signerverifier

package

v0.8.0 Latest Latest Go to latest Published: Dec 19, 2023 License: MIT Imports: 19 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/secure-systems-lab/go-securesystemslib

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type ECDSASignerVerifier
- func NewECDSASignerVerifierFromSSLibKey(key *SSLibKey) (*ECDSASignerVerifier, error)
type ED25519SignerVerifier
- func NewED25519SignerVerifierFromSSLibKey(key *SSLibKey) (*ED25519SignerVerifier, error)
type KeyVal
type RSAPSSSignerVerifier
- func NewRSAPSSSignerVerifierFromSSLibKey(key *SSLibKey) (*RSAPSSSignerVerifier, error)
type SSLibKey

Constants ¶

View Source

const (
	RSAKeyType       = "rsa"
	RSAKeyScheme     = "rsassa-pss-sha256"
	RSAPrivateKeyPEM = "RSA PRIVATE KEY"
)

View Source

const (
	PublicKeyPEM  = "PUBLIC KEY"
	PrivateKeyPEM = "PRIVATE KEY"
)

View Source

const ECDSAKeyType = "ecdsa"

View Source

const ED25519KeyType = "ed25519"

Variables ¶

View Source

var (
	ErrNotPrivateKey               = errors.New("loaded key is not a private key")
	ErrSignatureVerificationFailed = errors.New("failed to verify signature")
	ErrUnknownKeyType              = errors.New("unknown key type")
	ErrInvalidThreshold            = errors.New("threshold is either less than 1 or greater than number of provided public keys")
	ErrInvalidKey                  = errors.New("key object has no value")
)

View Source

var (
	// ErrNoPEMBlock gets triggered when there is no PEM block in the provided file
	ErrNoPEMBlock = errors.New("failed to decode the data as PEM block (are you sure this is a pem file?)")
	// ErrFailedPEMParsing gets returned when PKCS1, PKCS8 or PKIX key parsing fails
	ErrFailedPEMParsing = errors.New("failed parsing the PEM block: unsupported PEM type")
)

View Source

var KeyIDHashAlgorithms = []string{"sha256", "sha512"}

Functions ¶

This section is empty.

Types ¶

type ECDSASignerVerifier ¶

type ECDSASignerVerifier struct {
	// contains filtered or unexported fields
}

ECDSASignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using ECDSA keys.

func NewECDSASignerVerifierFromSSLibKey ¶

func NewECDSASignerVerifierFromSSLibKey(key *SSLibKey) (*ECDSASignerVerifier, error)

NewECDSASignerVerifierFromSSLibKey creates an ECDSASignerVerifier from an SSLibKey.

func (*ECDSASignerVerifier) KeyID ¶

func (sv *ECDSASignerVerifier) KeyID() (string, error)

KeyID returns the identifier of the key used to create the ECDSASignerVerifier instance.

func (*ECDSASignerVerifier) Public ¶

func (sv *ECDSASignerVerifier) Public() crypto.PublicKey

Public returns the public portion of the key used to create the ECDSASignerVerifier instance.

func (*ECDSASignerVerifier) Sign ¶

func (sv *ECDSASignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)

Sign creates a signature for `data`.

func (*ECDSASignerVerifier) Verify ¶

func (sv *ECDSASignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error

Verify verifies the `sig` value passed in against `data`.

type ED25519SignerVerifier ¶

type ED25519SignerVerifier struct {
	// contains filtered or unexported fields
}

ED25519SignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using ED25519 keys.

func NewED25519SignerVerifierFromSSLibKey ¶

func NewED25519SignerVerifierFromSSLibKey(key *SSLibKey) (*ED25519SignerVerifier, error)

NewED25519SignerVerifierFromSSLibKey creates an Ed25519SignerVerifier from an SSLibKey.

func (*ED25519SignerVerifier) KeyID ¶

func (sv *ED25519SignerVerifier) KeyID() (string, error)

KeyID returns the identifier of the key used to create the ED25519SignerVerifier instance.

func (*ED25519SignerVerifier) Public ¶

func (sv *ED25519SignerVerifier) Public() crypto.PublicKey

Public returns the public portion of the key used to create the ED25519SignerVerifier instance.

func (*ED25519SignerVerifier) Sign ¶

func (sv *ED25519SignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)

Sign creates a signature for `data`.

func (*ED25519SignerVerifier) Verify ¶

func (sv *ED25519SignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error

Verify verifies the `sig` value passed in against `data`.

type KeyVal ¶

type KeyVal struct {
	Private     string `json:"private,omitempty"`
	Public      string `json:"public,omitempty"`
	Certificate string `json:"certificate,omitempty"`
	Identity    string `json:"identity,omitempty"`
	Issuer      string `json:"issuer,omitempty"`
}

type RSAPSSSignerVerifier ¶

type RSAPSSSignerVerifier struct {
	// contains filtered or unexported fields
}

RSAPSSSignerVerifier is a dsse.SignerVerifier compliant interface to sign and verify signatures using RSA keys following the RSA-PSS scheme.

func NewRSAPSSSignerVerifierFromSSLibKey ¶

func NewRSAPSSSignerVerifierFromSSLibKey(key *SSLibKey) (*RSAPSSSignerVerifier, error)

NewRSAPSSSignerVerifierFromSSLibKey creates an RSAPSSSignerVerifier from an SSLibKey.

func (*RSAPSSSignerVerifier) KeyID ¶

func (sv *RSAPSSSignerVerifier) KeyID() (string, error)

KeyID returns the identifier of the key used to create the RSAPSSSignerVerifier instance.

func (*RSAPSSSignerVerifier) Public ¶

func (sv *RSAPSSSignerVerifier) Public() crypto.PublicKey

Public returns the public portion of the key used to create the RSAPSSSignerVerifier instance.

func (*RSAPSSSignerVerifier) Sign ¶

func (sv *RSAPSSSignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error)

Sign creates a signature for `data`.

func (*RSAPSSSignerVerifier) Verify ¶

func (sv *RSAPSSSignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error

Verify verifies the `sig` value passed in against `data`.

type SSLibKey ¶

type SSLibKey struct {
	KeyIDHashAlgorithms []string `json:"keyid_hash_algorithms"`
	KeyType             string   `json:"keytype"`
	KeyVal              KeyVal   `json:"keyval"`
	Scheme              string   `json:"scheme"`
	KeyID               string   `json:"keyid"`
}

func LoadECDSAKeyFromFile ¶

func LoadECDSAKeyFromFile(path string) (*SSLibKey, error)

LoadECDSAKeyFromFile returns an SSLibKey instance for an ECDSA key stored in a file in the custom securesystemslib format.

func LoadED25519KeyFromFile ¶

func LoadED25519KeyFromFile(path string) (*SSLibKey, error)

LoadED25519KeyFromFile returns an SSLibKey instance for an ED25519 key stored in a file in the custom securesystemslib format.

func LoadKeyFromSSLibBytes ¶ added in v0.8.0

func LoadKeyFromSSLibBytes(contents []byte) (*SSLibKey, error)

LoadKeyFromSSLibBytes returns a pointer to a Key instance created from the contents of the bytes. The key contents are expected to be in the custom securesystemslib format.

func LoadRSAPSSKeyFromBytes ¶ added in v0.8.0

func LoadRSAPSSKeyFromBytes(contents []byte) (*SSLibKey, error)

func LoadRSAPSSKeyFromFile ¶

func LoadRSAPSSKeyFromFile(path string) (*SSLibKey, error)

LoadRSAPSSKeyFromFile returns an SSLibKey instance for an RSA key stored in a file.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL