func Verify(r io.Reader, keyring openpgp.EntityList, skipDigest bool) (map[string]*pgptools.PgpSignature, error)
Extract and verify signatures from a Debian package. A keyring of known PGP certificates must be provided to validate the signatures; if the needed key is missing then an ErrNoKey value is returned.
type DebSignature struct {
Info PackageInfo
CreationTime time.Time
PatchSet *binpatch.PatchSet
}
func Sign(r io.Reader, signer *openpgp.Entity, opts crypto.SignerOpts, role string) (*DebSignature, error)
Sign a .deb file with the given PGP key. A role name is needed for the signature, e.g. "builder". Returns a structure holding a PatchSet that can be applied to the original file to add or replace the signature.
type PackageInfo struct {
Package, Version, Arch string
}