metav1.DigestSpec
}

func NewDigestContext added in v0.3.0 

func NewDigestContext(cd *compdesc.ComponentDescriptor, parent *DigestContext) *DigestContext

func (*DigestContext) GetDigests added in v0.3.0 

func (dc *DigestContext) GetDigests() metav1.NestedDigests

func (*DigestContext) IsRoot added in v0.3.0 

func (dc *DigestContext) IsRoot() bool

func (*DigestContext) Propagate added in v0.3.0 

func (dc *DigestContext) Propagate(d *metav1.DigestSpec) error

func (*DigestContext) Use added in v0.3.0 

func (dc *DigestContext) Use(ctx *DigestContext) error

func (*DigestContext) ValidFor added in v0.3.0 

func (dc *DigestContext) ValidFor(ctx *DigestContext) bool

type Option 

type Option interface {
	ApplySigningOption(o *Options)
}

func DigestMode added in v0.3.0 

func DigestMode(name string) Option

func Hash added in v0.3.0 

func Hash(h signing.Hasher) Option

func HashByAlgo added in v0.3.0 

func HashByAlgo(name string) Option

func Issuer 

func Issuer(name string) Option

func PrivateKey 

func PrivateKey(name string, key interface{}) Option

func PublicKey 

func PublicKey(name string, key interface{}) Option

func Recursive 

func Recursive(flags ...bool) Option

func Registry 

func Registry(h signing.Registry) Option

func Resolver 

func Resolver(h ...ocm.ComponentVersionResolver) Option

func RootCertificates 

func RootCertificates(pool *x509.CertPool) Option

func Sign 

func Sign(h signing.Signer, name string) Option

func SignatureName added in v0.3.0 

func SignatureName(name string, reset ...bool) Option

func SkipAccessTypes 

func SkipAccessTypes(names ...string) Option

func Update 

func Update(flags ...bool) Option

func VerifyDigests 

func VerifyDigests(flags ...bool) Option

func VerifySignature 

func VerifySignature(names ...string) Option

type Options 

type Options struct {
	Update            bool
	Recursively       bool
	DigestMode        string
	Verify            bool
	Signer            signing.Signer
	Issuer            string
	VerifySignature   bool
	RootCerts         *x509.CertPool
	Hasher            signing.Hasher
	Keys              signing.KeyRegistry
	Registry          signing.Registry
	Resolver          ocm.ComponentVersionResolver
	SkipAccessTypes   map[string]bool
	SignatureNames    []string
	NormalizationAlgo string
	Keyless           bool
}

func NewOptions 

func NewOptions(list ...Option) *Options

func (*Options) ApplySigningOption 

func (o *Options) ApplySigningOption(opts *Options)

func (*Options) Complete 

func (o *Options) Complete(registry signing.Registry) error

func (*Options) DoSign 

func (o *Options) DoSign() bool

func (*Options) DoUpdate 

func (o *Options) DoUpdate() bool

func (*Options) DoVerify 

func (o *Options) DoVerify() bool

func (*Options) Dup added in v0.3.0 

func (o *Options) Dup() *Options

func (*Options) Eval 

func (opts *Options) Eval(list ...Option) *Options

func (*Options) Nested added in v0.3.0 

func (o *Options) Nested() *Options

func (*Options) PrivateKey 

func (o *Options) PrivateKey() interface{}

func (*Options) PublicKey 

func (o *Options) PublicKey(sig string) interface{}

func (*Options) SignatureConfigured 

func (o *Options) SignatureConfigured(name string) bool

func (*Options) SignatureName 

func (o *Options) SignatureName() string

func (*Options) StopRecursion added in v0.3.0 

func (o *Options) StopRecursion() *Options

func (*Options) StoreLocally added in v0.3.0 

func (o *Options) StoreLocally() bool

func (*Options) WithDigestMode added in v0.3.0 

func (o *Options) WithDigestMode(mode string) *Options

type RootContextInfo added in v0.3.0 

type RootContextInfo struct {
	CtxKey     common.NameVersion
	Sign       bool
	DigestType ocm.DigesterType
	Hasher     signing.Hasher
	In         map[common.NameVersion]*metav1.NestedComponentDigests
	Out        map[common.NameVersion]*metav1.NestedComponentDigests
}

func (*RootContextInfo) GetPreset added in v0.3.0 

func (dc *RootContextInfo) GetPreset(nv common.NameVersion) *metav1.NestedComponentDigests

type VersionInfo 

type VersionInfo struct {
	// contains filtered or unexported fields
}

VersionInfo keeps track of handled component versions and provides the digest context used for a dedicated root component this component version is digested for (by following component references).

func (*VersionInfo) CreateContext added in v0.3.0 

func (vi *VersionInfo) CreateContext(cd *compdesc.ComponentDescriptor, parent *DigestContext) *DigestContext

func (*VersionInfo) GetContext added in v0.3.0 

func (vi *VersionInfo) GetContext(nv common.NameVersion) *DigestContext

type WalkingState 

type WalkingState struct {
	common.WalkingState[*VersionInfo, *DigestContext]
}

func NewWalkingState 

func NewWalkingState(lctx ...logging.Context) WalkingState

func (*WalkingState) GetContext added in v0.3.0 

func (s *WalkingState) GetContext(nv common.NameVersion, ctxkey common.NameVersion) *DigestContext

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.