verify

package
Version: v0.0.0-...-f621e85 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 19, 2021 License: BSD-3-Clause Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrMissingKey       = errors.New("tuf: missing key")
	ErrNoSignatures     = errors.New("tuf: data has no signatures")
	ErrInvalid          = errors.New("tuf: signature verification failed")
	ErrWrongMethod      = errors.New("tuf: invalid signature type")
	ErrWrongMetaType    = errors.New("tuf: meta file has wrong type")
	ErrExists           = errors.New("tuf: key already in db")
	ErrInvalidKey       = errors.New("tuf: invalid key")
	ErrInvalidRole      = errors.New("tuf: invalid role")
	ErrInvalidKeyID     = errors.New("tuf: invalid key id")
	ErrInvalidThreshold = errors.New("tuf: invalid role threshold")
)
View Source
var IsExpired = func(t time.Time) bool {
	return t.Sub(time.Now()) <= 0
}
View Source
var Verifiers = map[string]Verifier{
	data.KeySchemeEd25519:         ed25519Verifier{},
	data.KeySchemeECDSA_SHA2_P256: p256Verifier{},
}

Verifiers is used to map key types to Verifier instances.

Functions

func ValidRole

func ValidRole(name string) bool

ValidRole checks if a role is a top level role.

Types

type DB

type DB struct {
	// contains filtered or unexported fields
}

func NewDB

func NewDB() *DB

func (*DB) AddKey

func (db *DB) AddKey(id string, k *data.Key) error

func (*DB) AddRole

func (db *DB) AddRole(name string, r *data.Role) error

func (*DB) GetKey

func (db *DB) GetKey(id string) *data.Key

func (*DB) GetRole

func (db *DB) GetRole(name string) *Role

func (*DB) Unmarshal

func (db *DB) Unmarshal(b []byte, v interface{}, role string, minVersion int) error

func (*DB) UnmarshalTrusted

func (db *DB) UnmarshalTrusted(b []byte, v interface{}, role string) error

func (*DB) Verify

func (db *DB) Verify(s *data.Signed, role string, minVersion int) error

func (*DB) VerifySignatures

func (db *DB) VerifySignatures(s *data.Signed, role string) error

type DelegationsVerifier

type DelegationsVerifier struct {
	DB *DB
}

func NewDelegationsVerifier

func NewDelegationsVerifier(d *data.Delegations) (DelegationsVerifier, error)

NewDelegationsVerifier returns a DelegationsVerifier that verifies delegations of a given Targets. It reuses the DB struct to leverage verified keys, roles unmarshals.

func (*DelegationsVerifier) Unmarshal

func (d *DelegationsVerifier) Unmarshal(b []byte, v interface{}, role string, minVersion int) error

type ErrExpired

type ErrExpired struct {
	Expired time.Time
}

func (ErrExpired) Error

func (e ErrExpired) Error() string

type ErrLowVersion

type ErrLowVersion struct {
	Actual  int
	Current int
}

func (ErrLowVersion) Error

func (e ErrLowVersion) Error() string

type ErrRoleThreshold

type ErrRoleThreshold struct {
	Expected int
	Actual   int
}

func (ErrRoleThreshold) Error

func (e ErrRoleThreshold) Error() string

type ErrUnknownRole

type ErrUnknownRole struct {
	Role string
}

func (ErrUnknownRole) Error

func (e ErrUnknownRole) Error() string

type ErrWrongID

type ErrWrongID struct{}

func (ErrWrongID) Error

func (ErrWrongID) Error() string

type Role

type Role struct {
	KeyIDs    map[string]struct{}
	Threshold int
}

func (*Role) ValidKey

func (r *Role) ValidKey(id string) bool

type Verifier

type Verifier interface {
	// Verify takes a key, message and signature, all as byte slices,
	// and determines whether the signature is valid for the given
	// key and message.
	Verify(key, msg, sig []byte) error

	// ValidKey returns true if the provided public key is valid and usable to
	// verify signatures with this verifier.
	ValidKey([]byte) bool
}

A Verifier verifies public key signatures.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL