Documentation
¶
Index ¶
- func ApplyBinPatch(src *os.File, dest string, result io.Reader) error
- func MergeFlags(fs *pflag.FlagSet)
- func Register(s *Signer)
- type CertType
- type FlagValues
- type SignOpts
- type Signature
- type Signer
- func (s *Signer) Flags() *pflag.FlagSet
- func (s *Signer) FlagsFromCmdline(fs *pflag.FlagSet) (*FlagValues, error)
- func (s *Signer) FlagsFromQuery(q url.Values) (*FlagValues, error)
- func (s *Signer) GetTransform(f *os.File, opts SignOpts) (Transformer, error)
- func (s *Signer) IsSigned(f *os.File) (bool, error)
- type Transformer
- type VerifyOpts
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type FlagValues ¶
func (*FlagValues) GetBool ¶
func (values *FlagValues) GetBool(name string) bool
GetBool returns the flag's value as a bool
func (*FlagValues) GetString ¶
func (values *FlagValues) GetString(name string) string
GetString returns the flag's value as a string
type SignOpts ¶
type SignOpts struct {
Path string
Hash crypto.Hash
Time time.Time
Flags *FlagValues
Audit *audit.Info
// contains filtered or unexported fields
}
func (SignOpts) Context ¶
Context returns the context attached to the signature operation.
The returned context is always non-nil; it defaults to the background context.
func (SignOpts) SetBinPatch ¶
Convenience method to return a binary patch
type Signature ¶
type Signature struct {
Package string
SigInfo string
CreationTime time.Time
Hash crypto.Hash
Signer string
SignerPgp *openpgp.Entity
X509Signature *pkcs9.TimestampedSignature
}
func (*Signature) SignerName ¶
type Signer ¶
type Signer struct {
Name string
Aliases []string
Magic magic.FileType
CertTypes CertType
AllowStdin bool
// Return true if the given filename is associated with this signer
TestPath func(string) bool
// Format audit attributes for logfile
FormatLog func(*audit.Info) string
// Verify a file, returning the set of signatures found. Performs integrity
// checks but does not build X509 chains.
Verify func(*os.File, VerifyOpts) ([]*Signature, error)
// VerifyStream is like Verify but doesn't need to seek.
VerifyStream func(io.Reader, VerifyOpts) ([]*Signature, error)
// Transform a file into a stream to upload
Transform func(*os.File, SignOpts) (Transformer, error)
// Sign a input stream (possibly transformed) and return a mode-specific result blob
Sign func(io.Reader, *certloader.Certificate, SignOpts) ([]byte, error)
// Final step to run on the client after the file is patched
Fixup func(*os.File) error
// contains filtered or unexported fields
}
func ByFile ¶
Return the named signer module if given, otherwise identify the file at the given path by contents or extension
func ByFileName ¶
Return the signer associated with the given filename extension
func (*Signer) Flags ¶
Create a FlagSet for flags associated with this module. These will be added to "sign" and "remote sign", and transferred to a remote server via the URL query parameters.
func (*Signer) FlagsFromCmdline ¶
func (s *Signer) FlagsFromCmdline(fs *pflag.FlagSet) (*FlagValues, error)
FlagsFromCmdline creates a FlagValues from the (merged) command-line options of a command
func (*Signer) FlagsFromQuery ¶
func (s *Signer) FlagsFromQuery(q url.Values) (*FlagValues, error)
FlagsFromQuery creates a FlagValues from URL query parameters
func (*Signer) GetTransform ¶
Return the transform for the given module if it has one, otherwise return the default transform.
type Transformer ¶
type Transformer interface {
// Return a stream that will be uploaded to a remote server. This may be
// called multiple times in case of failover.
GetReader() (stream io.Reader, err error)
// Apply a HTTP response to the named destination file
Apply(dest, mimetype string, result io.Reader) error
}
func DefaultTransform ¶
func DefaultTransform(f *os.File) Transformer
type VerifyOpts ¶
type VerifyOpts struct {
FileName string
TrustedX509 []*x509.Certificate
TrustedPgp openpgp.EntityList
TrustedPool *x509.CertPool
NoDigests bool
NoChain bool
Content string
Compression magic.CompressionType
}
Source Files
Directories