README
¶
Notation
A collection of libraries for supporting Notation sign, verify, push, pull of oci artifacts. Based on Notary V2 standard.
Table of Contents
Core Documents
Code of Conduct
This project has adopted the CNCF Code of Conduct. See CODE_OF_CONDUCT.md for further details.
License
This project is covered under the Apache 2.0 license. You can read the license here.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var (
ErrExpiryNotSpecified = errors.New("expiry not specified")
)
SignOptions errors
Functions ¶
This section is empty.
Types ¶
type Descriptor ¶
type Descriptor struct {
// MediaType is the media type of the targeted content.
MediaType string `json:"mediaType"`
// Digest is the digest of the targeted content.
Digest digest.Digest `json:"digest"`
// Size specifies the size in bytes of the blob.
Size int64 `json:"size"`
// Annotations contains optional user defined attributes.
Annotations map[string]string `json:"annotations,omitempty"`
}
Descriptor describes the content signed or to be signed.
func (Descriptor) Equal ¶
func (d Descriptor) Equal(t Descriptor) bool
Equal reports whether d and t points to the same content.
type SignOptions ¶
type SignOptions struct {
// Expiry identifies the expiration time of the resulted signature.
Expiry time.Time
}
SignOptions contains parameters for Signer.Sign.
func (SignOptions) Validate ¶
func (opts SignOptions) Validate() error
Validate does basic validation on SignOptions.
type Signer ¶
type Signer interface {
// Sign signs the artifact described by its descriptor,
// and returns the signature.
Sign(ctx context.Context, desc Descriptor, opts SignOptions) ([]byte, error)
}
Signer is a generic interface for signing an artifact. The interface allows signing with local or remote keys, and packing in various signature formats.
type Verifier ¶
type Verifier interface {
// Verify verifies the signature and returns the verified descriptor and
// metadata of the signed artifact.
Verify(ctx context.Context, signature []byte, opts VerifyOptions) (Descriptor, error)
}
Verifier is a generic interface for verifying an artifact.
type VerifyOptions ¶
type VerifyOptions struct{}
VerifyOptions contains parameters for Verifier.Verify.
func (VerifyOptions) Validate ¶
func (opts VerifyOptions) Validate() error
Validate does basic validation on VerifyOptions.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
crypto
|
|
|
jwsutil
Package jwsutil provides serialization utilities for JWT libraries to comfort JWS.
|
Package jwsutil provides serialization utilities for JWT libraries to comfort JWS. |
|
timestamp
Package timestamp generates timestamping requests to TSA servers, and fetches the responses according to RFC 3161.
|
Package timestamp generates timestamping requests to TSA servers, and fetches the responses according to RFC 3161. |
|
timestamp/timestamptest
Package timestamptest provides utilities for timestamp testing
|
Package timestamptest provides utilities for timestamp testing |
|
internal
|
|
|
crypto/cms
Package cms verifies signatures in Cryptographic Message Syntax (CMS) / PKCS7 defined in RFC 5652.
|
Package cms verifies signatures in Cryptographic Message Syntax (CMS) / PKCS7 defined in RFC 5652. |
|
crypto/hashutil
Package hashutil provides utilities for hash.
|
Package hashutil provides utilities for hash. |
|
crypto/oid
Package oid collects object identifiers for crypto algorithms.
|
Package oid collects object identifiers for crypto algorithms. |
|
crypto/pki
Package pki contains certificate management protocol structures defined in RFC 2510.
|
Package pki contains certificate management protocol structures defined in RFC 2510. |
|
encoding/asn1
Package asn1 decodes BER-encoded ASN.1 data structures and encodes in DER.
|
Package asn1 decodes BER-encoded ASN.1 data structures and encodes in DER. |
|
signature
|
|
|
jws
Package jws signs and verifies artifacts with signatures in JWS format.
|
Package jws signs and verifies artifacts with signatures in JWS format. |