import "perkeep/pkg/jsonsign"
Overview ▹
Overview ▾
Package jsonsign implements Perkeep's cryptographic signing and verification of JSON blobs.
Index
- func ArmoredPublicKey(entity *openpgp.Entity) (string, error)
- func EntityFromSecring(keyID, keyFile string) (*openpgp.Entity, error)
- func GenerateNewSecRing(secRing string) (keyID string, err error)
- func KeyIdFromRing(secRing string) (keyID string, err error)
- func NewEntity() (*openpgp.Entity, error)
- func ParseArmoredPublicKey(r io.Reader) (fingerprint, armoredKey string, err error)
- func WriteKeyRing(w io.Writer, el openpgp.EntityList) error
- type CachingEntityFetcher
- func (ce *CachingEntityFetcher) FetchEntity(fingerprint string) (*openpgp.Entity, error)
- type EntityFetcher
- type FileEntityFetcher
- func FlagEntityFetcher() *FileEntityFetcher
- func (fe *FileEntityFetcher) FetchEntity(fingerprint string) (*openpgp.Entity, error)
- type SignRequest
- func (sr *SignRequest) Sign(ctx context.Context) (signedJSON string, err error)
- type VerifiedSignature
- type VerifyRequest
- func NewVerificationRequest(sjson string, fetcher blob.Fetcher) (vr *VerifyRequest)
- func (vr *VerifyRequest) FindAndParsePublicKeyBlob(ctx context.Context) error
- func (vr *VerifyRequest) ParsePayloadMap() bool
- func (vr *VerifyRequest) ParseSigMap() bool
- func (vr *VerifyRequest) Verify(ctx context.Context) (info VerifiedSignature, err error)
- func (vr *VerifyRequest) VerifySignature() bool
Package files
doc.go keys.go sign.go sign_normal.go verify.go
func ArmoredPublicKey
func ArmoredPublicKey(entity *openpgp.Entity) (string, error)
func EntityFromSecring
func EntityFromSecring(keyID, keyFile string) (*openpgp.Entity, error)
EntityFromSecring returns the openpgp Entity from keyFile that matches keyID. If empty, keyFile defaults to osutil.SecretRingFile().
func GenerateNewSecRing
func GenerateNewSecRing(secRing string) (keyID string, err error)
GenerateNewSecRing creates a new secret ring file secRing, with a new GPG identity. It returns the public keyID of that identity. It returns an error if the file already exists.
func KeyIdFromRing
func KeyIdFromRing(secRing string) (keyID string, err error)
KeyIdFromRing returns the public keyID contained in the secret ring file secRing. It expects only one keyID in this secret ring and returns an error otherwise.
func NewEntity
func NewEntity() (*openpgp.Entity, error)
NewEntity returns a new OpenPGP entity.
func ParseArmoredPublicKey
func ParseArmoredPublicKey(r io.Reader) (fingerprint, armoredKey string, err error)
ParseArmoredPublicKey tries to parse an armored public key from r, taking care to bound the amount it reads. The returned fingerprint is 40 capital hex digits. The returned armoredKey is a copy of the contents read.
func WriteKeyRing
func WriteKeyRing(w io.Writer, el openpgp.EntityList) error
type CachingEntityFetcher
type CachingEntityFetcher struct {
Fetcher EntityFetcher
// contains filtered or unexported fields
}
func (*CachingEntityFetcher) FetchEntity
func (ce *CachingEntityFetcher) FetchEntity(fingerprint string) (*openpgp.Entity, error)
type EntityFetcher
type EntityFetcher interface { FetchEntity(fingerprint string) (*openpgp.Entity, error) }
type FileEntityFetcher
type FileEntityFetcher struct { File string }
func FlagEntityFetcher
func FlagEntityFetcher() *FileEntityFetcher
func (*FileEntityFetcher) FetchEntity
func (fe *FileEntityFetcher) FetchEntity(fingerprint string) (*openpgp.Entity, error)
type SignRequest
type SignRequest struct { UnsignedJSON string Fetcher blob.Fetcher ServerMode bool // if true, can't use pinentry or gpg-agent, etc. // Optional signature time. If zero, time.Now() is used. SignatureTime time.Time // Optional function to return an entity (including decrypting // the PrivateKey, if necessary) EntityFetcher EntityFetcher // SecretKeyringPath is only used if EntityFetcher is nil, // in which case SecretKeyringPath is used if non-empty. // As a final resort, we default to osutil.SecretRingFile(). SecretKeyringPath string }
func (*SignRequest) Sign
func (sr *SignRequest) Sign(ctx context.Context) (signedJSON string, err error)
type VerifiedSignature
type VerifiedSignature struct { }
type VerifyRequest
type VerifyRequest struct { CamliSigner blob.Ref CamliSig string PublicKeyPacket *packet.PublicKey // set if Verify() returns true: PayloadMap map[string]interface{} // The JSON values from BPJ SignerKeyId string // e.g. "2931A67C26F5ABDA" Err error // last error encountered // contains filtered or unexported fields }
See doc/json-signing/* for background and details on these variable names.
func NewVerificationRequest
func NewVerificationRequest(sjson string, fetcher blob.Fetcher) (vr *VerifyRequest)
func (*VerifyRequest) FindAndParsePublicKeyBlob
func (vr *VerifyRequest) FindAndParsePublicKeyBlob(ctx context.Context) error
func (*VerifyRequest) ParsePayloadMap
func (vr *VerifyRequest) ParsePayloadMap() bool
func (*VerifyRequest) ParseSigMap
func (vr *VerifyRequest) ParseSigMap() bool
func (*VerifyRequest) Verify
func (vr *VerifyRequest) Verify(ctx context.Context) (info VerifiedSignature, err error)
func (*VerifyRequest) VerifySignature
func (vr *VerifyRequest) VerifySignature() bool
Subdirectories
Name | Synopsis | |
---|---|---|
.. | ||
signhandler | Package signhandler implements the HTTP interface to signing and verifying Perkeep JSON blobs. |