refactor: adapt to breaking change in dsse package

dsse.NewEnvelopeSigner now expects a Signer rather than a SignerVerifier. Trim down dsseSigner type to implement only the Signer interface. Ref: secure-systems-lab/go-securesystemslib#57 Signed-off-by: Dave Dykstra <2129743+DrDaveD@users.noreply.github.com>
apptainer · Dec 21, 2023 · 120bc62 · 120bc62
1 parent 99502a4
commit 120bc62
Showing 1 changed file with 2 additions and 15 deletions.
diff --git a/pkg/integrity/dsse.go b/pkg/integrity/dsse.go
@@ -45,7 +45,7 @@ func newDSSEEncoder(ss []signature.Signer, opts ...signature.SignOption) (*dsseE
 		opts = append(opts, options.WithCryptoSignerOpts(so))
 	}
 
-	dss := make([]dsse.SignerVerifier, 0, len(ss))
+	dss := make([]dsse.Signer, 0, len(ss))
 	for _, s := range ss {
 		ds, err := newDSSESigner(s, opts...)
 		if err != nil {
@@ -145,8 +145,7 @@ type dsseSigner struct {
 	pub  crypto.PublicKey
 }
 
-// newDSSESigner returns a dsse.SignerVerifier that uses s to sign according to opts. Note that the
-// returned value is suitable only for signing, and not verification.
+// newDSSESigner returns a dsse.Signer that uses s to sign according to opts.
 func newDSSESigner(s signature.Signer, opts ...signature.SignOption) (*dsseSigner, error) {
 	pub, err := s.PublicKey()
 	if err != nil {
@@ -168,18 +167,6 @@ func (s *dsseSigner) Sign(ctx context.Context, data []byte) ([]byte, error) {
 	return s.s.SignMessage(bytes.NewReader(data), opts...)
 }
 
-var errVerifyNotImplemented = errors.New("verify not implemented")
-
-// Verify is not implemented, but required for the dsse.SignerVerifier interface.
-func (s *dsseSigner) Verify(_ context.Context, _, _ []byte) error {
-	return errVerifyNotImplemented
-}
-
-// Public returns the public key associated with s.
-func (s *dsseSigner) Public() crypto.PublicKey {
-	return s.pub
-}
-
 // KeyID returns the key ID associated with s.
 func (s dsseSigner) KeyID() (string, error) {
 	return dsse.SHA256KeyID(s.pub)