verify

package

v1.1.0-0.5.2 Latest Latest Go to latest Published: Mar 16, 2024 License: BSD-3-Clause Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/DataDog/go-tuf

Documentation ¶

Index ¶

Variables
func VerifySignature(signed json.RawMessage, sig data.HexBytes, verifier keys.Verifier) error
type DB
- func NewDB() *DB
- func NewDBFromDelegations(d *data.Delegations) (*DB, error)
type ErrExpired
- func (e ErrExpired) Error() string
type ErrLowVersion
- func (e ErrLowVersion) Error() string
type ErrRepeatID
- func (e ErrRepeatID) Error() string
type ErrRoleThreshold
- func (e ErrRoleThreshold) Error() string
type ErrUnknownRole
- func (e ErrUnknownRole) Error() string
type ErrWrongVersion
- func (e ErrWrongVersion) Error() string
type Role
- func (r *Role) ValidKey(id string) bool

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrMissingKey           = errors.New("tuf: missing key")
	ErrNoSignatures         = errors.New("tuf: data has no signatures")
	ErrInvalid              = errors.New("tuf: signature verification failed")
	ErrWrongMethod          = errors.New("tuf: invalid signature type")
	ErrWrongMetaType        = errors.New("tuf: meta file has wrong type")
	ErrExists               = errors.New("tuf: key already in db")
	ErrInvalidKey           = errors.New("tuf: invalid key")
	ErrInvalidRole          = errors.New("tuf: invalid role")
	ErrInvalidDelegatedRole = errors.New("tuf: invalid delegated role")
	ErrInvalidKeyID         = errors.New("tuf: invalid key id")
	ErrInvalidThreshold     = errors.New("tuf: invalid role threshold")
	ErrMissingTargetFile    = errors.New("tuf: missing previously listed targets metadata file")
)

View Source

var IsExpired = func(t time.Time) bool {
	return time.Until(t) <= 0
}

Functions ¶

func VerifySignature ¶

func VerifySignature(signed json.RawMessage, sig data.HexBytes,
	verifier keys.Verifier) error

VerifySignature takes a signed JSON message, a signature, and a verifier and verifies the given signature on the JSON message using the verifier. It returns an error if verification fails.

Types ¶

type DB ¶

type DB struct {
	// contains filtered or unexported fields
}

func NewDB ¶

func NewDB() *DB

func NewDBFromDelegations ¶

func NewDBFromDelegations(d *data.Delegations) (*DB, error)

NewDBFromDelegations returns a DB that verifies delegations of a given Targets.

func (*DB) AddKey ¶

func (db *DB) AddKey(id string, k *data.PublicKey) error

func (*DB) AddRole ¶

func (db *DB) AddRole(name string, r *data.Role) error

func (*DB) GetRole ¶

func (db *DB) GetRole(name string) *Role

func (*DB) GetVerifier ¶

func (db *DB) GetVerifier(id string) (keys.Verifier, error)

func (*DB) Unmarshal ¶

func (db *DB) Unmarshal(b []byte, v interface{}, role string, minVersion int64) error

func (*DB) UnmarshalIgnoreExpired ¶

func (db *DB) UnmarshalIgnoreExpired(b []byte, v interface{}, role string, minVersion int64) error

UnmarshalExpired is exactly like Unmarshal except ignores expired timestamp error.

func (*DB) UnmarshalTrusted ¶

func (db *DB) UnmarshalTrusted(b []byte, v interface{}, role string) error

func (*DB) Verify ¶

func (db *DB) Verify(s *data.Signed, role string, minVersion int64) error

func (*DB) VerifyIgnoreExpiredCheck ¶

func (db *DB) VerifyIgnoreExpiredCheck(s *data.Signed, role string, minVersion int64) error

func (*DB) VerifySignatures ¶

func (db *DB) VerifySignatures(s *data.Signed, role string) error

type ErrExpired ¶

type ErrExpired struct {
	Expired time.Time
}

func (ErrExpired) Error ¶

func (e ErrExpired) Error() string

type ErrLowVersion ¶

type ErrLowVersion struct {
	Actual  int64
	Current int64
}

func (ErrLowVersion) Error ¶

func (e ErrLowVersion) Error() string

type ErrRepeatID ¶

type ErrRepeatID struct {
	KeyID string
}

func (ErrRepeatID) Error ¶

func (e ErrRepeatID) Error() string

type ErrRoleThreshold ¶

type ErrRoleThreshold struct {
	Expected int
	Actual   int
}

func (ErrRoleThreshold) Error ¶

func (e ErrRoleThreshold) Error() string

type ErrUnknownRole ¶

type ErrUnknownRole struct {
	Role string
}

func (ErrUnknownRole) Error ¶

func (e ErrUnknownRole) Error() string

type ErrWrongVersion ¶

type ErrWrongVersion struct {
	Given    int64
	Expected int64
}

func (ErrWrongVersion) Error ¶

func (e ErrWrongVersion) Error() string

type Role ¶

type Role struct {
	KeyIDs    map[string]struct{}
	Threshold int
}

func (*Role) ValidKey ¶

func (r *Role) ValidKey(id string) bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL