github.com/boxboat/in-toto-golang@v0.0.3-0.20210303203820-2fa16ecbe6f6/in_toto/examples_test.go (about) 1 package in_toto 2 3 import ( 4 "fmt" 5 "os" 6 ) 7 8 /* 9 NOTE: The example code requires the following files to be in the current 10 working directory: `demo.layout` (root layout), `alice.pub` (layout 11 signature verification key), `write-code.776a00e2.link` and 12 `package.2f89b927.link` (link metadata files), and `foo.tar.gz` (target file of 13 final product). You can copy these files from 14 https://github.com/in-toto/in-toto-golang/tree/master/test/data. 15 */ 16 17 const LayoutPath = "demo.layout" 18 const LayoutKeyPath = "alice.pub" 19 const LinkDirectory = "." 20 21 func ExampleInTotoVerify() { 22 // Load the layout verification key and create a map as is required by 23 // InTotoVerify. The layout represents the root of trust so it is a good 24 // idea to sign it using multiple keys. 25 var pubKey Key 26 err := pubKey.LoadKey(LayoutKeyPath, "rsassa-pss-sha256", []string{"sha256", "sha512"}) 27 if err != nil { 28 fmt.Printf("Unable to load public key: %s", err) 29 } 30 var layoutKeys = map[string]Key{ 31 pubKey.KeyID: pubKey, 32 } 33 34 // Perform in-toto software supply chain verification, using the provided 35 // test data. 36 var layoutMb Metablock 37 if err := layoutMb.Load(LayoutPath); err != nil { 38 fmt.Printf("Unable to load layout metadata: %s", err) 39 } 40 if err := validateLayout(layoutMb.Signed.(Layout)); err != nil { 41 fmt.Printf("Invalid metadata found: %s", err) 42 } 43 if _, err := InTotoVerify(layoutMb, layoutKeys, LinkDirectory, "", 44 make(map[string]string), [][]byte{}); err != nil { 45 fmt.Printf("In-toto verification failed: %s", err) 46 } else { 47 fmt.Println("In-toto verification succeeded!") 48 } 49 50 // During verification the inspection "untar" was executed, generating a 51 // corresponding link metadata file "untar.link". You can safely remove it. 52 err = os.Remove("untar.link") 53 if err != nil { 54 fmt.Printf("Unable to remove untar.link: %s", err) 55 } 56 // Output: In-toto verification succeeded! 57 }