Skip to content

Commit

Permalink
refactor: adapt to breaking change in dsse package
Browse files Browse the repository at this point in the history
dsse.NewEnvelopeSigner now expects a Signer rather than a
SignerVerifier. Trim down dsseSigner type to implement only the Signer
interface.

Ref: secure-systems-lab/go-securesystemslib#57
Signed-off-by: Dave Dykstra <2129743+DrDaveD@users.noreply.github.com>
  • Loading branch information
tri-adam authored and DrDaveD committed Dec 21, 2023
1 parent 99502a4 commit 120bc62
Showing 1 changed file with 2 additions and 15 deletions.
17 changes: 2 additions & 15 deletions pkg/integrity/dsse.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ func newDSSEEncoder(ss []signature.Signer, opts ...signature.SignOption) (*dsseE
opts = append(opts, options.WithCryptoSignerOpts(so))
}

dss := make([]dsse.SignerVerifier, 0, len(ss))
dss := make([]dsse.Signer, 0, len(ss))
for _, s := range ss {
ds, err := newDSSESigner(s, opts...)
if err != nil {
Expand Down Expand Up @@ -145,8 +145,7 @@ type dsseSigner struct {
pub crypto.PublicKey
}

// newDSSESigner returns a dsse.SignerVerifier that uses s to sign according to opts. Note that the
// returned value is suitable only for signing, and not verification.
// newDSSESigner returns a dsse.Signer that uses s to sign according to opts.
func newDSSESigner(s signature.Signer, opts ...signature.SignOption) (*dsseSigner, error) {
pub, err := s.PublicKey()
if err != nil {
Expand All @@ -168,18 +167,6 @@ func (s *dsseSigner) Sign(ctx context.Context, data []byte) ([]byte, error) {
return s.s.SignMessage(bytes.NewReader(data), opts...)
}

var errVerifyNotImplemented = errors.New("verify not implemented")

// Verify is not implemented, but required for the dsse.SignerVerifier interface.
func (s *dsseSigner) Verify(_ context.Context, _, _ []byte) error {
return errVerifyNotImplemented
}

// Public returns the public key associated with s.
func (s *dsseSigner) Public() crypto.PublicKey {
return s.pub
}

// KeyID returns the key ID associated with s.
func (s dsseSigner) KeyID() (string, error) {
return dsse.SHA256KeyID(s.pub)
Expand Down

0 comments on commit 120bc62

Please sign in to comment.