utils

package

v0.0.0-...-d0ab675 Latest Latest Go to latest Published: Feb 17, 2026 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ThirdKeyAi/schemapin

Links

Open Source Insights

Documentation ¶

Overview ¶

Package utils provides high-level workflows for SchemaPin operations.

Index ¶

Variables
func CalculateSchemaHash(schema map[string]interface{}) ([]byte, error)
func CreateWellKnownResponse(publicKeyPEM, developerName, contact string, revokedKeys []string, ...) map[string]interface{}
func FormatKeyFingerprint(fingerprint string) string
func GenerateKeyPair() (privateKeyPEM, publicKeyPEM string, err error)
func IsTemporaryError(err error) bool
func ValidateSchema(schema map[string]interface{}) error
func VerifySignatureOnly(schemaHash []byte, signatureB64, publicKeyPEM string) (bool, error)
type SchemaSigningWorkflow
- func NewSchemaSigningWorkflow(privateKeyPEM string) (*SchemaSigningWorkflow, error)
- func (s *SchemaSigningWorkflow) GetPublicKeyPEM() (string, error)
- func (s *SchemaSigningWorkflow) SignSchema(schema map[string]interface{}) (string, error)
type SchemaVerificationError
- func NewSchemaVerificationError(errorType, message, code string) *SchemaVerificationError
- func (e *SchemaVerificationError) Error() string
type SchemaVerificationWorkflow
- func NewSchemaVerificationWorkflow(pinningDBPath string) (*SchemaVerificationWorkflow, error)
- func NewSchemaVerificationWorkflowWithPinning(keyPinning *pinning.KeyPinning) *SchemaVerificationWorkflow
type VerificationResult
- func RetryVerification(ctx context.Context, workflow *SchemaVerificationWorkflow, ...) (*VerificationResult, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrSchemaInvalid      = "SCHEMA_INVALID"
	ErrSignatureInvalid   = "SIGNATURE_INVALID"
	ErrKeyNotFound        = "KEY_NOT_FOUND"
	ErrKeyRevoked         = "KEY_REVOKED"
	ErrKeyExpired         = "KEY_EXPIRED"
	ErrDiscoveryFailed    = "DISCOVERY_FAILED"
	ErrPinningFailed      = "PINNING_FAILED"
	ErrVerificationFailed = "VERIFICATION_FAILED"
)

Common error types

Functions ¶

func CalculateSchemaHash ¶

func CalculateSchemaHash(schema map[string]interface{}) ([]byte, error)

CalculateSchemaHash calculates the hash of a schema for verification

func CreateWellKnownResponse ¶

func CreateWellKnownResponse(publicKeyPEM, developerName, contact string, revokedKeys []string, schemaVersion string, revocationEndpoint string) map[string]interface{}

CreateWellKnownResponse creates a .well-known response structure

func FormatKeyFingerprint ¶

func FormatKeyFingerprint(fingerprint string) string

FormatKeyFingerprint formats a key fingerprint for display

func GenerateKeyPair ¶

func GenerateKeyPair() (privateKeyPEM, publicKeyPEM string, err error)

GenerateKeyPair generates a new ECDSA key pair and returns PEM-encoded strings

func IsTemporaryError ¶

func IsTemporaryError(err error) bool

IsTemporaryError checks if an error is temporary and verification should be retried

func ValidateSchema ¶

func ValidateSchema(schema map[string]interface{}) error

ValidateSchema performs basic schema validation

func VerifySignatureOnly ¶

func VerifySignatureOnly(schemaHash []byte, signatureB64, publicKeyPEM string) (bool, error)

VerifySignatureOnly verifies a signature against a schema hash and public key

Types ¶

type SchemaSigningWorkflow ¶

type SchemaSigningWorkflow struct {
	// contains filtered or unexported fields
}

SchemaSigningWorkflow provides high-level signing operations

func NewSchemaSigningWorkflow ¶

func NewSchemaSigningWorkflow(privateKeyPEM string) (*SchemaSigningWorkflow, error)

NewSchemaSigningWorkflow creates a new signing workflow

func (*SchemaSigningWorkflow) GetPublicKeyPEM ¶

func (s *SchemaSigningWorkflow) GetPublicKeyPEM() (string, error)

GetPublicKeyPEM returns the PEM-encoded public key for this signing workflow

func (*SchemaSigningWorkflow) SignSchema ¶

func (s *SchemaSigningWorkflow) SignSchema(schema map[string]interface{}) (string, error)

SignSchema signs a schema and returns the base64-encoded signature

type SchemaVerificationError ¶

type SchemaVerificationError struct {
	Type    string `json:"type"`
	Message string `json:"message"`
	Code    string `json:"code"`
}

SchemaVerificationError represents errors that occur during schema verification

func NewSchemaVerificationError ¶

func NewSchemaVerificationError(errorType, message, code string) *SchemaVerificationError

NewSchemaVerificationError creates a new schema verification error

func (*SchemaVerificationError) Error ¶

func (e *SchemaVerificationError) Error() string

type SchemaVerificationWorkflow ¶

type SchemaVerificationWorkflow struct {
	// contains filtered or unexported fields
}

SchemaVerificationWorkflow provides high-level verification operations

func NewSchemaVerificationWorkflow ¶

func NewSchemaVerificationWorkflow(pinningDBPath string) (*SchemaVerificationWorkflow, error)

NewSchemaVerificationWorkflow creates a new verification workflow

func NewSchemaVerificationWorkflowWithPinning ¶

func NewSchemaVerificationWorkflowWithPinning(keyPinning *pinning.KeyPinning) *SchemaVerificationWorkflow

NewSchemaVerificationWorkflowWithPinning creates a new verification workflow with existing pinning

func (*SchemaVerificationWorkflow) Close ¶

func (s *SchemaVerificationWorkflow) Close() error

Close closes the verification workflow and releases resources

func (*SchemaVerificationWorkflow) GetPinnedKeyInfo ¶

func (s *SchemaVerificationWorkflow) GetPinnedKeyInfo(toolID string) (*pinning.PinnedKeyInfo, error)

GetPinnedKeyInfo retrieves information about a pinned key

func (*SchemaVerificationWorkflow) ListPinnedKeys ¶

func (s *SchemaVerificationWorkflow) ListPinnedKeys() ([]map[string]interface{}, error)

ListPinnedKeys lists all pinned keys

func (*SchemaVerificationWorkflow) PinKeyForTool ¶

func (s *SchemaVerificationWorkflow) PinKeyForTool(ctx context.Context, toolID, domain, developerName string) error

PinKeyForTool manually pins a key for a specific tool

func (*SchemaVerificationWorkflow) RemovePinnedKey ¶

func (s *SchemaVerificationWorkflow) RemovePinnedKey(toolID string) error

RemovePinnedKey removes a pinned key

func (*SchemaVerificationWorkflow) VerifySchema ¶

func (s *SchemaVerificationWorkflow) VerifySchema(ctx context.Context, schema map[string]interface{}, signatureB64, toolID, domain string, autoPin bool) (*VerificationResult, error)

VerifySchema verifies a signed schema with optional auto-pinning

type VerificationResult ¶

type VerificationResult struct {
	Valid         bool                   `json:"valid"`
	Pinned        bool                   `json:"pinned"`
	FirstUse      bool                   `json:"first_use"`
	Error         string                 `json:"error,omitempty"`
	DeveloperInfo map[string]string      `json:"developer_info,omitempty"`
	Metadata      map[string]interface{} `json:"metadata,omitempty"`
}

VerificationResult contains the result of schema verification

func RetryVerification ¶

func RetryVerification(ctx context.Context, workflow *SchemaVerificationWorkflow, schema map[string]interface{}, signatureB64, toolID, domain string, autoPin bool, maxRetries int) (*VerificationResult, error)

RetryVerification retries schema verification with exponential backoff

Source Files ¶

View all Source files

utils.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL