ExtractKeySpec extracts KeySpec from the signing certificate.

NewEnvelope generates an envelope of given media type.

NewLocalSigner returns a new signer with given certificates and private key.

ParseEnvelope generates an envelope for given envelope bytes with specified media type.

RegisteredEnvelopeTypes lists registered envelope media types.

RegisterEnvelopeType registers newFunc and parseFunc for the given mediaType.

VerifyAuthenticity verifies the certificate chain in the given SignerInfo with one of the trusted certificates and returns a certificate that matches with one of the certificates in the SignerInfo.

ECDSA on secp256r1 with SHA-256.

ECDSA on secp384r1 with SHA-384.

ECDSA on secp521r1 with SHA-512.

RSASSA-PSS with SHA-256.

RSASSA-PSS with SHA-384.

RSASSA-PSS with SHA-512.

KeyType EC.

KeyType RSA.

notary.x509 signing scheme.

notary.x509.signingAuthority schema.

Attribute represents metadata in the Signature envelope.

DuplicateKeyError is used when repeated key name found.

EnvelopeContent represents a combination of payload to be signed and a parsed signature envelope.

InvalidArgumentError is used when an argument to a function is invalid.

InvalidSignatureError is used when Signature envelope is invalid.

InvalidSignRequestError is used when SignRequest is invalid.

KeySpec defines a key type and size.

Payload represents payload in bytes and its content type.

SignatureAuthenticityError is used when signature is not generated using trusted certificates.

SignatureEnvelopeNotFoundError is used when signature envelope is not present.

SignatureIntegrityError is used when the signature associated is no longer valid.

SignatureNotFoundError is used when signature envelope is not present.

SignedAttributes represents signed metadata in the signature envelope.

SignerInfo represents a parsed signature envelope that is agnostic to signature envelope format.

SignRequest is used to generate Signature.

TimestampError is any error related to RFC3161 Timestamp.

UnsignedAttributes represents unsigned metadata in the Signature envelope.

UnsupportedSignatureAlgoError is used when signing algo is not supported.

UnsupportedSignatureFormatError is used when Signature envelope is not supported.

UnsupportedSigningKeyError is used when a signing key is not supported.

Envelope provides basic functions to manipulate signatures.

LocalSigner is only used by built-in signers to sign.

Signer is used to sign bytes generated after signature envelope created.

Algorithm defines the signature algorithm.

KeyType defines the key type.

NewEnvelopeFunc defines a function to create a new Envelope.

ParseEnvelopeFunc defines a function that takes envelope bytes to create an Envelope.

SignatureMediaType list the supported media-type for signatures.

SigningScheme formalizes the feature set (guarantees) provided by the signature.