Documentation
¶
Index ¶
- Constants
- Variables
- func WriteEd25519Signature(w io.Writer, origin string, keyId KeyId, signature *crypto.Signature) error
- type Checkpoint
- func (cp *Checkpoint) Cosign(signer crypto.Signer, timestamp uint64) (types.Cosignature, error)
- func (cp *Checkpoint) FromASCII(r io.Reader) error
- func (cp *Checkpoint) Parse(p *ascii.LineReader) error
- func (cp *Checkpoint) ToASCII(w io.Writer) error
- func (cp *Checkpoint) Verify(publicKey *crypto.PublicKey) error
- func (cp *Checkpoint) VerifyCosignature(publicKey *crypto.PublicKey, cosignature *types.Cosignature) bool
- func (cp *Checkpoint) VerifyCosignatureByKey(signatures []CosignatureLine, publicKey *crypto.PublicKey) (types.Cosignature, error)
- type CosignatureLine
- type KeyId
- func NewKeyId(keyName string, sigType SignatureType, publicKey *crypto.PublicKey) (res KeyId)
- func NewLogKeyId(keyName string, publicKey *crypto.PublicKey) (res KeyId)
- func NewWitnessKeyId(keyName string, publicKey *crypto.PublicKey) (res KeyId)
- func ParseEd25519SignatureLine(line, keyName string) (KeyId, crypto.Signature, error)
- type NoteVerifier
- type SignatureType
Constants ¶
const (
ContentTypeTlogSize = "text/x.tlog.size"
)
Variables ¶
var ErrUnwantedSignature = errors.New("unwanted signature")
Functions ¶
Types ¶
type Checkpoint ¶
type Checkpoint struct {
types.SignedTreeHead
Origin string // Checkpoint origin
KeyId KeyId // The key id associated with SignedTreeHead.Signature
}
Represents only the log's own signature on the checkpoint, i.e., a signature line where the key name equals the checkpoint origin.
func (*Checkpoint) Cosign ¶ added in v0.9.0
func (cp *Checkpoint) Cosign(signer crypto.Signer, timestamp uint64) (types.Cosignature, error)
func (*Checkpoint) Parse ¶ added in v0.10.0
func (cp *Checkpoint) Parse(p *ascii.LineReader) error
func (*Checkpoint) VerifyCosignature ¶ added in v0.9.0
func (cp *Checkpoint) VerifyCosignature(publicKey *crypto.PublicKey, cosignature *types.Cosignature) bool
func (*Checkpoint) VerifyCosignatureByKey ¶ added in v0.9.0
func (cp *Checkpoint) VerifyCosignatureByKey(signatures []CosignatureLine, publicKey *crypto.PublicKey) (types.Cosignature, error)
Returns a verified cosignature identified by public key. The key name on the signature line is ignored, except that it is used to construct the key id.
type CosignatureLine ¶ added in v0.9.0
type CosignatureLine struct {
KeyName string
KeyId KeyId
types.Cosignature
}
Represents a checkpoint cosignature line.
func CosignatureLinesFromASCII ¶ added in v0.9.0
func CosignatureLinesFromASCII(r io.Reader) ([]CosignatureLine, error)
type KeyId ¶
type KeyId [4]byte
func NewKeyId ¶ added in v0.10.0
func NewKeyId(keyName string, sigType SignatureType, publicKey *crypto.PublicKey) (res KeyId)
func NewWitnessKeyId ¶
func ParseEd25519SignatureLine ¶
Input is a single signature line, with no trailing newline character. If the line carries the right keyName and has a size consistent with an Ed25519 signature line, returns the keyId and signature. If line is syntactically valid but doesn't match these requirements, ErrUnwantedSignature is returned.
type NoteVerifier ¶ added in v0.10.0
type NoteVerifier struct {
Name string
KeyId KeyId
Type SignatureType
PublicKey crypto.PublicKey
}
func NewNoteVerifier ¶ added in v0.10.0
func NewNoteVerifier(keyName string, keyType SignatureType, publicKey *crypto.PublicKey) NoteVerifier
func (*NoteVerifier) FromString ¶ added in v0.10.0
func (nv *NoteVerifier) FromString(in string) error
A note verifier should be parsed as <name>+<hash>+<keydata> according to https://pkg.go.dev/golang.org/x/mod/sumdb/note. Note that this functions uses the hash as is as the KeyId, no checks that it is consistent with the key name and key data.
func (*NoteVerifier) String ¶ added in v0.10.0
func (nv *NoteVerifier) String() string
type SignatureType ¶ added in v0.10.0
type SignatureType byte
See https://github.com/C2SP/C2SP/blob/signed-note/v1.0.0-rc.1/signed-note.md
const ( SigTypeEd25519 SignatureType = 0x01 SigTypeCosignature SignatureType = 0x04 )
Source Files