trustkeys

package
v0.12.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2026 License: MIT Imports: 3 Imported by: 0

Documentation

Overview

Package trustkeys exposes the public keys embedded in the gtb binary for self-update signature verification (Phase 2 of the remote-update-checksum-verification spec).

To embed a release public key, drop its ASCII-armored form into internal/trustkeys/keys/<name>.asc. Every *.asc file in that directory is embedded at build time and surfaced to the SelfUpdater via props.Tool.Signing.EmbeddedKeys (wired in internal/cmd/root).

The directory ships empty (only a .gitkeep): with no keys present Keys returns nil, so signature verification stays dormant (setup.DefaultRequireSignature is false) until a real key is added and the rollout flips the default. See docs/development/phase2-signing-prep.md.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Keys 

func Keys() [][]byte

Keys returns every embedded ASCII-armored public key (the contents of internal/trustkeys/keys/*.asc). It returns nil when no key files are present, which leaves the embedded trust anchor unset.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.