package crypto
import "github.com/google/trillian/crypto"
Package crypto provides signing functionality for Trillian.
Index ¶
- func SignatureAlgorithm(k gocrypto.PublicKey) sigpb.DigitallySigned_SignatureAlgorithm
- func Verify(pub crypto.PublicKey, data []byte, sig *sigpb.DigitallySigned) error
- func VerifyObject(pub crypto.PublicKey, obj interface{}, sig *sigpb.DigitallySigned) error
- func VerifySignedLogRoot(pub crypto.PublicKey, r *trillian.SignedLogRoot) (*trillian.SignedLogRoot, error)
- type Signer
- func NewSHA256Signer(signer crypto.Signer) *Signer
- func (s *Signer) Public() crypto.PublicKey
- func (s *Signer) Sign(data []byte) (*sigpb.DigitallySigned, error)
- func (s *Signer) SignLogRoot(root *trillian.SignedLogRoot) (*trillian.SignedLogRoot, error)
- func (s *Signer) SignMapRoot(root *trillian.SignedMapRoot) (*sigpb.DigitallySigned, error)
- func (s *Signer) SignObject(obj interface{}) (*sigpb.DigitallySigned, error)
Functions ¶
func SignatureAlgorithm ¶
func SignatureAlgorithm(k gocrypto.PublicKey) sigpb.DigitallySigned_SignatureAlgorithm
SignatureAlgorithm returns the algorithm used for this public key. Only ECDSA and RSA keys are supported. Other key types will return sigpb.DigitallySigned_ANONYMOUS.
func Verify ¶
Verify cryptographically verifies the output of Signer.
func VerifyObject ¶
func VerifyObject(pub crypto.PublicKey, obj interface{}, sig *sigpb.DigitallySigned) error
VerifyObject verifies the output of Signer.SignObject.
func VerifySignedLogRoot ¶
func VerifySignedLogRoot(pub crypto.PublicKey, r *trillian.SignedLogRoot) (*trillian.SignedLogRoot, error)
VerifySignedLogRoot verifies the SignedLogRoot and returns its contents.
Types ¶
type Signer ¶
Signer is responsible for signing log-related data and producing the appropriate application specific signature objects.
func NewSHA256Signer ¶
NewSHA256Signer creates a new SHA256 based Signer.
func (*Signer) Public ¶
Public returns the public key that can verify signatures produced by s.
func (*Signer) Sign ¶
func (s *Signer) Sign(data []byte) (*sigpb.DigitallySigned, error)
Sign obtains a signature after first hashing the input data.
func (*Signer) SignLogRoot ¶
func (s *Signer) SignLogRoot(root *trillian.SignedLogRoot) (*trillian.SignedLogRoot, error)
SignLogRoot returns a complete SignedLogRoot (including signature).
func (*Signer) SignMapRoot ¶
func (s *Signer) SignMapRoot(root *trillian.SignedMapRoot) (*sigpb.DigitallySigned, error)
SignMapRoot hashes and signs the supplied (to-be) SignedMapRoot and returns a signature. Hashing is performed by github.com/benlaurie/objecthash.
func (*Signer) SignObject ¶
func (s *Signer) SignObject(obj interface{}) (*sigpb.DigitallySigned, error)
SignObject signs the requested object using ObjectHash.
Source Files ¶
data_formats.go signatures.go signer.go verifier.go
Directories ¶
| Path | Synopsis |
|---|---|
| crypto/keys | Package keys provides access to public and private keys for signing and verification of signatures. |
| crypto/keys/der | |
| crypto/keys/der/proto | Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler. |
| crypto/keyspb | Package keyspb is a generated protocol buffer package. |
| crypto/keys/pem | |
| crypto/keys/pem/proto | Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler. |
| crypto/keys/pkcs11 | Package pkcs11 provides access to private keys using a PKCS#11 interface. |
| crypto/keys/pkcs11/proto | Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler. |
| crypto/keys/testonly | Package testonly contains code and data that should only be used by tests. |
| crypto/sigpb | Package sigpb is a generated protocol buffer package. |
- Version
- v1.0.8
- Published
- Mar 8, 2018
- Platform
- js/wasm
- Imports
- 15 packages
- Last checked
- 4 hours ago –
Tools for package owners.