jsonsign

package

v0.0.0-...-4ba1123 Latest Latest Go to latest Published: Jan 15, 2024 License: Apache-2.0 Imports: 23 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/perkeep/perkeep

Links

Open Source Insights

Documentation ¶

Overview ¶

Package jsonsign implements Perkeep's cryptographic signing and verification of JSON blobs.

Index ¶

func ArmoredPublicKey(entity *openpgp.Entity) (string, error)
func EntityFromSecring(keyID, keyFile string) (*openpgp.Entity, error)
func GenerateNewSecRing(secRing string) (keyID string, err error)
func KeyIdFromRing(secRing string) (keyID string, err error)
func NewEntity() (*openpgp.Entity, error)
func ParseArmoredPublicKey(r io.Reader) (fingerprint, armoredKey string, err error)
func WriteKeyRing(w io.Writer, el openpgp.EntityList) error
type CachingEntityFetcher
- func (ce *CachingEntityFetcher) FetchEntity(fingerprint string) (*openpgp.Entity, error)
type EntityFetcher
type FileEntityFetcher
- func FlagEntityFetcher() *FileEntityFetcher
- func (fe *FileEntityFetcher) FetchEntity(fingerprint string) (*openpgp.Entity, error)
type SignRequest
- func (sr *SignRequest) Sign(ctx context.Context) (signedJSON string, err error)
type VerifiedSignature
type VerifyRequest
- func NewVerificationRequest(sjson string, fetcher blob.Fetcher) (vr *VerifyRequest)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ArmoredPublicKey ¶

func ArmoredPublicKey(entity *openpgp.Entity) (string, error)

func EntityFromSecring ¶

func EntityFromSecring(keyID, keyFile string) (*openpgp.Entity, error)

EntityFromSecring returns the openpgp Entity from keyFile that matches keyID. If empty, keyFile defaults to osutil.SecretRingFile().

func GenerateNewSecRing ¶

func GenerateNewSecRing(secRing string) (keyID string, err error)

GenerateNewSecRing creates a new secret ring file secRing, with a new GPG identity. It returns the public keyID of that identity. It returns an error if the file already exists.

func KeyIdFromRing ¶

func KeyIdFromRing(secRing string) (keyID string, err error)

KeyIdFromRing returns the public keyID contained in the secret ring file secRing. It expects only one keyID in this secret ring and returns an error otherwise.

func ParseArmoredPublicKey ¶

func ParseArmoredPublicKey(r io.Reader) (fingerprint, armoredKey string, err error)

ParseArmoredPublicKey tries to parse an armored public key from r, taking care to bound the amount it reads. The returned fingerprint is 40 capital hex digits. The returned armoredKey is a copy of the contents read.

func WriteKeyRing ¶

func WriteKeyRing(w io.Writer, el openpgp.EntityList) error

Types ¶

type CachingEntityFetcher ¶

type CachingEntityFetcher struct {
	Fetcher EntityFetcher
	// contains filtered or unexported fields
}

func (*CachingEntityFetcher) FetchEntity ¶

func (ce *CachingEntityFetcher) FetchEntity(fingerprint string) (*openpgp.Entity, error)

type EntityFetcher ¶

type EntityFetcher interface {
	FetchEntity(fingerprint string) (*openpgp.Entity, error)
}

type FileEntityFetcher ¶

type FileEntityFetcher struct {
	File string
}

func FlagEntityFetcher ¶

func FlagEntityFetcher() *FileEntityFetcher

func (*FileEntityFetcher) FetchEntity ¶

func (fe *FileEntityFetcher) FetchEntity(fingerprint string) (*openpgp.Entity, error)

type SignRequest ¶

type SignRequest struct {
	UnsignedJSON string
	Fetcher      blob.Fetcher
	ServerMode   bool // if true, can't use pinentry or gpg-agent, etc.

	// Optional signature time. If zero, time.Now() is used.
	SignatureTime time.Time

	// Optional function to return an entity (including decrypting
	// the PrivateKey, if necessary)
	EntityFetcher EntityFetcher

	// SecretKeyringPath is only used if EntityFetcher is nil,
	// in which case SecretKeyringPath is used if non-empty.
	// As a final resort, we default to osutil.SecretRingFile().
	SecretKeyringPath string
}

func (*SignRequest) Sign ¶

func (sr *SignRequest) Sign(ctx context.Context) (signedJSON string, err error)

type VerifiedSignature ¶

type VerifiedSignature struct {
}

type VerifyRequest ¶

type VerifyRequest struct {
	CamliSigner     blob.Ref
	CamliSig        string
	PublicKeyPacket *packet.PublicKey

	// set if Verify() returns true:
	PayloadMap  map[string]interface{} // The JSON values from BPJ
	SignerKeyId string                 // e.g. "2931A67C26F5ABDA"

	Err error // last error encountered
	// contains filtered or unexported fields
}

See doc/json-signing/* for background and details on these variable names.

func NewVerificationRequest ¶

func NewVerificationRequest(sjson string, fetcher blob.Fetcher) (vr *VerifyRequest)

func (*VerifyRequest) FindAndParsePublicKeyBlob ¶

func (vr *VerifyRequest) FindAndParsePublicKeyBlob(ctx context.Context) error

func (*VerifyRequest) ParsePayloadMap ¶

func (vr *VerifyRequest) ParsePayloadMap() bool

func (*VerifyRequest) ParseSigMap ¶

func (vr *VerifyRequest) ParseSigMap() bool

func (*VerifyRequest) Verify ¶

func (vr *VerifyRequest) Verify(ctx context.Context) (info VerifiedSignature, err error)

func (*VerifyRequest) VerifySignature ¶

func (vr *VerifyRequest) VerifySignature() bool

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
signhandler Package signhandler implements the HTTP interface to signing and verifying Perkeep JSON blobs.	Package signhandler implements the HTTP interface to signing and verifying Perkeep JSON blobs.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL