Versions in this module Expand all Collapse all v1 v1.3.4 Dec 27, 2021 v1.3.3 Dec 27, 2021 Changes in this version + const Attestation + const AttestationTagSuffix + const BundleKey + const PrivakeKeyPemType + const SBOM + const SBOMTagSuffix + const Signature + const SignatureTagSuffix + func FindTLogEntriesByPayload(ctx context.Context, rekorClient *client.Rekor, payload []byte) (uuids []string, err error) + func FindTlogEntry(ctx context.Context, rekorClient *client.Rekor, b64Sig string, ...) (uuid string, index int64, err error) + func GeneratePrivateKey() (*ecdsa.PrivateKey, error) + func GetRekorPub(ctx context.Context) ([]byte, error) + func GetTlogEntry(ctx context.Context, rekorClient *client.Rekor, uuid string) (*models.LogEntryAnon, error) + func IntotoSubjectClaimVerifier(sig oci.Signature, imageDigest v1.Hash, _ map[string]interface{}) error + func LoadECDSAPrivateKey(key []byte, pass []byte) (*signature.ECDSASignerVerifier, error) + func PemToECDSAKey(pemBytes []byte) (*ecdsa.PublicKey, error) + func SimpleClaimVerifier(sig oci.Signature, imageDigest v1.Hash, annotations map[string]interface{}) error + func TLogUpload(ctx context.Context, rekorClient *client.Rekor, signature, payload []byte, ...) (*models.LogEntryAnon, error) + func TLogUploadInTotoAttestation(ctx context.Context, rekorClient *client.Rekor, signature, pemBytes []byte) (*models.LogEntryAnon, error) + func TrustedCert(cert *x509.Certificate, roots *x509.CertPool) error + func VerifyBundle(ctx context.Context, sig oci.Signature) (bool, error) + func VerifyImageAttestations(ctx context.Context, signedImgRef name.Reference, co *CheckOpts) (checkedAttestations []oci.Signature, bundleVerified bool, err error) + func VerifyImageSignatures(ctx context.Context, signedImgRef name.Reference, co *CheckOpts) (checkedSignatures []oci.Signature, bundleVerified bool, err error) + func VerifyLocalImageAttestations(ctx context.Context, path string, co *CheckOpts) (checkedAttestations []oci.Signature, bundleVerified bool, err error) + func VerifyLocalImageSignatures(ctx context.Context, path string, co *CheckOpts) (checkedSignatures []oci.Signature, bundleVerified bool, err error) + func VerifySET(bundlePayload oci.BundlePayload, signature []byte, pub *ecdsa.PublicKey) error + type AttestationPayload struct + PayLoad string + PayloadType string + Signatures []Signatures + func FetchAttestationsForReference(ctx context.Context, ref name.Reference, opts ...ociremote.Option) ([]AttestationPayload, error) + type CheckOpts struct + Annotations map[string]interface{} + CertEmail string + ClaimVerifier func(sig oci.Signature, imageDigest v1.Hash, annotations map[string]interface{}) error + PKOpts []signature.PublicKeyOption + RegistryClientOpts []ociremote.Option + RekorClient *client.Rekor + RootCerts *x509.CertPool + SigVerifier signature.Verifier + SignatureRef string + type Keys struct + PrivateBytes []byte + PublicBytes []byte + func GenerateKeyPair(pf PassFunc) (*Keys, error) + func (k *Keys) Password() []byte + type PassFunc func(bool) ([]byte, error) + type Signatures struct + KeyID string + Sig string + type SignedPayload struct + Base64Signature string + Bundle *oci.Bundle + Cert *x509.Certificate + Chain []*x509.Certificate + Payload []byte + func FetchSignaturesForReference(ctx context.Context, ref name.Reference, opts ...ociremote.Option) ([]SignedPayload, error)
Go to main page