...

Package signerverifier

import "github.com/secure-systems-lab/go-securesystemslib/signerverifier"
Overview
Index

Overview ▾

Index ▾

Constants
Variables
type ECDSASignerVerifier
    func NewECDSASignerVerifierFromSSLibKey(key *SSLibKey) (*ECDSASignerVerifier, error)
    func (sv *ECDSASignerVerifier) KeyID() (string, error)
    func (sv *ECDSASignerVerifier) Public() crypto.PublicKey
    func (sv *ECDSASignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)
    func (sv *ECDSASignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error
type ED25519SignerVerifier
    func NewED25519SignerVerifierFromSSLibKey(key *SSLibKey) (*ED25519SignerVerifier, error)
    func (sv *ED25519SignerVerifier) KeyID() (string, error)
    func (sv *ED25519SignerVerifier) Public() crypto.PublicKey
    func (sv *ED25519SignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)
    func (sv *ED25519SignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error
type KeyVal
type RSAPSSSignerVerifier
    func NewRSAPSSSignerVerifierFromSSLibKey(key *SSLibKey) (*RSAPSSSignerVerifier, error)
    func (sv *RSAPSSSignerVerifier) KeyID() (string, error)
    func (sv *RSAPSSSignerVerifier) Public() crypto.PublicKey
    func (sv *RSAPSSSignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)
    func (sv *RSAPSSSignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error
type SSLibKey
    func LoadECDSAKeyFromFile(path string) (*SSLibKey, error)
    func LoadED25519KeyFromFile(path string) (*SSLibKey, error)
    func LoadKeyFromSSLibBytes(contents []byte) (*SSLibKey, error)
    func LoadRSAPSSKeyFromBytes(contents []byte) (*SSLibKey, error)
    func LoadRSAPSSKeyFromFile(path string) (*SSLibKey, error)

Package files

ecdsa.go ed25519.go rsa.go signerverifier.go utils.go

Constants

const (
    RSAKeyType       = "rsa"
    RSAKeyScheme     = "rsassa-pss-sha256"
    RSAPrivateKeyPEM = "RSA PRIVATE KEY"
)
const (
    PublicKeyPEM  = "PUBLIC KEY"
    PrivateKeyPEM = "PRIVATE KEY"
)
const ECDSAKeyType = "ecdsa"
const ED25519KeyType = "ed25519"

Variables

var (
    ErrNotPrivateKey               = errors.New("loaded key is not a private key")
    ErrSignatureVerificationFailed = errors.New("failed to verify signature")
    ErrUnknownKeyType              = errors.New("unknown key type")
    ErrInvalidThreshold            = errors.New("threshold is either less than 1 or greater than number of provided public keys")
    ErrInvalidKey                  = errors.New("key object has no value")
)
var (
    // ErrNoPEMBlock gets triggered when there is no PEM block in the provided file
    ErrNoPEMBlock = errors.New("failed to decode the data as PEM block (are you sure this is a pem file?)")
    // ErrFailedPEMParsing gets returned when PKCS1, PKCS8 or PKIX key parsing fails
    ErrFailedPEMParsing = errors.New("failed parsing the PEM block: unsupported PEM type")
)
var KeyIDHashAlgorithms = []string{"sha256", "sha512"}

type ECDSASignerVerifier

ECDSASignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using ECDSA keys. 

type ECDSASignerVerifier struct {
    // contains filtered or unexported fields
}

func NewECDSASignerVerifierFromSSLibKey 

func NewECDSASignerVerifierFromSSLibKey(key *SSLibKey) (*ECDSASignerVerifier, error)

NewECDSASignerVerifierFromSSLibKey creates an ECDSASignerVerifier from an SSLibKey.

func (*ECDSASignerVerifier) KeyID 

func (sv *ECDSASignerVerifier) KeyID() (string, error)

KeyID returns the identifier of the key used to create the ECDSASignerVerifier instance.

func (*ECDSASignerVerifier) Public 

func (sv *ECDSASignerVerifier) Public() crypto.PublicKey

Public returns the public portion of the key used to create the ECDSASignerVerifier instance.

func (*ECDSASignerVerifier) Sign 

func (sv *ECDSASignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)

Sign creates a signature for `data`.

func (*ECDSASignerVerifier) Verify 

func (sv *ECDSASignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error

Verify verifies the `sig` value passed in against `data`.

type ED25519SignerVerifier

ED25519SignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using ED25519 keys. 

type ED25519SignerVerifier struct {
    // contains filtered or unexported fields
}

func NewED25519SignerVerifierFromSSLibKey 

func NewED25519SignerVerifierFromSSLibKey(key *SSLibKey) (*ED25519SignerVerifier, error)

NewED25519SignerVerifierFromSSLibKey creates an Ed25519SignerVerifier from an SSLibKey.

func (*ED25519SignerVerifier) KeyID 

func (sv *ED25519SignerVerifier) KeyID() (string, error)

KeyID returns the identifier of the key used to create the ED25519SignerVerifier instance.

func (*ED25519SignerVerifier) Public 

func (sv *ED25519SignerVerifier) Public() crypto.PublicKey

Public returns the public portion of the key used to create the ED25519SignerVerifier instance.

func (*ED25519SignerVerifier) Sign 

func (sv *ED25519SignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)

Sign creates a signature for `data`.

func (*ED25519SignerVerifier) Verify 

func (sv *ED25519SignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error

Verify verifies the `sig` value passed in against `data`.

type KeyVal 

type KeyVal struct {
    Private     string `json:"private,omitempty"`
    Public      string `json:"public,omitempty"`
    Certificate string `json:"certificate,omitempty"`
    Identity    string `json:"identity,omitempty"`
    Issuer      string `json:"issuer,omitempty"`
}

type RSAPSSSignerVerifier

RSAPSSSignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using RSA keys following the RSA-PSS scheme. 

type RSAPSSSignerVerifier struct {
    // contains filtered or unexported fields
}

func NewRSAPSSSignerVerifierFromSSLibKey 

func NewRSAPSSSignerVerifierFromSSLibKey(key *SSLibKey) (*RSAPSSSignerVerifier, error)

NewRSAPSSSignerVerifierFromSSLibKey creates an RSAPSSSignerVerifier from an SSLibKey.

func (*RSAPSSSignerVerifier) KeyID 

func (sv *RSAPSSSignerVerifier) KeyID() (string, error)

KeyID returns the identifier of the key used to create the RSAPSSSignerVerifier instance.

func (*RSAPSSSignerVerifier) Public 

func (sv *RSAPSSSignerVerifier) Public() crypto.PublicKey

Public returns the public portion of the key used to create the RSAPSSSignerVerifier instance.

func (*RSAPSSSignerVerifier) Sign 

func (sv *RSAPSSSignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)

Sign creates a signature for `data`.

func (*RSAPSSSignerVerifier) Verify 

func (sv *RSAPSSSignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error

Verify verifies the `sig` value passed in against `data`.

type SSLibKey 

type SSLibKey struct {
    KeyIDHashAlgorithms []string `json:"keyid_hash_algorithms"`
    KeyType             string   `json:"keytype"`
    KeyVal              KeyVal   `json:"keyval"`
    Scheme              string   `json:"scheme"`
    KeyID               string   `json:"keyid"`
}

func LoadECDSAKeyFromFile 

func LoadECDSAKeyFromFile(path string) (*SSLibKey, error)

LoadECDSAKeyFromFile returns an SSLibKey instance for an ECDSA key stored in a file in the custom securesystemslib format.

func LoadED25519KeyFromFile 

func LoadED25519KeyFromFile(path string) (*SSLibKey, error)

LoadED25519KeyFromFile returns an SSLibKey instance for an ED25519 key stored in a file in the custom securesystemslib format.

func LoadKeyFromSSLibBytes 

func LoadKeyFromSSLibBytes(contents []byte) (*SSLibKey, error)

LoadKeyFromSSLibBytes returns a pointer to a Key instance created from the contents of the bytes. The key contents are expected to be in the custom securesystemslib format.

func LoadRSAPSSKeyFromBytes 

func LoadRSAPSSKeyFromBytes(contents []byte) (*SSLibKey, error)

func LoadRSAPSSKeyFromFile 

func LoadRSAPSSKeyFromFile(path string) (*SSLibKey, error)

LoadRSAPSSKeyFromFile returns an SSLibKey instance for an RSA key stored in a file.