util

package
v0.10.0-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 29, 2022 License: Apache-2.0 Imports: 26 Imported by: 7

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckpointValidator added in v0.2.0

func CheckpointValidator(strToValidate string) bool

func FileOrURLReadCloser

func FileOrURLReadCloser(ctx context.Context, url string, content []byte) (io.ReadCloser, error)

FileOrURLReadCloser Note: caller is responsible for closing ReadCloser returned from method!

func PrefixSHA added in v0.6.0

func PrefixSHA(sha string) string

PrefixSHA sets the prefix of a sha hash to match how it is stored based on the length.

func PublicKey added in v0.2.0

func PublicKey(ctx context.Context, c *client.Rekor) (*ecdsa.PublicKey, error)

func SignedCheckpointValidator added in v0.2.0

func SignedCheckpointValidator(strToValidate string) bool

func SignedNoteValidator added in v0.3.0

func SignedNoteValidator(strToValidate string) bool

func SignedTimestampNoteValidator added in v0.4.0

func SignedTimestampNoteValidator(strToValidate string) bool

func TimestampNoteValidator added in v0.4.0

func TimestampNoteValidator(strToValidate string) bool

func ValidateSHA1Value added in v0.4.0

func ValidateSHA1Value(v string) error

func ValidateSHA256Value added in v0.4.0

func ValidateSHA256Value(v string) error

validateSHA256Value ensures that the supplied string matches the following format: [sha256:]<64 hexadecimal characters> where [sha256:] is optional

Types

type Checkpoint added in v0.2.0

type Checkpoint struct {
	// Origin is the unique identifier/version string
	Origin string
	// Size is the number of entries in the log at this checkpoint.
	Size uint64
	// Hash is the hash which commits to the contents of the entire log.
	Hash []byte
	// OtherContent is any additional data to be included in the signed payload; each element is assumed to be one line
	OtherContent []string
}

func (Checkpoint) MarshalCheckpoint added in v0.4.0

func (c Checkpoint) MarshalCheckpoint() ([]byte, error)

MarshalText returns the common format representation of this Checkpoint.

func (Checkpoint) String added in v0.2.0

func (c Checkpoint) String() string

String returns the String representation of the Checkpoint

func (*Checkpoint) UnmarshalCheckpoint added in v0.4.0

func (c *Checkpoint) UnmarshalCheckpoint(data []byte) error

UnmarshalText parses the common formatted checkpoint data and stores the result in the Checkpoint.

The supplied data is expected to begin with the following 3 lines of text, each followed by a newline: <ecosystem/version string> <decimal representation of log size> <base64 representation of root hash> <optional non-empty line of other content>... <optional non-empty line of other content>...

This will discard any content found after the checkpoint (including signatures)

type SignedCheckpoint added in v0.2.0

type SignedCheckpoint struct {
	Checkpoint
	SignedNote
}

func CreateSignedCheckpoint added in v0.3.0

func CreateSignedCheckpoint(c Checkpoint) (*SignedCheckpoint, error)

func (*SignedCheckpoint) GetTimestamp added in v0.3.0

func (r *SignedCheckpoint) GetTimestamp() uint64

func (*SignedCheckpoint) SetTimestamp added in v0.3.0

func (r *SignedCheckpoint) SetTimestamp(timestamp uint64)

func (*SignedCheckpoint) UnmarshalText added in v0.2.0

func (r *SignedCheckpoint) UnmarshalText(data []byte) error

type SignedNote added in v0.3.0

type SignedNote struct {
	// Textual representation of a note to sign.
	Note string
	// Signatures are one or more signature lines covering the payload
	Signatures []note.Signature
}

func (SignedNote) MarshalText added in v0.3.0

func (s SignedNote) MarshalText() ([]byte, error)

MarshalText returns the common format representation of this SignedNote.

func (*SignedNote) Sign added in v0.3.0

func (s *SignedNote) Sign(identity string, signer signature.Signer, opts signature.SignOption) (*note.Signature, error)

Sign adds a signature to a SignedCheckpoint object The signature is added to the signature array as well as being directly returned to the caller

func (SignedNote) String added in v0.3.0

func (s SignedNote) String() string

String returns the String representation of the SignedNote

func (*SignedNote) UnmarshalText added in v0.3.0

func (s *SignedNote) UnmarshalText(data []byte) error

UnmarshalText parses the common formatted signed note data and stores the result in the SignedNote. THIS DOES NOT VERIFY SIGNATURES INSIDE THE CONTENT!

The supplied data is expected to contain a single Note, followed by a single line with no comment, followed by one or more lines with the following format:

\u2014 name signature

  • name is the string associated with the signer
  • signature is a base64 encoded string; the first 4 bytes of the decoded value is a hint to the public key; it is a big-endian encoded uint32 representing the first 4 bytes of the SHA256 hash of the public key

func (SignedNote) Verify added in v0.3.0

func (s SignedNote) Verify(verifier signature.Verifier) bool

Verify checks that one of the signatures can be successfully verified using the supplied public key

type SignedTimestampNote added in v0.4.0

type SignedTimestampNote struct {
	TimestampNote
	SignedNote
}

func CreateSignedTimestampNote added in v0.4.0

func CreateSignedTimestampNote(t TimestampNote) (*SignedTimestampNote, error)

func (*SignedTimestampNote) UnmarshalText added in v0.4.0

func (r *SignedTimestampNote) UnmarshalText(data []byte) error

type TimestampNote added in v0.3.0

type TimestampNote struct {
	// Origin is the unique identifier/version string
	Origin string
	// MessageImprint is the hash of the message to timestamp, of the form sha256:<sha>
	MessageImprint string
	// Nonce is a short random  bytes to prove response freshness
	Nonce []byte
	// Time is the timestamp to imprint on the message
	Time time.Time
	// Radius is the time in microseconds used to indicate certainty
	Radius int64
	// CertChainRef is a reference URL to the valid timestamping cert chain used to sign the response
	CertChainRef *url.URL
	// OtherContent is any additional data to be included in the signed payload; each element is assumed to be one line
	OtherContent []string
}

func (TimestampNote) MarshalText added in v0.3.0

func (t TimestampNote) MarshalText() ([]byte, error)

MarshalText returns the common format representation of this TimestampNote.

func (TimestampNote) String added in v0.3.0

func (t TimestampNote) String() string

String returns the String representation of the TimestampNote

func (*TimestampNote) UnmarshalText added in v0.3.0

func (t *TimestampNote) UnmarshalText(data []byte) error

UnmarshalText parses the common formatted timestamp note data and stores the result in the TimestampNote.

The supplied data is expected to begin with the following 6 lines of text, each followed by a newline: <ecosystem/version string> <message hash of the format sha256:$SHA> <base64 representation of the nonce> <RFC 3339 representation of the time> <decimal representation of radius> <cert chain URI> <optional non-empty line of other content>... <optional non-empty line of other content>...

This will discard any content found after the checkpoint (including signatures)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL