Documentation
¶
Index ¶
- Constants
- Variables
- type ECDSASignerVerifier
- type ED25519SignerVerifier
- type KeyVal
- type RSAPSSSignerVerifier
- type SSLibKey
- func LoadECDSAKeyFromFile(path string) (*SSLibKey, error)deprecated
- func LoadED25519KeyFromFile(path string) (*SSLibKey, error)deprecated
- func LoadKey(keyBytes []byte) (*SSLibKey, error)
- func LoadKeyFromSSLibBytes(contents []byte) (*SSLibKey, error)deprecated
- func LoadRSAPSSKeyFromBytes(contents []byte) (*SSLibKey, error)deprecated
- func LoadRSAPSSKeyFromFile(path string) (*SSLibKey, error)deprecated
Constants ¶
const ( ECDSAKeyType = "ecdsa" ECDSAKeyScheme = "ecdsa-sha2-nistp256" )
const ( RSAKeyType = "rsa" RSAKeyScheme = "rsassa-pss-sha256" RSAPrivateKeyPEM = "RSA PRIVATE KEY" )
const ( PublicKeyPEM = "PUBLIC KEY" PrivateKeyPEM = "PRIVATE KEY" )
const ED25519KeyType = "ed25519"
Variables ¶
var ( ErrNotPrivateKey = errors.New("loaded key is not a private key") ErrSignatureVerificationFailed = errors.New("failed to verify signature") ErrUnknownKeyType = errors.New("unknown key type") ErrInvalidThreshold = errors.New("threshold is either less than 1 or greater than number of provided public keys") ErrInvalidKey = errors.New("key object has no value") ErrInvalidPEM = errors.New("unable to parse PEM block") )
var ( // ErrNoPEMBlock gets triggered when there is no PEM block in the provided file ErrNoPEMBlock = errors.New("failed to decode the data as PEM block (are you sure this is a pem file?)") // ErrFailedPEMParsing gets returned when PKCS1, PKCS8 or PKIX key parsing fails ErrFailedPEMParsing = errors.New("failed parsing the PEM block: unsupported PEM type") )
var KeyIDHashAlgorithms = []string{"sha256", "sha512"}
Functions ¶
This section is empty.
Types ¶
type ECDSASignerVerifier ¶
type ECDSASignerVerifier struct {
// contains filtered or unexported fields
}
ECDSASignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using ECDSA keys.
func NewECDSASignerVerifierFromSSLibKey ¶
func NewECDSASignerVerifierFromSSLibKey(key *SSLibKey) (*ECDSASignerVerifier, error)
NewECDSASignerVerifierFromSSLibKey creates an ECDSASignerVerifier from an SSLibKey.
func (*ECDSASignerVerifier) KeyID ¶
func (sv *ECDSASignerVerifier) KeyID() (string, error)
KeyID returns the identifier of the key used to create the ECDSASignerVerifier instance.
func (*ECDSASignerVerifier) Public ¶
func (sv *ECDSASignerVerifier) Public() crypto.PublicKey
Public returns the public portion of the key used to create the ECDSASignerVerifier instance.
type ED25519SignerVerifier ¶
type ED25519SignerVerifier struct {
// contains filtered or unexported fields
}
ED25519SignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using ED25519 keys.
func NewED25519SignerVerifierFromSSLibKey ¶
func NewED25519SignerVerifierFromSSLibKey(key *SSLibKey) (*ED25519SignerVerifier, error)
NewED25519SignerVerifierFromSSLibKey creates an Ed25519SignerVerifier from an SSLibKey.
func (*ED25519SignerVerifier) KeyID ¶
func (sv *ED25519SignerVerifier) KeyID() (string, error)
KeyID returns the identifier of the key used to create the ED25519SignerVerifier instance.
func (*ED25519SignerVerifier) Public ¶
func (sv *ED25519SignerVerifier) Public() crypto.PublicKey
Public returns the public portion of the key used to create the ED25519SignerVerifier instance.
type RSAPSSSignerVerifier ¶
type RSAPSSSignerVerifier struct {
// contains filtered or unexported fields
}
RSAPSSSignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using RSA keys following the RSA-PSS scheme.
func NewRSAPSSSignerVerifierFromSSLibKey ¶
func NewRSAPSSSignerVerifierFromSSLibKey(key *SSLibKey) (*RSAPSSSignerVerifier, error)
NewRSAPSSSignerVerifierFromSSLibKey creates an RSAPSSSignerVerifier from an SSLibKey.
func (*RSAPSSSignerVerifier) KeyID ¶
func (sv *RSAPSSSignerVerifier) KeyID() (string, error)
KeyID returns the identifier of the key used to create the RSAPSSSignerVerifier instance.
func (*RSAPSSSignerVerifier) Public ¶
func (sv *RSAPSSSignerVerifier) Public() crypto.PublicKey
Public returns the public portion of the key used to create the RSAPSSSignerVerifier instance.
type SSLibKey ¶
type SSLibKey struct {
KeyIDHashAlgorithms []string `json:"keyid_hash_algorithms"`
KeyType string `json:"keytype"`
KeyVal KeyVal `json:"keyval"`
Scheme string `json:"scheme"`
KeyID string `json:"keyid"`
}
func LoadECDSAKeyFromFile
deprecated
LoadECDSAKeyFromFile returns an SSLibKey instance for an ECDSA key stored in a file in the custom securesystemslib format.
Deprecated: use LoadKey(). The custom serialization format has been deprecated. Use https://github.com/secure-systems-lab/securesystemslib/blob/main/docs/migrate_key.py to convert your key.
func LoadED25519KeyFromFile
deprecated
LoadED25519KeyFromFile returns an SSLibKey instance for an ED25519 key stored in a file in the custom securesystemslib format.
Deprecated: use LoadKey(). The custom serialization format has been deprecated. Use https://github.com/secure-systems-lab/securesystemslib/blob/main/docs/migrate_key.py to convert your key.
func LoadKey ¶ added in v0.9.0
LoadKey returns an SSLibKey object when provided a PEM encoded key. Currently, RSA, ED25519, and ECDSA keys are supported.
func LoadKeyFromSSLibBytes
deprecated
added in
v0.8.0
LoadKeyFromSSLibBytes returns a pointer to a Key instance created from the contents of the bytes. The key contents are expected to be in the custom securesystemslib format.
Deprecated: use LoadKey() for all key types, RSA is no longer the only key that uses PEM serialization.
func LoadRSAPSSKeyFromBytes
deprecated
added in
v0.8.0
LoadRSAPSSKeyFromBytes is a function that takes a byte array as input. This byte array should represent a PEM encoded RSA key, as PEM encoding is required. The function returns an SSLibKey instance, which is a struct that holds the key data.
Deprecated: use LoadKey() for all key types, RSA is no longer the only key that uses PEM serialization.
func LoadRSAPSSKeyFromFile
deprecated
LoadRSAPSSKeyFromFile returns an SSLibKey instance for an RSA key stored in a file.
Deprecated: use LoadKey(). The custom serialization format has been deprecated. Use https://github.com/secure-systems-lab/securesystemslib/blob/main/docs/migrate_key.py to convert your key.
Source Files