diff options
| author | TomSweeneyRedHat <tsweeney@redhat.com> | 2020-08-03 14:34:20 -0400 |
|---|---|---|
| committer | TomSweeneyRedHat <tsweeney@redhat.com> | 2020-08-03 14:34:24 -0400 |
| commit | 47c91097f7b93045e9c099b52870c35577f80734 (patch) | |
| tree | fd63e9de155376c5f6f8ac021045a258cf491994 /vendor/go.mozilla.org/pkcs7/README.md | |
| parent | 1709335cf04e947117d4ae4dca72f24f4095511b (diff) | |
| download | podman-47c91097f7b93045e9c099b52870c35577f80734.tar.gz podman-47c91097f7b93045e9c099b52870c35577f80734.tar.bz2 podman-47c91097f7b93045e9c099b52870c35577f80734.zip | |
Bump to Buildah 1.16.0-dev in upstream
Bump Buildah to v1.16.0-dev in the upstream branch
of Podman. This will allow us to get a number of new
issues into the upstream branch for use. The version of
Buildah will need to be bumped to v1.16.0 and then
vendored into Podman before we release Podman v2.0
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Diffstat (limited to 'vendor/go.mozilla.org/pkcs7/README.md')
| -rw-r--r-- | vendor/go.mozilla.org/pkcs7/README.md | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/vendor/go.mozilla.org/pkcs7/README.md b/vendor/go.mozilla.org/pkcs7/README.md new file mode 100644 index 000000000..bf37059c5 --- /dev/null +++ b/vendor/go.mozilla.org/pkcs7/README.md @@ -0,0 +1,69 @@ +# pkcs7 + +[](https://godoc.org/go.mozilla.org/pkcs7) +[](https://travis-ci.org/mozilla-services/pkcs7) + +pkcs7 implements parsing and creating signed and enveloped messages. + +```go +package main + +import ( + "bytes" + "crypto/rsa" + "crypto/x509" + "encoding/pem" + "fmt" + "os" + + "go.mozilla.org/pkcs7" +) + +func SignAndDetach(content []byte, cert *x509.Certificate, privkey *rsa.PrivateKey) (signed []byte, err error) { + toBeSigned, err := NewSignedData(content) + if err != nil { + err = fmt.Errorf("Cannot initialize signed data: %s", err) + return + } + if err = toBeSigned.AddSigner(cert, privkey, SignerInfoConfig{}); err != nil { + err = fmt.Errorf("Cannot add signer: %s", err) + return + } + + // Detach signature, omit if you want an embedded signature + toBeSigned.Detach() + + signed, err = toBeSigned.Finish() + if err != nil { + err = fmt.Errorf("Cannot finish signing data: %s", err) + return + } + + // Verify the signature + pem.Encode(os.Stdout, &pem.Block{Type: "PKCS7", Bytes: signed}) + p7, err := pkcs7.Parse(signed) + if err != nil { + err = fmt.Errorf("Cannot parse our signed data: %s", err) + return + } + + // since the signature was detached, reattach the content here + p7.Content = content + + if bytes.Compare(content, p7.Content) != 0 { + err = fmt.Errorf("Our content was not in the parsed data:\n\tExpected: %s\n\tActual: %s", content, p7.Content) + return + } + if err = p7.Verify(); err != nil { + err = fmt.Errorf("Cannot verify our signed data: %s", err) + return + } + + return signed, nil +} +``` + + + +## Credits +This is a fork of [fullsailor/pkcs7](https://github.com/fullsailor/pkcs7) |