Shortcuts on this page
r m x toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# Copyright 2022 The Sigstore Authors
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
15"""
16API for verifying artifact signatures.
18Example:
19```python
20import base64
21from pathlib import Path
23from sigstore.models import Bundle
24from sigstore.verify import Verifier
25from sigstore.verify.policy import Identity
27# The input to verify
28input_ = Path("foo.txt").read_bytes()
30# The bundle to verify with
31bundle = Bundle.from_json(Path("foo.txt.sigstore.json").read_bytes())
33verifier = Verifier.production()
34result = verifier.verify(
35 input_,
36 bundle,
37 Identity(
38 identity="foo@bar.com",
39 issuer="https://accounts.google.com",
40 ),
41)
42print(result)
43```
44"""
46from sigstore.verify import policy, verifier
47from sigstore.verify.verifier import Verifier
49__all__ = [
50 "Verifier",
51 "policy",
52 "verifier",
53]