bundle

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 11, 2025 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DefaultSigner 

type DefaultSigner struct{}

DefaultSigner implements the BundleSigner interface for the signer

func (*DefaultSigner) BuildMessage 

func (bs *DefaultSigner) BuildMessage(data []byte) *sign.PlainData

BuildMessage is the alternative to WrapData.

func (*DefaultSigner) BuildSigstoreSignerOptions 

func (bs *DefaultSigner) BuildSigstoreSignerOptions(opts *options.Signer) (*sign.BundleOptions, error)

BuildSigstoreSignerOptions builds the signer options by reading the TUF roots and configuration from the local system (or defaults).

func (*DefaultSigner) GetAmbientTokens 

func (bs *DefaultSigner) GetAmbientTokens(opts *options.Signer) error

func (*DefaultSigner) GetKeyPair 

func (bs *DefaultSigner) GetKeyPair(opts *options.Signer) (*sign.EphemeralKeypair, error)

GetKeyPair calls the configured key generator and returns a keypair which will be used to sign

func (*DefaultSigner) GetOidcToken 

func (bs *DefaultSigner) GetOidcToken(opts *options.Signer) error

func (*DefaultSigner) SignBundle 

func (bs *DefaultSigner) SignBundle(content sign.Content, keypair sign.Keypair, opts *sign.BundleOptions) (*protobundle.Bundle, error)

SignBundle signs the DSSE envelop and returns the new bundle

func (*DefaultSigner) VerifyAttestationContent 

func (bs *DefaultSigner) VerifyAttestationContent(_ *options.Signer, data []byte) error

VerifyContent checka that the attestation is in good shape to sign

func (*DefaultSigner) WrapData 

func (bs *DefaultSigner) WrapData(payloadType string, data []byte) *sign.DSSEData

type DefaultVerifier 

type DefaultVerifier struct{}

DefaultVerifier implements the BundleVerifier interface.

func (*DefaultVerifier) BuildSigstoreVerifier 

func (bv *DefaultVerifier) BuildSigstoreVerifier(opts *options.Verifier) (VerifyCapable, error)

BuildSigstoreVerifier creates a configured sigstore verifier from the configured options TODO(puerco): Abstract the returned verifier

func (*DefaultVerifier) OpenBundle 

func (bv *DefaultVerifier) OpenBundle(path string) (*bundle.Bundle, error)

OpenBundle opens a bundle file

func (*DefaultVerifier) RunVerification 

func (bv *DefaultVerifier) RunVerification(
	opts *options.Verifier, sigstoreVerifier VerifyCapable, bndl *bundle.Bundle,
) (*verify.VerificationResult, error)

RunVerification verifies an artifact using the provided verifier

type Signer 

type Signer interface {
	VerifyAttestationContent(*options.Signer, []byte) error
	WrapData(payloadType string, data []byte) *sign.DSSEData
	BuildMessage(data []byte) *sign.PlainData
	GetKeyPair(*options.Signer) (*sign.EphemeralKeypair, error)
	GetAmbientTokens(*options.Signer) error
	GetOidcToken(*options.Signer) error
	BuildSigstoreSignerOptions(*options.Signer) (*sign.BundleOptions, error)
	SignBundle(content sign.Content, keypair sign.Keypair, opts *sign.BundleOptions) (*protobundle.Bundle, error)
}

BundleSigner abstracts the signer implementation to make it easy to mock

type Verifier 

type Verifier interface {
	OpenBundle(string) (*bundle.Bundle, error)
	BuildSigstoreVerifier(*options.Verifier) (VerifyCapable, error)
	RunVerification(*options.Verifier, VerifyCapable, *bundle.Bundle) (*verify.VerificationResult, error)
}

BundleVerifier abstracts the verification implementation to make it easy to mock for testing.

type VerifyCapable 

type VerifyCapable interface {
	Verify(verify.SignedEntity, verify.PolicyBuilder) (*verify.VerificationResult, error)
}

Source Files

View all Source files

Directories

Path Synopsis
Code generated by counterfeiter.
 Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.