Documentation ¶
Index ¶
- Variables
- type ErrFileNotFound
- type ErrInsufficientKeys
- type ErrInsufficientSignatures
- type ErrInvalidExpires
- type ErrInvalidRole
- type ErrKeyNotFound
- type ErrMissingMetadata
- type ErrNoDelegatedTarget
- type ErrNotEnoughKeys
- type ErrPassphraseRequired
- type LocalStore
- type PassphraseChanger
- type Repo
- func (r *Repo) AddDelegatedRole(delegator string, delegatedRole data.DelegatedRole, keys []*data.PublicKey) error
- func (r *Repo) AddDelegatedRoleWithExpires(delegator string, delegatedRole data.DelegatedRole, keys []*data.PublicKey, ...) error
- func (r *Repo) AddDelegatedRolesForPathHashBins(delegator string, bins *targets.HashBins, keys []*data.PublicKey, ...) error
- func (r *Repo) AddDelegatedRolesForPathHashBinsWithExpires(delegator string, bins *targets.HashBins, keys []*data.PublicKey, ...) error
- func (r *Repo) AddOrUpdateSignature(roleFilename string, signature data.Signature) error
- func (r *Repo) AddPrivateKey(role string, signer keys.Signer) error
- func (r *Repo) AddPrivateKeyWithExpires(keyRole string, signer keys.Signer, expires time.Time) error
- func (r *Repo) AddTarget(path string, custom json.RawMessage) error
- func (r *Repo) AddTargetToPreferredRole(path string, custom json.RawMessage, preferredRole string) error
- func (r *Repo) AddTargetWithExpires(path string, custom json.RawMessage, expires time.Time) error
- func (r *Repo) AddTargetWithExpiresToPreferredRole(path string, custom json.RawMessage, expires time.Time, preferredRole string) error
- func (r *Repo) AddTargets(paths []string, custom json.RawMessage) error
- func (r *Repo) AddTargetsToPreferredRole(paths []string, custom json.RawMessage, preferredRole string) error
- func (r *Repo) AddTargetsWithDigest(digest string, digestAlg string, length int64, path string, ...) error
- func (r *Repo) AddTargetsWithExpires(paths []string, custom json.RawMessage, expires time.Time) error
- func (r *Repo) AddTargetsWithExpiresToPreferredRole(paths []string, custom json.RawMessage, expires time.Time, ...) error
- func (r *Repo) AddVerificationKey(keyRole string, pk *data.PublicKey) error
- func (r *Repo) AddVerificationKeyWithExpiration(keyRole string, pk *data.PublicKey, expires time.Time) error
- func (r *Repo) ChangePassphrase(keyRole string) error
- func (r *Repo) Clean() error
- func (r *Repo) Commit() error
- func (r *Repo) GenKey(role string) ([]string, error)
- func (r *Repo) GenKeyWithExpires(keyRole string, expires time.Time) (keyids []string, err error)
- func (r *Repo) GetThreshold(keyRole string) (int, error)
- func (r *Repo) Init(consistentSnapshot bool) error
- func (r *Repo) RemoveTarget(path string) error
- func (r *Repo) RemoveTargetWithExpires(path string, expires time.Time) error
- func (r *Repo) RemoveTargets(paths []string) error
- func (r *Repo) RemoveTargetsWithExpires(paths []string, expires time.Time) error
- func (r *Repo) ResetTargetsDelegations(delegator string) error
- func (r *Repo) ResetTargetsDelegationsWithExpires(delegator string, expires time.Time) error
- func (r *Repo) RevokeKey(role, id string) error
- func (r *Repo) RevokeKeyWithExpires(keyRole, id string, expires time.Time) error
- func (r *Repo) RootKeys() ([]*data.PublicKey, error)
- func (r *Repo) RootVersion() (int64, error)
- func (r *Repo) SetSnapshotVersion(v int64) error
- func (r *Repo) SetTargetsVersion(v int64) error
- func (r *Repo) SetThreshold(keyRole string, t int) error
- func (r *Repo) SetTimestampVersion(v int64) error
- func (r *Repo) Sign(roleFilename string) error
- func (r *Repo) SignedMeta(roleFilename string) (*data.Signed, error)
- func (r *Repo) Snapshot() error
- func (r *Repo) SnapshotVersion() (int64, error)
- func (r *Repo) SnapshotWithExpires(expires time.Time) error
- func (r *Repo) Targets() (data.TargetFiles, error)
- func (r *Repo) TargetsVersion() (int64, error)
- func (r *Repo) Timestamp() error
- func (r *Repo) TimestampVersion() (int64, error)
- func (r *Repo) TimestampWithExpires(expires time.Time) error
- type TargetsWalkFunc
Constants ¶
This section is empty.
Variables ¶
Functions ¶
This section is empty.
Types ¶
type ErrFileNotFound ¶
type ErrFileNotFound struct {
Path string
}
func (ErrFileNotFound) Error ¶
func (e ErrFileNotFound) Error() string
type ErrInsufficientKeys ¶
type ErrInsufficientKeys struct {
Name string
}
func (ErrInsufficientKeys) Error ¶
func (e ErrInsufficientKeys) Error() string
type ErrInsufficientSignatures ¶
func (ErrInsufficientSignatures) Error ¶
func (e ErrInsufficientSignatures) Error() string
type ErrInvalidExpires ¶
func (ErrInvalidExpires) Error ¶
func (e ErrInvalidExpires) Error() string
type ErrInvalidRole ¶
func (ErrInvalidRole) Error ¶
func (e ErrInvalidRole) Error() string
type ErrKeyNotFound ¶
func (ErrKeyNotFound) Error ¶
func (e ErrKeyNotFound) Error() string
type ErrMissingMetadata ¶
type ErrMissingMetadata struct {
Name string
}
func (ErrMissingMetadata) Error ¶
func (e ErrMissingMetadata) Error() string
type ErrNoDelegatedTarget ¶ added in v0.3.0
type ErrNoDelegatedTarget struct {
Path string
}
func (ErrNoDelegatedTarget) Error ¶ added in v0.3.0
func (e ErrNoDelegatedTarget) Error() string
type ErrNotEnoughKeys ¶
func (ErrNotEnoughKeys) Error ¶
func (e ErrNotEnoughKeys) Error() string
type ErrPassphraseRequired ¶
type ErrPassphraseRequired struct {
Role string
}
func (ErrPassphraseRequired) Error ¶
func (e ErrPassphraseRequired) Error() string
type LocalStore ¶
type LocalStore interface { // GetMeta returns a map from metadata file names (e.g. root.json) to their raw JSON payload or an error. GetMeta() (map[string]json.RawMessage, error) // SetMeta is used to update a metadata file name with a JSON payload. SetMeta(name string, meta json.RawMessage) error // WalkStagedTargets calls targetsFn for each staged target file in paths. // If paths is empty, all staged target files will be walked. WalkStagedTargets(paths []string, targetsFn TargetsWalkFunc) error // FileIsStaged determines if a metadata file is currently staged, to avoid incrementing // version numbers repeatedly while staged. FileIsStaged(filename string) bool // Commit is used to publish staged files to the repository // // This will also reset the staged meta to signal incrementing version numbers. // TUF 1.0 requires that the root metadata version numbers in the repository does not // gaps. To avoid this, we will only increment the number once until we commit. Commit(bool, map[string]int64, map[string]data.Hashes) error // GetSigners return a list of signers for a role. // This may include revoked keys, so the signers should not // be used without filtering. GetSigners(role string) ([]keys.Signer, error) // SaveSigner adds a signer to a role. SaveSigner(role string, signer keys.Signer) error // SignersForRole return a list of signing keys for a role. SignersForKeyIDs(keyIDs []string) []keys.Signer // Clean is used to remove all staged manifests. Clean() error }
func FileSystemStore ¶
func FileSystemStore(dir string, p util.PassphraseFunc) LocalStore
func MemoryStore ¶
func MemoryStore(meta map[string]json.RawMessage, files map[string][]byte) LocalStore
type PassphraseChanger ¶
type Repo ¶
type Repo struct {
// contains filtered or unexported fields
}
func NewRepoIndent ¶
func (*Repo) AddDelegatedRole ¶ added in v0.3.0
func (r *Repo) AddDelegatedRole(delegator string, delegatedRole data.DelegatedRole, keys []*data.PublicKey) error
AddDelegatedRole is equivalent to AddDelegatedRoleWithExpires, but with a default expiration time.
func (*Repo) AddDelegatedRoleWithExpires ¶ added in v0.3.0
func (r *Repo) AddDelegatedRoleWithExpires(delegator string, delegatedRole data.DelegatedRole, keys []*data.PublicKey, expires time.Time) error
AddDelegatedRoleWithExpires adds a delegation from the delegator to the role specified in the role argument. Key IDs referenced in role.KeyIDs should have corresponding Key entries in the keys argument. New metadata is written with the given expiration time.
func (*Repo) AddDelegatedRolesForPathHashBins ¶ added in v0.3.0
func (r *Repo) AddDelegatedRolesForPathHashBins(delegator string, bins *targets.HashBins, keys []*data.PublicKey, threshold int) error
AddDelegatedRolesForPathHashBins is equivalent to AddDelegatedRolesForPathHashBinsWithExpires, but with a default expiration time.
func (*Repo) AddDelegatedRolesForPathHashBinsWithExpires ¶ added in v0.3.0
func (r *Repo) AddDelegatedRolesForPathHashBinsWithExpires(delegator string, bins *targets.HashBins, keys []*data.PublicKey, threshold int, expires time.Time) error
AddDelegatedRolesForPathHashBinsWithExpires adds delegations to the delegator role for the given hash bins configuration. New metadata is written with the given expiration time.
func (*Repo) AddOrUpdateSignature ¶
AddOrUpdateSignature allows users to add or update a signature generated with an external tool. The name must be a valid metadata file name, like root.json.
func (*Repo) AddPrivateKeyWithExpires ¶
func (*Repo) AddTargetToPreferredRole ¶ added in v0.3.0
func (*Repo) AddTargetWithExpires ¶
func (*Repo) AddTargetWithExpiresToPreferredRole ¶ added in v0.3.0
func (*Repo) AddTargets ¶
func (r *Repo) AddTargets(paths []string, custom json.RawMessage) error
func (*Repo) AddTargetsToPreferredRole ¶ added in v0.3.0
func (*Repo) AddTargetsWithDigest ¶
func (*Repo) AddTargetsWithExpires ¶
func (*Repo) AddTargetsWithExpiresToPreferredRole ¶ added in v0.3.0
func (r *Repo) AddTargetsWithExpiresToPreferredRole(paths []string, custom json.RawMessage, expires time.Time, preferredRole string) error
AddTargetsWithExpiresToPreferredRole signs the staged targets at `paths`.
If preferredRole is not the empty string, the target is added to the given role's manifest if delegations allow it. If delegations do not allow the preferredRole to sign the given path, an error is returned.
func (*Repo) AddVerificationKey ¶
func (*Repo) AddVerificationKeyWithExpiration ¶
func (*Repo) ChangePassphrase ¶
func (*Repo) GenKeyWithExpires ¶
func (*Repo) RemoveTarget ¶
func (*Repo) RemoveTargetWithExpires ¶
func (*Repo) RemoveTargets ¶
func (*Repo) RemoveTargetsWithExpires ¶
If paths is empty, all targets will be removed.
func (*Repo) ResetTargetsDelegations ¶ added in v0.3.0
ResetTargetsDelegation is equivalent to ResetTargetsDelegationsWithExpires with a default expiry time.
func (*Repo) ResetTargetsDelegationsWithExpires ¶ added in v0.3.0
ResetTargetsDelegationsWithExpires removes all targets delegations from the given delegator role. New metadata is written with the given expiration time.
func (*Repo) RevokeKeyWithExpires ¶
func (*Repo) RootVersion ¶
func (*Repo) SetSnapshotVersion ¶
func (*Repo) SetTargetsVersion ¶
func (*Repo) SetTimestampVersion ¶
func (*Repo) SignedMeta ¶
Used to retrieve the signable portion of the metadata when using an external signing tool.
func (*Repo) SnapshotVersion ¶
func (*Repo) TargetsVersion ¶
func (*Repo) TimestampVersion ¶
type TargetsWalkFunc ¶
TargetsWalkFunc is a function of a target path name and a target payload used to execute some function on each staged target file. For example, it may normalize path names and generate target file metadata with additional custom metadata.
Directories ¶
Path | Synopsis |
---|---|
cmd
|
|
Package encrypted provides a simple, secure system for encrypting data symmetrically with a passphrase.
|
Package encrypted provides a simple, secure system for encrypting data symmetrically with a passphrase. |
internal
|
|
pkg
|
|