PKI.sign.tar: Functions for signing and verification of tar files
In s-u/PKI: Public Key Infrastucture for R Based on the X.509 Standard
PKI.sign.tar R Documentation
Functions for signing and verification of tar files
Description
PKI.sign.tar appends a signature to a tar file
PKI.verify.tar verifies the signature in a tar file
Usage
PKI.sign.tar(tarfile, key, certificate, output = tarfile)
PKI.verify.tar(tarfile, key, silent = FALSE, enforce.cert = FALSE)
Arguments
tarfile
string, file name of the file to sign
key
PKI.sign.tar: private key to use for signing;
PKI.verify.tar: optional, public key to use for verification
certificate
optional, certificate to embed in the signature
with the public key matching key. If not present the
signature will only contain the public key.
output
file name, connection or raw vector determining how to
store the signed tar file
silent
if TRUE then no warning are generatod, otherwise
a warning is issues for failed verification describing the reason
for failure
enforce.cert
if TRUE then a certificate is required in
the signature. It can be also set to a valid certificate in which
case the public key of the certificate in the signature must also
match the public key in the supplied certificate.
Details
PKI.tar.sign adds extra entry .signature with the
signature based on the contents of the tarfile. Note that
any existing signatures are retained. key is a mandatory
private key used to sign the content. certificate is optional
but if present, it will be embedded in the signature.
The tarfile can be in compressed form (gzip, bzip2 or xz) in
which case it is decompressed internally before the signature is
applied. If output is a file name then the same compression is
applied to the output, otherwise the output is uncompressed.
PKI.verify.tar retrieves the last .signature entry from
the tar file (if tarfile is a file name then the same
compression auto-detection is applied as above) and
verifies the signature against either the supplied (public) key
or against the key or certificate stored in the signature. The result
is TRUE or FALSE except when enforce.cert is
set. In that case the result is the certificate contained in the
signature if the validation succeeded (and thus it can be further
verified against a chain of trust), otherwise FALSE.
Note
The signature format is ASN.1 DER encoded as follows:
SEQ(signature BITSTRING, subjectPublicKeyInfo, Certificate[opt])
The subjectPublicKeyInfo can be NULL in which case the
certificate must be present (in X.509 DER format).
The signature is appended as tar entry named
.signature. However, terminating blocks are not removed from
the file, so the signature is placed after the EOF blocks and thus
doesn't affect extraction.
Author(s)
Simon Urbanek
s-u/PKI documentation built on Feb. 12, 2024, 10:43 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
| PKI.sign.tar | R Documentation |
Functions for signing and verification of tar files
Description
PKI.sign.tar appends a signature to a tar file
PKI.verify.tar verifies the signature in a tar file
Usage
PKI.sign.tar(tarfile, key, certificate, output = tarfile)
PKI.verify.tar(tarfile, key, silent = FALSE, enforce.cert = FALSE)
Arguments
tarfile |
string, file name of the file to sign |
key |
|
certificate |
optional, certificate to embed in the signature
with the public key matching |
output |
file name, connection or raw vector determining how to store the signed tar file |
silent |
if |
enforce.cert |
if |
Details
PKI.tar.sign adds extra entry .signature with the
signature based on the contents of the tarfile. Note that
any existing signatures are retained. key is a mandatory
private key used to sign the content. certificate is optional
but if present, it will be embedded in the signature.
The tarfile can be in compressed form (gzip, bzip2 or xz) in
which case it is decompressed internally before the signature is
applied. If output is a file name then the same compression is
applied to the output, otherwise the output is uncompressed.
PKI.verify.tar retrieves the last .signature entry from
the tar file (if tarfile is a file name then the same
compression auto-detection is applied as above) and
verifies the signature against either the supplied (public) key
or against the key or certificate stored in the signature. The result
is TRUE or FALSE except when enforce.cert is
set. In that case the result is the certificate contained in the
signature if the validation succeeded (and thus it can be further
verified against a chain of trust), otherwise FALSE.
Note
The signature format is ASN.1 DER encoded as follows:
SEQ(signature BITSTRING, subjectPublicKeyInfo, Certificate[opt])
The subjectPublicKeyInfo can be NULL in which case the
certificate must be present (in X.509 DER format).
The signature is appended as tar entry named
.signature. However, terminating blocks are not removed from
the file, so the signature is placed after the EOF blocks and thus
doesn't affect extraction.
Author(s)
Simon Urbanek
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.