package crypto

import "github.com/google/trillian/crypto"

Package crypto provides signing functionality for Trillian.

Index

Functions

func SignatureAlgorithm 

func SignatureAlgorithm(k gocrypto.PublicKey) sigpb.DigitallySigned_SignatureAlgorithm

SignatureAlgorithm returns the algorithm used for this public key. Only ECDSA and RSA keys are supported. Other key types will return sigpb.DigitallySigned_ANONYMOUS.

func Verify 

func Verify(pub crypto.PublicKey, hasher crypto.Hash, data, sig []byte) error

Verify cryptographically verifies the output of Signer.

func VerifySignedLogRoot 

func VerifySignedLogRoot(pub crypto.PublicKey, hash crypto.Hash, r *trillian.SignedLogRoot) (*types.LogRootV1, error)

VerifySignedLogRoot verifies the SignedLogRoot and returns its contents.

func VerifySignedMapRoot 

func VerifySignedMapRoot(pub crypto.PublicKey, hash crypto.Hash, smr *trillian.SignedMapRoot) (*types.MapRootV1, error)

VerifySignedMapRoot verifies the signature on the SignedMapRoot. VerifySignedMapRoot returns MapRootV1 to encourage safe API use. It should be the only function available to clients that returns MapRootV1.

Types

type Signer 

type Signer struct {
	KeyHint []byte
	Hash    crypto.Hash
	Signer  crypto.Signer
}

Signer is responsible for signing log-related data and producing the appropriate application specific signature objects.

func NewSHA256Signer 

func NewSHA256Signer(signer crypto.Signer) *Signer

NewSHA256Signer creates a new SHA256 based Signer and a KeyID of 0. TODO(gbelvin): remove

func NewSigner 

func NewSigner(keyID int64, signer crypto.Signer, hash crypto.Hash) *Signer

NewSigner returns a new signer. The signer will set the KeyHint field, when available, with KeyID.

func (*Signer) Public 

func (s *Signer) Public() crypto.PublicKey

Public returns the public key that can verify signatures produced by s.

func (*Signer) Sign 

func (s *Signer) Sign(data []byte) ([]byte, error)

Sign obtains a signature after first hashing the input data.

func (*Signer) SignLogRoot 

func (s *Signer) SignLogRoot(r *types.LogRootV1) (*trillian.SignedLogRoot, error)

SignLogRoot returns a complete SignedLogRoot (including signature).

func (*Signer) SignMapRoot 

func (s *Signer) SignMapRoot(r *types.MapRootV1) (*trillian.SignedMapRoot, error)

SignMapRoot hashes and signs the supplied (to-be) SignedMapRoot and returns a signature.

Source Files

signatures.go signer.go verifier.go

Directories

PathSynopsis
crypto/keysPackage keys provides access to public and private keys for signing and verification of signatures.
crypto/keys/der
crypto/keys/der/protoPackage proto registers a DER keys.ProtoHandler using keys.RegisterHandler.
crypto/keyspb
crypto/keys/pem
crypto/keys/pem/protoPackage proto registers a PEM keys.ProtoHandler using keys.RegisterHandler.
crypto/keys/pkcs11Package pkcs11 provides access to private keys using a PKCS#11 interface.
crypto/keys/pkcs11/protoPackage proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler.
crypto/keys/testonlyPackage testonly contains code and data that should only be used by tests.
crypto/sigpb
Version
v1.2.0
Published
Jun 22, 2018
Platform
js/wasm
Imports
12 packages
Last checked
6 hours ago

Tools for package owners.