tlog

package

v0.3.0 Latest Latest Go to latest Published: Aug 8, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/docker/attest

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CreateX509Cert(subject string, signer dsse.SignerVerifier) ([]byte, error)
func WithTL(ctx context.Context, tl TL) context.Context
type MockTL
type RekorTL
type TL
- func GetMockTL() TL
- func GetTL(ctx context.Context) TL
type TLPayload

Constants ¶

View Source

const (
	UseMockTL = true

	TestEntry = `` /* 3051-byte string literal not displayed */
)

View Source

const (
	DefaultRekorURL = "https://rekor.sigstore.dev"
)

Variables ¶

View Source

var TLCtxKey tlCtxKeyType

Functions ¶

func CreateX509Cert ¶

func CreateX509Cert(subject string, signer dsse.SignerVerifier) ([]byte, error)

CreateX509Cert generates a self-signed x509 cert for TL submission.

func WithTL ¶

func WithTL(ctx context.Context, tl TL) context.Context

sets TL in context.

Types ¶

type MockTL ¶

type MockTL struct {
	UploadLogEntryFunc     func(ctx context.Context, subject string, payload, signature []byte, signer dsse.SignerVerifier) ([]byte, error)
	VerifyLogEntryFunc     func(ctx context.Context, entryBytes []byte) (time.Time, error)
	VerifyEntryPayloadFunc func(entryBytes, payload, publicKey []byte) error
	UnmarshalEntryFunc     func(entryBytes []byte) (any, error)
}

func (*MockTL) UnmarshalEntry ¶

func (tl *MockTL) UnmarshalEntry(entryBytes []byte) (any, error)

func (*MockTL) UploadLogEntry ¶

func (tl *MockTL) UploadLogEntry(ctx context.Context, subject string, payload, signature []byte, signer dsse.SignerVerifier) ([]byte, error)

func (*MockTL) VerifyEntryPayload ¶

func (tl *MockTL) VerifyEntryPayload(entryBytes, payload, publicKey []byte) error

func (*MockTL) VerifyLogEntry ¶

func (tl *MockTL) VerifyLogEntry(ctx context.Context, entryBytes []byte) (time.Time, error)

type RekorTL ¶

type RekorTL struct{}

func (*RekorTL) UnmarshalEntry ¶

func (tl *RekorTL) UnmarshalEntry(entry []byte) (any, error)

func (*RekorTL) UploadLogEntry ¶

func (tl *RekorTL) UploadLogEntry(ctx context.Context, subject string, payload, signature []byte, signer dsse.SignerVerifier) ([]byte, error)

UploadLogEntry submits a PK token signature to the transparency log.

func (*RekorTL) VerifyEntryPayload ¶

func (tl *RekorTL) VerifyEntryPayload(entryBytes, payload, publicKey []byte) error

VerifyEntryPayload checks that the TL entry payload matches envelope payload.

func (*RekorTL) VerifyLogEntry ¶

func (tl *RekorTL) VerifyLogEntry(ctx context.Context, entryBytes []byte) (time.Time, error)

VerifyLogEntry verifies a transparency log entry.

type TL ¶

type TL interface {
	UploadLogEntry(ctx context.Context, subject string, payload, signature []byte, signer dsse.SignerVerifier) ([]byte, error)
	VerifyLogEntry(ctx context.Context, entryBytes []byte) (time.Time, error)
	VerifyEntryPayload(entryBytes, payload, publicKey []byte) error
	UnmarshalEntry(entryBytes []byte) (any, error)
}

func GetMockTL ¶ added in v0.1.2

func GetMockTL() TL

func GetTL ¶

func GetTL(ctx context.Context) TL

gets TL from context, defaults to Rekor TL if not set.

type TLPayload ¶ added in v0.2.0

type TLPayload struct {
	Algorithm string
	Hash      string
	Signature string
	PublicKey string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL