diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-08-04 15:01:22 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-08-04 15:01:22 +0200 |
| commit | 93d63208bbc6b75c6831302ac2c3c7b05cc743ce (patch) | |
| tree | 208a8ca4960eb14d04caffb936eb8c21e9045392 /vendor/go.mozilla.org/pkcs7/README.md | |
| parent | 6aed1076a21bc913210efd1f6ad7377dfd85a9f2 (diff) | |
| parent | 47c91097f7b93045e9c099b52870c35577f80734 (diff) | |
| download | podman-93d63208bbc6b75c6831302ac2c3c7b05cc743ce.tar.gz podman-93d63208bbc6b75c6831302ac2c3c7b05cc743ce.tar.bz2 podman-93d63208bbc6b75c6831302ac2c3c7b05cc743ce.zip | |
Merge pull request #7203 from TomSweeneyRedHat/dev/tsweeney/bump_buildah
Bump to Buildah 1.16.0-dev in upstream
Diffstat (limited to 'vendor/go.mozilla.org/pkcs7/README.md')
| -rw-r--r-- | vendor/go.mozilla.org/pkcs7/README.md | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/vendor/go.mozilla.org/pkcs7/README.md b/vendor/go.mozilla.org/pkcs7/README.md new file mode 100644 index 000000000..bf37059c5 --- /dev/null +++ b/vendor/go.mozilla.org/pkcs7/README.md @@ -0,0 +1,69 @@ +# pkcs7 + +[](https://godoc.org/go.mozilla.org/pkcs7) +[](https://travis-ci.org/mozilla-services/pkcs7) + +pkcs7 implements parsing and creating signed and enveloped messages. + +```go +package main + +import ( + "bytes" + "crypto/rsa" + "crypto/x509" + "encoding/pem" + "fmt" + "os" + + "go.mozilla.org/pkcs7" +) + +func SignAndDetach(content []byte, cert *x509.Certificate, privkey *rsa.PrivateKey) (signed []byte, err error) { + toBeSigned, err := NewSignedData(content) + if err != nil { + err = fmt.Errorf("Cannot initialize signed data: %s", err) + return + } + if err = toBeSigned.AddSigner(cert, privkey, SignerInfoConfig{}); err != nil { + err = fmt.Errorf("Cannot add signer: %s", err) + return + } + + // Detach signature, omit if you want an embedded signature + toBeSigned.Detach() + + signed, err = toBeSigned.Finish() + if err != nil { + err = fmt.Errorf("Cannot finish signing data: %s", err) + return + } + + // Verify the signature + pem.Encode(os.Stdout, &pem.Block{Type: "PKCS7", Bytes: signed}) + p7, err := pkcs7.Parse(signed) + if err != nil { + err = fmt.Errorf("Cannot parse our signed data: %s", err) + return + } + + // since the signature was detached, reattach the content here + p7.Content = content + + if bytes.Compare(content, p7.Content) != 0 { + err = fmt.Errorf("Our content was not in the parsed data:\n\tExpected: %s\n\tActual: %s", content, p7.Content) + return + } + if err = p7.Verify(); err != nil { + err = fmt.Errorf("Cannot verify our signed data: %s", err) + return + } + + return signed, nil +} +``` + + + +## Credits +This is a fork of [fullsailor/pkcs7](https://github.com/fullsailor/pkcs7) |