attestation

package

v0.1.2 Latest Latest Go to latest Published: Apr 22, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/docker/attest

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func ValidPayloadType(payloadType string) bool
func VerifyDSSE(ctx context.Context, env *Envelope, keys KeysMap) ([]byte, error)
type DockerDsseExtension
type DockerTlExtension
type Envelope
- func SignDSSE(ctx context.Context, payload []byte, payloadType string, ...) (*Envelope, error)
type Extension
type KeyMetadata
type Keys
type KeysMap
type Signature

Constants ¶

View Source

const (
	DockerDsseExtKind = "application/vnd.docker.attestation-verification.v1+json"
	RekorTlExtKind    = "Rekor"
)

Variables ¶

This section is empty.

Functions ¶

func ValidPayloadType ¶

func ValidPayloadType(payloadType string) bool

func VerifyDSSE ¶

func VerifyDSSE(ctx context.Context, env *Envelope, keys KeysMap) ([]byte, error)

Types ¶

type DockerDsseExtension ¶

type DockerDsseExtension struct {
	Tl DockerTlExtension `json:"tl"`
}

type DockerTlExtension ¶

type DockerTlExtension struct {
	Kind string `json:"kind"`
	Data any    `json:"data"`
}

type Envelope ¶

type Envelope struct {
	PayloadType string      `json:"payloadType"`
	Payload     string      `json:"payload"`
	Signatures  []Signature `json:"signatures"`
}

the following types are needed until https://github.com/secure-systems-lab/dsse/pull/61 is merged

func SignDSSE ¶

func SignDSSE(ctx context.Context, payload []byte, payloadType string, signer dsse.SignerVerifier) (*Envelope, error)

SignDSSE signs a payload with a given signer and uploads the signature to the transparency log

type Extension ¶

type Extension struct {
	Kind string              `json:"kind"`
	Ext  DockerDsseExtension `json:"ext"`
}

type KeyMetadata ¶

type KeyMetadata struct {
	ID            string     `json:"id"`
	PEM           string     `json:"key"`
	From          time.Time  `json:"from"`
	To            *time.Time `json:"to"`
	Status        string     `json:"status"`
	SigningFormat string     `json:"signing-format"`
	Distrust      bool       `json:"distrust,omitempty"`
}

type Keys ¶

type Keys []KeyMetadata

type KeysMap ¶

type KeysMap map[string]KeyMetadata

type Signature ¶

type Signature struct {
	KeyID     string    `json:"keyid"`
	Sig       string    `json:"sig"`
	Extension Extension `json:"extension"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL