diff options
author | Paul Holzinger <pholzing@redhat.com> | 2022-09-08 15:32:44 +0200 |
---|---|---|
committer | Paul Holzinger <pholzing@redhat.com> | 2022-09-09 11:58:20 +0200 |
commit | eb28a1c08469d56494006d0f2c64933ab7078d01 (patch) | |
tree | dbacf86cf194955f34f09ec56d2df284321e2ae7 /vendor/github.com/sigstore | |
parent | 7e2f002b0751c2c24e9c243495cbc313d0c3c103 (diff) | |
download | podman-eb28a1c08469d56494006d0f2c64933ab7078d01.tar.gz podman-eb28a1c08469d56494006d0f2c64933ab7078d01.tar.bz2 podman-eb28a1c08469d56494006d0f2c64933ab7078d01.zip |
update buildah and c/common to latest
also includes bumps for c/storage and c/image
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Diffstat (limited to 'vendor/github.com/sigstore')
4 files changed, 11 insertions, 7 deletions
diff --git a/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/password.go b/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/password.go index 72fe1aa3a..31011f34c 100644 --- a/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/password.go +++ b/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/password.go @@ -27,10 +27,8 @@ import ( // PassFunc is a type of function that takes a boolean (representing whether confirmation is desired) and returns the password as read, along with an error if one occurred type PassFunc func(bool) ([]byte, error) -var ( - // Read is for fuzzing - Read = readPasswordFn -) +// Read is for fuzzing +var Read = readPasswordFn // readPasswordFn reads the password from the following sources, in order of preference: // diff --git a/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/publickey.go b/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/publickey.go index fd0a63432..e9f48decb 100644 --- a/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/publickey.go +++ b/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/publickey.go @@ -52,7 +52,13 @@ func UnmarshalPEMToPublicKey(pemBytes []byte) (crypto.PublicKey, error) { if derBytes == nil { return nil, errors.New("PEM decoding failed") } - return x509.ParsePKIXPublicKey(derBytes.Bytes) + switch derBytes.Type { + case string(PublicKeyPEMType): + return x509.ParsePKIXPublicKey(derBytes.Bytes) + default: + return nil, fmt.Errorf("unknown Public key PEM file type: %v. Are you passing the correct public key?", + derBytes.Type) + } } // MarshalPublicKeyToDER converts a crypto.PublicKey into a PKIX, ASN.1 DER byte slice diff --git a/vendor/github.com/sigstore/sigstore/pkg/signature/ed25519.go b/vendor/github.com/sigstore/sigstore/pkg/signature/ed25519.go index 116c34c7c..23a8638ff 100644 --- a/vendor/github.com/sigstore/sigstore/pkg/signature/ed25519.go +++ b/vendor/github.com/sigstore/sigstore/pkg/signature/ed25519.go @@ -154,7 +154,7 @@ func LoadED25519SignerVerifier(priv ed25519.PrivateKey) (*ED25519SignerVerifier, } pub, ok := priv.Public().(ed25519.PublicKey) if !ok { - return nil, fmt.Errorf("given key is not ed25519.PublicKey: %w", err) + return nil, fmt.Errorf("given key is not ed25519.PublicKey") } verifier, err := LoadED25519Verifier(pub) if err != nil { diff --git a/vendor/github.com/sigstore/sigstore/pkg/signature/payload/payload.go b/vendor/github.com/sigstore/sigstore/pkg/signature/payload/payload.go index 7db2ad80c..c58368433 100644 --- a/vendor/github.com/sigstore/sigstore/pkg/signature/payload/payload.go +++ b/vendor/github.com/sigstore/sigstore/pkg/signature/payload/payload.go @@ -26,7 +26,7 @@ import ( const CosignSignatureType = "cosign container image signature" // SimpleContainerImage describes the structure of a basic container image signature payload, as defined at: -// https://github.com/containers/image/blob/master/docs/containers-signature.5.md#json-data-format +// https://github.com/containers/image/blob/master/docs/containers-signature.5.md#json-data-format type SimpleContainerImage struct { Critical Critical `json:"critical"` // Critical data critical to correctly evaluating the validity of the signature Optional map[string]interface{} `json:"optional"` // Optional optional metadata about the image |