verify

package

v1.3.4 Latest Latest Go to latest Published: Dec 3, 2023 License: Apache-2.0 Imports: 16 Imported by: 8

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/sigstore/rekor

Links

Open Source Insights

Documentation ¶

Index ¶

func ProveConsistency(ctx context.Context, rClient *client.Rekor, oldSTH *util.SignedCheckpoint, ...) error
func VerifyCheckpointSignature(e *models.LogEntryAnon, verifier signature.Verifier) error
func VerifyCurrentCheckpoint(ctx context.Context, rClient *client.Rekor, verifier signature.Verifier, ...) (*util.SignedCheckpoint, error)
func VerifyInclusion(ctx context.Context, e *models.LogEntryAnon) error
func VerifyLogEntry(ctx context.Context, e *models.LogEntryAnon, verifier signature.Verifier) error
func VerifySignedEntryTimestamp(ctx context.Context, e *models.LogEntryAnon, verifier signature.Verifier) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ProveConsistency ¶

func ProveConsistency(ctx context.Context, rClient *client.Rekor,
	oldSTH *util.SignedCheckpoint, newSTH *util.SignedCheckpoint, treeID string) error

ProveConsistency verifies consistency between an initial, trusted STH and a second new STH. Callers MUST verify signature on the STHs'.

func VerifyCheckpointSignature ¶

func VerifyCheckpointSignature(e *models.LogEntryAnon, verifier signature.Verifier) error

VerifyCheckpointSignature verifies the signature on a checkpoint (signed tree head). It does not verify consistency against other checkpoints. nolint

func VerifyCurrentCheckpoint ¶

func VerifyCurrentCheckpoint(ctx context.Context, rClient *client.Rekor, verifier signature.Verifier,
	oldSTH *util.SignedCheckpoint) (*util.SignedCheckpoint, error)

VerifyCurrentCheckpoint verifies the provided checkpoint by verifying consistency against a newly fetched Checkpoint. nolint

func VerifyInclusion ¶

func VerifyInclusion(ctx context.Context, e *models.LogEntryAnon) error

VerifyInclusion verifies an entry's inclusion proof. Clients MUST either verify the root hash against a new STH (via VerifyCurrentCheckpoint) or against a trusted, existing STH (via ProveConsistency). nolint

func VerifyLogEntry ¶

func VerifyLogEntry(ctx context.Context, e *models.LogEntryAnon, verifier signature.Verifier) error

VerifyLogEntry performs verification of a LogEntry given a Rekor verifier. Performs inclusion proof verification up to a verified root hash, SignedEntryTimestamp verification, and checkpoint verification. nolint

func VerifySignedEntryTimestamp ¶

func VerifySignedEntryTimestamp(ctx context.Context, e *models.LogEntryAnon, verifier signature.Verifier) error

VerifySignedEntryTimestamp verifies the entry's SET against the provided public key. nolint

Types ¶

This section is empty.

Source Files ¶

View all Source files

verify.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL