package keystore
import "github.com/coreos/rkt/pkg/keystore"
Package keystore implements the ACI keystore.
Index ¶
- func CheckSignature(prefix string, signed, signature io.ReadSeeker) (*openpgp.Entity, error)
- type Config
- type Keystore
- func New(config *Config) *Keystore
- func NewTestKeystore() (*Keystore, string, error)
- func (ks *Keystore) CheckSignature(prefix string, signed, signature io.ReadSeeker) (*openpgp.Entity, error)
- func (ks *Keystore) DeleteTrustedKeyPrefix(prefix, fingerprint string) error
- func (ks *Keystore) DeleteTrustedKeyRoot(fingerprint string) error
- func (ks *Keystore) MaskTrustedKeySystemPrefix(prefix, fingerprint string) (string, error)
- func (ks *Keystore) MaskTrustedKeySystemRoot(fingerprint string) (string, error)
- func (ks *Keystore) StoreTrustedKeyPrefix(prefix string, r io.Reader) (string, error)
- func (ks *Keystore) StoreTrustedKeyRoot(r io.Reader) (string, error)
- func (ks *Keystore) TrustedKeyPrefixExists(prefix string) (bool, error)
- func (ks *Keystore) TrustedKeyPrefixWithFingerprintExists(prefix string, r io.ReadSeeker) (bool, error)
Functions ¶
func CheckSignature ¶
CheckSignature is a convenience method for creating a Keystore with a default configuration and invoking CheckSignature.
Types ¶
type Config ¶
type Config struct {
LocalRootPath string
LocalPrefixPath string
SystemRootPath string
SystemPrefixPath string
}
A Config structure is used to configure a Keystore.
func NewConfig ¶
type Keystore ¶
type Keystore struct {
*Config
}
A Keystore represents a repository of trusted public keys which can be used to verify PGP signatures.
func New ¶
New returns a new Keystore based on config.
func NewTestKeystore ¶
NewTestKeystore creates a new KeyStore backed by a temp directory. NewTestKeystore returns a KeyStore, the path to the temp directory, and an error if any.
func (*Keystore) CheckSignature ¶
func (ks *Keystore) CheckSignature(prefix string, signed, signature io.ReadSeeker) (*openpgp.Entity, error)
CheckSignature takes a signed file and a detached signature and returns the signer if the signature is signed by a trusted signer. If the signer is unknown or not trusted, opengpg.ErrUnknownIssuer is returned.
func (*Keystore) DeleteTrustedKeyPrefix ¶
DeleteTrustedKeyPrefix deletes the prefix trusted key identified by fingerprint.
func (*Keystore) DeleteTrustedKeyRoot ¶
DeleteTrustedKeyRoot deletes the root trusted key identified by fingerprint.
func (*Keystore) MaskTrustedKeySystemPrefix ¶
MaskTrustedKeySystemPrefix masks the system prefix trusted key identified by fingerprint.
func (*Keystore) MaskTrustedKeySystemRoot ¶
MaskTrustedKeySystemRoot masks the system root trusted key identified by fingerprint.
func (*Keystore) StoreTrustedKeyPrefix ¶
StoreTrustedKeyPrefix stores the contents of public key r as a prefix trusted key.
func (*Keystore) StoreTrustedKeyRoot ¶
StoreTrustedKeyRoot stores the contents of public key r as a root trusted key.
func (*Keystore) TrustedKeyPrefixExists ¶
TrustKeyPrefixExists returns whether or not there exists 1 or more trusted keys for a given prefix, or for any parent prefix.
func (*Keystore) TrustedKeyPrefixWithFingerprintExists ¶
func (ks *Keystore) TrustedKeyPrefixWithFingerprintExists(prefix string, r io.ReadSeeker) (bool, error)
TrustedKeyPrefixWithFingerprintExists returns whether or not a trusted key with the fingerprint of the key accessible through r exists for the given prefix.
Source Files ¶
Directories ¶
| Path | Synopsis |
|---|---|
| pkg/keystore/keystoretest | Package keystoretest provides utilities for ACI keystore testing. |
- Version
- v1.30.0 (latest)
- Published
- Apr 13, 2018
- Platform
- linux/amd64
- Imports
- 13 packages
- Last checked
- 3 days ago –
Tools for package owners.