...

Source file src/github.com/theupdateframework/go-tuf/pkg/keys/keys.go

Documentation: github.com/theupdateframework/go-tuf/pkg/keys

     1  package keys
     2  
     3  import (
     4  	"errors"
     5  	"fmt"
     6  	"sync"
     7  
     8  	"github.com/theupdateframework/go-tuf/data"
     9  )
    10  
    11  // MaxJSONKeySize defines the maximum length of a JSON payload.
    12  const MaxJSONKeySize = 512 * 1024 // 512Kb
    13  
    14  // SignerMap stores mapping between key type strings and signer constructors.
    15  var SignerMap sync.Map
    16  
    17  // Verifier stores mapping between key type strings and verifier constructors.
    18  var VerifierMap sync.Map
    19  
    20  var (
    21  	ErrInvalid    = errors.New("tuf: signature verification failed")
    22  	ErrInvalidKey = errors.New("invalid key")
    23  )
    24  
    25  // A Verifier verifies public key signatures.
    26  type Verifier interface {
    27  	// UnmarshalPublicKey takes key data to a working verifier implementation for the key type.
    28  	// This performs any validation over the data.PublicKey to ensure that the verifier is usable
    29  	// to verify signatures.
    30  	UnmarshalPublicKey(key *data.PublicKey) error
    31  
    32  	// MarshalPublicKey returns the data.PublicKey object associated with the verifier.
    33  	MarshalPublicKey() *data.PublicKey
    34  
    35  	// This is the public string used as a unique identifier for the verifier instance.
    36  	Public() string
    37  
    38  	// Verify takes a message and signature, all as byte slices,
    39  	// and determines whether the signature is valid for the given
    40  	// key and message.
    41  	Verify(msg, sig []byte) error
    42  }
    43  
    44  type Signer interface {
    45  	// MarshalPrivateKey returns the private key data.
    46  	MarshalPrivateKey() (*data.PrivateKey, error)
    47  
    48  	// UnmarshalPrivateKey takes private key data to a working Signer implementation for the key type.
    49  	UnmarshalPrivateKey(key *data.PrivateKey) error
    50  
    51  	// Returns the public data.PublicKey from the private key
    52  	PublicData() *data.PublicKey
    53  
    54  	// Sign returns the signature of the message.
    55  	// The signer is expected to do its own hashing, so the full message will be
    56  	// provided as the message to Sign with a zero opts.HashFunc().
    57  	SignMessage(message []byte) ([]byte, error)
    58  }
    59  
    60  func GetVerifier(key *data.PublicKey) (Verifier, error) {
    61  	st, ok := VerifierMap.Load(key.Type)
    62  	if !ok {
    63  		return nil, ErrInvalidKey
    64  	}
    65  	s := st.(func() Verifier)()
    66  	if err := s.UnmarshalPublicKey(key); err != nil {
    67  		return nil, fmt.Errorf("tuf: error unmarshalling key: %w", err)
    68  	}
    69  	return s, nil
    70  }
    71  
    72  func GetSigner(key *data.PrivateKey) (Signer, error) {
    73  	st, ok := SignerMap.Load(key.Type)
    74  	if !ok {
    75  		return nil, ErrInvalidKey
    76  	}
    77  	s := st.(func() Signer)()
    78  	if err := s.UnmarshalPrivateKey(key); err != nil {
    79  		return nil, fmt.Errorf("tuf: error unmarshalling key: %w", err)
    80  	}
    81  	return s, nil
    82  }
    83  

View as plain text