signedcontainer

package

v0.0.0-...-d66ef05 Latest Latest Go to latest Published: Feb 25, 2025 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/GoogleCloudPlatform/confidential-space

Documentation ¶

Overview ¶

Package signedcontainer contains functions to verify container image signatures.

Index ¶

type ImageSignature
type VerifiedSignature
type VerifyResult
- func Verify(imageDigest string, signatures []*ImageSignature) (*VerifyResult, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ImageSignature ¶

type ImageSignature struct {
	Payload   []byte
	Signature []byte
}

ImageSignature represents a container image signature.

type VerifiedSignature ¶

type VerifiedSignature struct {
	KeyID     string `json:"key_id,omitempty"`
	Signature string `json:"signature,omitempty"`
	Alg       string `json:"signature_algorithm,omitempty"`
}

VerifiedSignature contains information about a successfully verified signature.

type VerifyResult ¶

type VerifyResult struct {
	Verified []*VerifiedSignature
	Errors   []error
}

VerifyResult contains the results of verifying a list of signatures.

func Verify ¶

func Verify(imageDigest string, signatures []*ImageSignature) (*VerifyResult, error)

Verify attempts to verify the provided signatures with imageDigest and returns a VerifyResults object, which contains successfully verified signatures and the errors that arose from verification errors.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
internal
convert Package convert contains functions to innitialize Tink keysets from PEM-encoded data.	Package convert contains functions to innitialize Tink keysets from PEM-encoded data.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL