git

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 4, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package git provides higher level funcs for signing and verifying Git commits. Functions here generally tie together low level signature writing and Sigstore components together into useful abstractions for working with Git objects.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Sign 

func Sign(ctx context.Context, rekor rekor.Writer, ident *fulcio.Identity, data []byte, opts signature.SignOptions) ([]byte, *x509.Certificate, error)

Types

type Claim 

type Claim struct {
	Key   ClaimCondition
	Value bool
}

Claim is a k/v pair representing the status of a given ClaimCondition.

func NewClaim 

func NewClaim(c ClaimCondition, ok bool) Claim

type ClaimCondition 

type ClaimCondition string
const (
	ClaimValidatedSignature  ClaimCondition = "Validated Git signature"
	ClaimValidatedRekorEntry ClaimCondition = "Validated Rekor entry"
)

type VerificationSummary 

type VerificationSummary struct {
	// Certificate used to sign the commit.
	Cert *x509.Certificate
	// Rekor log entry of the commit.
	LogEntry *models.LogEntryAnon
	// List of claims about what succeeded / failed during validation.
	// This can be used to get details on what succeeded / failed during
	// validation. This is not an exhaustive list - claims may be missing
	// if validation ended early.
	Claims []Claim
}

func Verify 

func Verify(ctx context.Context, rekor rekor.Verifier, data, sig []byte, detached bool) (*VerificationSummary, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.