filesig

package
v0.3.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 19, 2023 License: GPL-3.0 Imports: 19 Imported by: 6

Documentation

Index

Constants

View Source 
const (
	JSONKeyPrefix    = "_jess-"
	JSONChecksumKey  = JSONKeyPrefix + "checksum"
	JSONSignatureKey = JSONKeyPrefix + "signature"
)

JSON file metadata keys.

View Source 
const (
	TextKeyPrefix    = "jess-"
	TextChecksumKey  = TextKeyPrefix + "checksum"
	TextSignatureKey = TextKeyPrefix + "signature"
)

Text file metadata keys.

View Source 
const Extension = ".sig"

Extension holds the default file extension to be used for signature files.

Variables

View Source 
var (
	ErrChecksumMissing  = errors.New("no checksum found")
	ErrChecksumFailed   = errors.New("checksum does not match")
	ErrSignatureMissing = errors.New("signature not found")
	ErrSignatureFailed  = errors.New("signature does not match")
)

Text Operation Errors.

Functions

func AddJSONChecksum added in v0.3.2 

func AddJSONChecksum(data []byte) ([]byte, error)

AddJSONChecksum adds a checksum to a text file.

func AddTextFileChecksum added in v0.3.2 

func AddTextFileChecksum(data []byte, commentSign string, placement TextPlacement) ([]byte, error)

AddTextFileChecksum adds a checksum to a text file.

func AddToSigFile 

func AddToSigFile(signature *jess.Letter, sigFileData []byte, removeExistingJessSignatures bool) (newFileData []byte, err error)

AddToSigFile adds the given signature to the signature file.

func AddYAMLChecksum added in v0.3.2 

func AddYAMLChecksum(data []byte, placement TextPlacement) ([]byte, error)

AddYAMLChecksum adds a checksum to a yaml file.

func MakeSigFileSection 

func MakeSigFileSection(signature *jess.Letter) ([]byte, error)

MakeSigFileSection creates a new section for a signature file.

func ParseSigFile 

func ParseSigFile(fileData []byte) (signatures []*jess.Letter, err error)

ParseSigFile parses a signature file and extracts any jess signatures from it. If signatures are returned along with an error, the error should be treated as a warning, but the result should also not be treated as a full success, as there might be missing signatures.

func VerifyJSONChecksum added in v0.3.2 

func VerifyJSONChecksum(data []byte) error

VerifyJSONChecksum checks a checksum in a text file.

func VerifyTextFileChecksum added in v0.3.2 

func VerifyTextFileChecksum(data []byte, commentSign string) error

VerifyTextFileChecksum checks a checksum in a text file.

func VerifyYAMLChecksum added in v0.3.2 

func VerifyYAMLChecksum(data []byte) error

VerifyYAMLChecksum checks a checksum in a yaml file.

Types

type FileData 

type FileData struct {
	LabeledHash []byte

	SignedAt time.Time
	MetaData map[string]string
	// contains filtered or unexported fields
}

FileData describes a file that is signed.

func SignFile 

func SignFile(dataFilePath, signatureFilePath string, metaData map[string]string, envelope *jess.Envelope, trustStore jess.TrustStore) (fileData *FileData, err error)

SignFile signs a file and replaces the signature file with a new one. If the dataFilePath is "-", the file data is read from stdin. Existing jess signatures in the signature file are removed.

func SignFileData 

func SignFileData(fileHash *lhash.LabeledHash, metaData map[string]string, envelope *jess.Envelope, trustStore jess.TrustStore) (letter *jess.Letter, fd *FileData, err error)

SignFileData signs the given file checksum and metadata.

func VerifyFile 

func VerifyFile(dataFilePath, signatureFilePath string, metaData map[string]string, trustStore jess.TrustStore) (verifiedFileData []*FileData, err error)

VerifyFile verifies the given files and returns the verified file data. If the dataFilePath is "-", the file data is read from stdin. If an error is returned, there was an error in at least some part of the process. Any returned file data struct must be checked for an verification error.

func VerifyFileData 

func VerifyFileData(letter *jess.Letter, requiredMetaData map[string]string, trustStore jess.TrustStore) (fd *FileData, err error)

VerifyFileData verifies the given signed file data and returns the file data. If an error is returned, there was an error in at least some part of the process. Any returned file data struct must be checked for an verification error.

func (*FileData) FileHash 

func (fd *FileData) FileHash() *lhash.LabeledHash

FileHash returns the labeled hash of the file that was signed.

func (*FileData) Signature 

func (fd *FileData) Signature() *jess.Letter

Signature returns the signature, if present.

func (*FileData) VerificationError 

func (fd *FileData) VerificationError() error

VerificationError returns the error encountered during verification.

type TextPlacement added in v0.3.2 

type TextPlacement string

TextPlacement signifies where jess metadata is put in text files. 

const (
	// TextPlacementTop places the metadata at end of file.
	TextPlacementTop TextPlacement = "top"
	// TextPlacementBottom places the metadata at end of file.
	TextPlacementBottom TextPlacement = "bottom"
	// TextPlacementAfterComment places the metadata at end of the top comment
	// block, or at the top, if the first line is not a comment.
	TextPlacementAfterComment TextPlacement = "after-comment"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.