diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2019-12-19 13:29:25 -0500 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2019-12-20 09:30:47 -0500 |
| commit | 50ece79387dcf6c748e3ae1bd6a7067059c0dfe3 (patch) | |
| tree | 6b30c4f66f7be315ff2257447be3818be98fb50f /vendor/gopkg.in/square/go-jose.v2/opaque.go | |
| parent | a359ca0d1825859dd8b7c1384f11d703ec6625b4 (diff) | |
| download | podman-50ece79387dcf6c748e3ae1bd6a7067059c0dfe3.tar.gz podman-50ece79387dcf6c748e3ae1bd6a7067059c0dfe3.tar.bz2 podman-50ece79387dcf6c748e3ae1bd6a7067059c0dfe3.zip | |
build(deps): bump github.com/containers/image/v5 from 5.0.0 to 5.1.0
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.0.0...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'vendor/gopkg.in/square/go-jose.v2/opaque.go')
| -rw-r--r-- | vendor/gopkg.in/square/go-jose.v2/opaque.go | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/vendor/gopkg.in/square/go-jose.v2/opaque.go b/vendor/gopkg.in/square/go-jose.v2/opaque.go new file mode 100644 index 000000000..4a8bd8f32 --- /dev/null +++ b/vendor/gopkg.in/square/go-jose.v2/opaque.go @@ -0,0 +1,83 @@ +/*- + * Copyright 2018 Square Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package jose + +// OpaqueSigner is an interface that supports signing payloads with opaque +// private key(s). Private key operations preformed by implementors may, for +// example, occur in a hardware module. An OpaqueSigner may rotate signing keys +// transparently to the user of this interface. +type OpaqueSigner interface { + // Public returns the public key of the current signing key. + Public() *JSONWebKey + // Algs returns a list of supported signing algorithms. + Algs() []SignatureAlgorithm + // SignPayload signs a payload with the current signing key using the given + // algorithm. + SignPayload(payload []byte, alg SignatureAlgorithm) ([]byte, error) +} + +type opaqueSigner struct { + signer OpaqueSigner +} + +func newOpaqueSigner(alg SignatureAlgorithm, signer OpaqueSigner) (recipientSigInfo, error) { + var algSupported bool + for _, salg := range signer.Algs() { + if alg == salg { + algSupported = true + break + } + } + if !algSupported { + return recipientSigInfo{}, ErrUnsupportedAlgorithm + } + + return recipientSigInfo{ + sigAlg: alg, + publicKey: signer.Public, + signer: &opaqueSigner{ + signer: signer, + }, + }, nil +} + +func (o *opaqueSigner) signPayload(payload []byte, alg SignatureAlgorithm) (Signature, error) { + out, err := o.signer.SignPayload(payload, alg) + if err != nil { + return Signature{}, err + } + + return Signature{ + Signature: out, + protected: &rawHeader{}, + }, nil +} + +// OpaqueVerifier is an interface that supports verifying payloads with opaque +// public key(s). An OpaqueSigner may rotate signing keys transparently to the +// user of this interface. +type OpaqueVerifier interface { + VerifyPayload(payload []byte, signature []byte, alg SignatureAlgorithm) error +} + +type opaqueVerifier struct { + verifier OpaqueVerifier +} + +func (o *opaqueVerifier) verifyPayload(payload []byte, signature []byte, alg SignatureAlgorithm) error { + return o.verifier.VerifyPayload(payload, signature, alg) +} |