package utils

import "github.com/theupdateframework/notary/tuf/utils"

Index

Functions

func CanonicalKeyID 

func CanonicalKeyID(k data.PublicKey) (string, error)

CanonicalKeyID returns the ID of the public bytes version of a TUF key. On regular RSA/ECDSA TUF keys, this is just the key ID. On X509 RSA/ECDSA TUF keys, this is the key ID of the public key part of the key in the leaf cert

func CertBundleToKey 

func CertBundleToKey(leafCert *x509.Certificate, intCerts []*x509.Certificate) (data.PublicKey, error)

CertBundleToKey creates a TUF key from a leaf certs and a list of intermediates

func CertChainToPEM 

func CertChainToPEM(certChain []*x509.Certificate) ([]byte, error)

CertChainToPEM is a utility function returns a PEM encoded chain of x509 Certificates, in the order they are passed

func CertToKey 

func CertToKey(cert *x509.Certificate) data.PublicKey

CertToKey transforms a single input certificate into its corresponding PublicKey

func CertToPEM 

func CertToPEM(cert *x509.Certificate) []byte

CertToPEM is a utility function returns a PEM encoded x509 Certificate

func CertsToKeys 

func CertsToKeys(leafCerts map[string]*x509.Certificate, intCerts map[string][]*x509.Certificate) map[string]data.PublicKey

CertsToKeys transforms each of the input certificate chains into its corresponding PublicKey

func ConsistentName 

func ConsistentName(role string, hashSha256 []byte) string

ConsistentName generates the appropriate HTTP URL path for the role, based on whether the repo is marked as consistent. The RemoteStore is responsible for adding file extensions.

func DoHash 

func DoHash(alg string, d []byte) []byte

DoHash returns the digest of d using the hashing algorithm named in alg

func ECDSAToPrivateKey 

func ECDSAToPrivateKey(ecdsaPrivKey *ecdsa.PrivateKey) (data.PrivateKey, error)

ECDSAToPrivateKey converts an ecdsa.Private key to a TUF data.PrivateKey type

func ED25519ToPrivateKey 

func ED25519ToPrivateKey(privKeyBytes []byte) (data.PrivateKey, error)

ED25519ToPrivateKey converts a serialized ED25519 key to a TUF data.PrivateKey type

func EncryptPrivateKey 

func EncryptPrivateKey(key data.PrivateKey, role, gun, passphrase string) ([]byte, error)

EncryptPrivateKey returns an encrypted PEM key given a Privatekey and a passphrase

func FindRoleIndex 

func FindRoleIndex(rs []*data.Role, name string) int

FindRoleIndex returns the index of the role named <name> or -1 if no matching role is found.

func GenerateECDSAKey 

func GenerateECDSAKey(random io.Reader) (data.PrivateKey, error)

GenerateECDSAKey generates an ECDSA Private key and returns a TUF PrivateKey

func GenerateED25519Key 

func GenerateED25519Key(random io.Reader) (data.PrivateKey, error)

GenerateED25519Key generates an ED25519 private key and returns a TUF PrivateKey. The serialization format we use is just the public key bytes followed by the private key bytes

func GenerateRSAKey 

func GenerateRSAKey(random io.Reader, bits int) (data.PrivateKey, error)

GenerateRSAKey generates an RSA private key and returns a TUF PrivateKey

func GetIntermediateCerts 

func GetIntermediateCerts(certs []*x509.Certificate) []*x509.Certificate

GetIntermediateCerts parses a list of x509 Certificates and returns all of the ones marked as a CA, to be used as intermediates

func GetLeafCerts 

func GetLeafCerts(certs []*x509.Certificate) []*x509.Certificate

GetLeafCerts parses a list of x509 Certificates and returns all of them that aren't CA

func KeyToPEM 

func KeyToPEM(privKey data.PrivateKey, role, gun string) ([]byte, error)

KeyToPEM returns a PEM encoded key from a Private Key

func LoadCertBundleFromFile 

func LoadCertBundleFromFile(filename string) ([]*x509.Certificate, error)

LoadCertBundleFromFile loads certificates from the []byte provided. The data is expected to be PEM Encoded and contain one of more certificates with PEM type "CERTIFICATE"

func LoadCertBundleFromPEM 

func LoadCertBundleFromPEM(pemBytes []byte) ([]*x509.Certificate, error)

LoadCertBundleFromPEM loads certificates from the []byte provided. The data is expected to be PEM Encoded and contain one of more certificates with PEM type "CERTIFICATE"

func LoadCertFromFile 

func LoadCertFromFile(filename string) (*x509.Certificate, error)

LoadCertFromFile loads the first certificate from the file provided. The data is expected to be PEM Encoded and contain one of more certificates with PEM type "CERTIFICATE"

func LoadCertFromPEM 

func LoadCertFromPEM(pemBytes []byte) (*x509.Certificate, error)

LoadCertFromPEM returns the first certificate found in a bunch of bytes or error if nothing is found. Taken from https://golang.org/src/crypto/x509/cert_pool.go#L85.

func NewCertificate 

func NewCertificate(gun string, startTime, endTime time.Time) (*x509.Certificate, error)

NewCertificate returns an X509 Certificate following a template, given a GUN and validity interval.

func ParsePEMPrivateKey 

func ParsePEMPrivateKey(pemBytes []byte, passphrase string) (data.PrivateKey, error)

ParsePEMPrivateKey returns a data.PrivateKey from a PEM encoded private key. It only supports RSA (PKCS#1) and attempts to decrypt using the passphrase, if encrypted.

func ParsePEMPublicKey 

func ParsePEMPublicKey(pubKeyBytes []byte) (data.PublicKey, error)

ParsePEMPublicKey returns a data.PublicKey from a PEM encoded public key or certificate.

func RSAToPrivateKey 

func RSAToPrivateKey(rsaPrivKey *rsa.PrivateKey) (data.PrivateKey, error)

RSAToPrivateKey converts an rsa.Private key to a TUF data.PrivateKey type

func RemoveUnusedKeys 

func RemoveUnusedKeys(t *data.SignedTargets)

RemoveUnusedKeys determines which keys in the slice of IDs are no longer used in the given targets file and removes them from the delegated keys map

func StrSliceContains 

func StrSliceContains(ss []string, s string) bool

StrSliceContains checks if the given string appears in the slice

func StrSliceRemove 

func StrSliceRemove(ss []string, s string) []string

StrSliceRemove removes the the given string from the slice, returning a new slice

func UnusedDelegationKeys 

func UnusedDelegationKeys(t data.SignedTargets) []string

UnusedDelegationKeys prunes a list of keys, returning those that are no longer in use for a given targets file

func ValidateCertificate 

func ValidateCertificate(c *x509.Certificate, checkExpiry bool) error

ValidateCertificate returns an error if the certificate is not valid for notary Currently this is only ensuring the public key has a large enough modulus if RSA, using a non SHA1 signature algorithm, and an optional time expiry check

func X509PublicKeyID 

func X509PublicKeyID(certPubKey data.PublicKey) (string, error)

X509PublicKeyID returns a public key ID as a string, given a data.PublicKey that contains an X509 Certificate

Types

type ErrBadTypeCast 

type ErrBadTypeCast struct{}

ErrBadTypeCast is used by PopX functions when the item cannot be typed to X

func (ErrBadTypeCast) Error 

func (err ErrBadTypeCast) Error() string

type ErrEmptyStack 

type ErrEmptyStack struct {
	// contains filtered or unexported fields
}

ErrEmptyStack is used when an action that requires some content is invoked and the stack is empty

func (ErrEmptyStack) Error 

func (err ErrEmptyStack) Error() string

type NoopCloser 

type NoopCloser struct {
	io.Reader
}

NoopCloser is a simple Reader wrapper that does nothing when Close is called

func (*NoopCloser) Close 

func (nc *NoopCloser) Close() error

Close does nothing for a NoopCloser

type RoleList 

type RoleList []string

RoleList is a list of roles

func (RoleList) Len 

func (r RoleList) Len() int

Len returns the length of the list

func (RoleList) Less 

func (r RoleList) Less(i, j int) bool

Less returns true if the item at i should be sorted before the item at j. It's an unstable partial ordering based on the number of segments, separated by "/", in the role name

func (RoleList) Swap 

func (r RoleList) Swap(i, j int)

Swap the items at 2 locations in the list

type Stack 

type Stack struct {
	// contains filtered or unexported fields
}

Stack is a simple type agnostic stack implementation

func NewStack 

func NewStack() *Stack

NewStack create a new stack

func (*Stack) Empty 

func (s *Stack) Empty() bool

Empty returns true if the stack is empty

func (*Stack) Pop 

func (s *Stack) Pop() (interface{}, error)

Pop removes and returns the top item on the stack, or returns ErrEmptyStack if the stack has no content

func (*Stack) PopString 

func (s *Stack) PopString() (string, error)

PopString attempts to cast the top item on the stack to the string type. If this succeeds, it removes and returns the top item. If the item is not of the string type, ErrBadTypeCast is returned. If the stack is empty, ErrEmptyStack is returned

func (*Stack) Push 

func (s *Stack) Push(item interface{})

Push adds an item to the top of the stack.

Source Files

role_sort.go stack.go utils.go x509.go

Version
v0.5.0
Published
Nov 14, 2016
Platform
js/wasm
Imports
23 packages
Last checked
2 hours ago

Tools for package owners.