1package signed 2 3import "github.com/theupdateframework/notary/tuf/data" 4 5// KeyService provides management of keys locally. It will never 6// accept or provide private keys. Communication between the KeyService 7// and a SigningService happen behind the Create function. 8type KeyService interface { 9 // Create issues a new key pair and is responsible for loading 10 // the private key into the appropriate signing service. 11 Create(role data.RoleName, gun data.GUN, algorithm string) (data.PublicKey, error) 12 13 // AddKey adds a private key to the specified role and gun 14 AddKey(role data.RoleName, gun data.GUN, key data.PrivateKey) error 15 16 // GetKey retrieves the public key if present, otherwise it returns nil 17 GetKey(keyID string) data.PublicKey 18 19 // GetPrivateKey retrieves the private key and role if present and retrievable, 20 // otherwise it returns nil and an error 21 GetPrivateKey(keyID string) (data.PrivateKey, data.RoleName, error) 22 23 // RemoveKey deletes the specified key, and returns an error only if the key 24 // removal fails. If the key doesn't exist, no error should be returned. 25 RemoveKey(keyID string) error 26 27 // ListKeys returns a list of key IDs for the role, or an empty list or 28 // nil if there are no keys. 29 ListKeys(role data.RoleName) []string 30 31 // ListAllKeys returns a map of all available signing key IDs to role, or 32 // an empty map or nil if there are no keys. 33 ListAllKeys() map[string]data.RoleName 34} 35 36// CryptoService is deprecated and all instances of its use should be 37// replaced with KeyService 38type CryptoService interface { 39 KeyService 40} 41 42// Verifier defines an interface for verfying signatures. An implementer 43// of this interface should verify signatures for one and only one 44// signing scheme. 45type Verifier interface { 46 Verify(key data.PublicKey, sig []byte, msg []byte) error 47} 48