Documentation
¶
Overview ¶
Package jsonsign implements Camlistore's cryptographic signing and verification of JSON blobs.
Index ¶
- func ArmoredPublicKey(entity *openpgp.Entity) (string, error)
- func EntityFromSecring(keyId, keyFile string) (*openpgp.Entity, error)
- func GenerateNewSecRing(secRing string) (keyId string, err error)
- func KeyIdFromRing(secRing string) (keyId string, err error)
- func NewEntity() (*openpgp.Entity, error)
- func ParseArmoredPublicKey(r io.Reader) (shortKeyId, armoredKey string, err error)
- func VerifyPublicKeyFile(file, keyid string) (bool, error)
- func WriteKeyRing(w io.Writer, el openpgp.EntityList) error
- type CachingEntityFetcher
- type EntityFetcher
- type FileEntityFetcher
- type SignRequest
- type VerifyRequest
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EntityFromSecring ¶
EntityFromSecring returns the openpgp Entity from keyFile that matches keyId. If empty, keyFile defaults to osutil.SecretRingFile().
func GenerateNewSecRing ¶
GenerateNewSecRing creates a new secret ring file secRing, with a new GPG identity. It returns the public keyId of that identity. It returns an error if the file already exists.
func KeyIdFromRing ¶
KeyIdFromRing returns the public keyId contained in the secret ring file secRing. It expects only one keyId in this secret ring and returns an error otherwise.
func ParseArmoredPublicKey ¶
ParseArmoredPublicKey tries to parse an armored public key from r, taking care to bound the amount it reads. The returned shortKeyId is 8 capital hex digits. The returned armoredKey is a copy of the contents read.
Types ¶
type CachingEntityFetcher ¶
type CachingEntityFetcher struct {
Fetcher EntityFetcher
// contains filtered or unexported fields
}
type EntityFetcher ¶
type FileEntityFetcher ¶
type FileEntityFetcher struct {
File string
}
func FlagEntityFetcher ¶
func FlagEntityFetcher() *FileEntityFetcher
type SignRequest ¶
type SignRequest struct {
UnsignedJSON string
Fetcher blob.Fetcher
ServerMode bool // if true, can't use pinentry or gpg-agent, etc.
// Optional signature time. If zero, time.Now() is used.
SignatureTime time.Time
// Optional function to return an entity (including decrypting
// the PrivateKey, if necessary)
EntityFetcher EntityFetcher
// SecretKeyringPath is only used if EntityFetcher is nil,
// in which case SecretKeyringPath is used if non-empty.
// As a final resort, we default to osutil.SecretRingFile().
SecretKeyringPath string
}
func (*SignRequest) Sign ¶
func (sr *SignRequest) Sign() (signedJSON string, err error)
type VerifyRequest ¶
type VerifyRequest struct {
CamliSigner blob.Ref
CamliSig string
PublicKeyPacket *packet.PublicKey
// set if Verify() returns true:
PayloadMap map[string]interface{} // The JSON values from BPJ
SignerKeyId string // e.g. "2931A67C26F5ABDA"
Err error // last error encountered
// contains filtered or unexported fields
}
See doc/json-signing/* for background and details on these variable names.
func NewVerificationRequest ¶
func NewVerificationRequest(sjson string, fetcher blob.Fetcher) (vr *VerifyRequest)
func (*VerifyRequest) FindAndParsePublicKeyBlob ¶
func (vr *VerifyRequest) FindAndParsePublicKeyBlob() bool
func (*VerifyRequest) ParsePayloadMap ¶
func (vr *VerifyRequest) ParsePayloadMap() bool
func (*VerifyRequest) ParseSigMap ¶
func (vr *VerifyRequest) ParseSigMap() bool
func (*VerifyRequest) Verify ¶
func (vr *VerifyRequest) Verify() bool
TODO: turn this into (bool, os.Error) return, probably, or *Details, os.Error.
func (*VerifyRequest) VerifySignature ¶
func (vr *VerifyRequest) VerifySignature() bool
Source Files
¶
- doc.go
- keys.go
- sign.go
- sign_normal.go
- verify.go
Directories
¶
| Path | Synopsis |
|---|---|
|
Package signhandler implements the HTTP interface to signing and verifying Camlistore JSON blobs.
|
Package signhandler implements the HTTP interface to signing and verifying Camlistore JSON blobs. |