Documentation
¶
Overview ¶
Package jsonsign implements Perkeep's cryptographic signing and verification of JSON blobs.
Index ¶
- func ArmoredPublicKey(entity *openpgp.Entity) (string, error)
- func EntityFromSecring(keyID, keyFile string) (*openpgp.Entity, error)
- func GenerateNewSecRing(secRing string) (keyID string, err error)
- func KeyIdFromRing(secRing string) (keyID string, err error)
- func NewEntity() (*openpgp.Entity, error)
- func ParseArmoredPublicKey(r io.Reader) (shortKeyId, armoredKey string, err error)
- func VerifyPublicKeyFile(file, keyid string) (bool, error)
- func WriteKeyRing(w io.Writer, el openpgp.EntityList) error
- type CachingEntityFetcher
- type EntityFetcher
- type FileEntityFetcher
- type SignRequest
- type VerifiedSignature
- type VerifyRequest
- func (vr *VerifyRequest) FindAndParsePublicKeyBlob(ctx context.Context) error
- func (vr *VerifyRequest) ParsePayloadMap() bool
- func (vr *VerifyRequest) ParseSigMap() bool
- func (vr *VerifyRequest) Verify(ctx context.Context) (info VerifiedSignature, err error)
- func (vr *VerifyRequest) VerifySignature() bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EntityFromSecring ¶
EntityFromSecring returns the openpgp Entity from keyFile that matches keyID. If empty, keyFile defaults to osutil.SecretRingFile().
func GenerateNewSecRing ¶
GenerateNewSecRing creates a new secret ring file secRing, with a new GPG identity. It returns the public keyID of that identity. It returns an error if the file already exists.
func KeyIdFromRing ¶
KeyIdFromRing returns the public keyID contained in the secret ring file secRing. It expects only one keyID in this secret ring and returns an error otherwise.
func ParseArmoredPublicKey ¶
ParseArmoredPublicKey tries to parse an armored public key from r, taking care to bound the amount it reads. The returned shortKeyId is 8 capital hex digits. The returned armoredKey is a copy of the contents read.
func VerifyPublicKeyFile ¶
func WriteKeyRing ¶
func WriteKeyRing(w io.Writer, el openpgp.EntityList) error
Types ¶
type CachingEntityFetcher ¶
type CachingEntityFetcher struct { Fetcher EntityFetcher // contains filtered or unexported fields }
func (*CachingEntityFetcher) FetchEntity ¶
func (ce *CachingEntityFetcher) FetchEntity(keyID string) (*openpgp.Entity, error)
type EntityFetcher ¶
type FileEntityFetcher ¶
type FileEntityFetcher struct {
File string
}
func FlagEntityFetcher ¶
func FlagEntityFetcher() *FileEntityFetcher
func (*FileEntityFetcher) FetchEntity ¶
func (fe *FileEntityFetcher) FetchEntity(keyID string) (*openpgp.Entity, error)
type SignRequest ¶
type SignRequest struct { UnsignedJSON string Fetcher blob.Fetcher ServerMode bool // if true, can't use pinentry or gpg-agent, etc. // Optional signature time. If zero, time.Now() is used. SignatureTime time.Time // Optional function to return an entity (including decrypting // the PrivateKey, if necessary) EntityFetcher EntityFetcher // SecretKeyringPath is only used if EntityFetcher is nil, // in which case SecretKeyringPath is used if non-empty. // As a final resort, we default to osutil.SecretRingFile(). SecretKeyringPath string }
type VerifiedSignature ¶
type VerifiedSignature struct { }
type VerifyRequest ¶
type VerifyRequest struct { CamliSigner blob.Ref CamliSig string PublicKeyPacket *packet.PublicKey // set if Verify() returns true: PayloadMap map[string]interface{} // The JSON values from BPJ SignerKeyId string // e.g. "2931A67C26F5ABDA" Err error // last error encountered // contains filtered or unexported fields }
See doc/json-signing/* for background and details on these variable names.
func NewVerificationRequest ¶
func NewVerificationRequest(sjson string, fetcher blob.Fetcher) (vr *VerifyRequest)
func (*VerifyRequest) FindAndParsePublicKeyBlob ¶
func (vr *VerifyRequest) FindAndParsePublicKeyBlob(ctx context.Context) error
func (*VerifyRequest) ParsePayloadMap ¶
func (vr *VerifyRequest) ParsePayloadMap() bool
func (*VerifyRequest) ParseSigMap ¶
func (vr *VerifyRequest) ParseSigMap() bool
func (*VerifyRequest) Verify ¶
func (vr *VerifyRequest) Verify(ctx context.Context) (info VerifiedSignature, err error)
func (*VerifyRequest) VerifySignature ¶
func (vr *VerifyRequest) VerifySignature() bool
Directories
¶
Path | Synopsis |
---|---|
Package signhandler implements the HTTP interface to signing and verifying Perkeep JSON blobs.
|
Package signhandler implements the HTTP interface to signing and verifying Perkeep JSON blobs. |