From 120bc62f79bbf8a90cad4e19edf271d7484c5372 Mon Sep 17 00:00:00 2001 From: Adam Hughes <9903835+tri-adam@users.noreply.github.com> Date: Wed, 20 Dec 2023 19:46:13 +0000 Subject: [PATCH] refactor: adapt to breaking change in dsse package dsse.NewEnvelopeSigner now expects a Signer rather than a SignerVerifier. Trim down dsseSigner type to implement only the Signer interface. Ref: https://github.com/secure-systems-lab/go-securesystemslib/pull/57 Signed-off-by: Dave Dykstra <2129743+DrDaveD@users.noreply.github.com> --- pkg/integrity/dsse.go | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/pkg/integrity/dsse.go b/pkg/integrity/dsse.go index 0c4fdbb..68d9fd1 100644 --- a/pkg/integrity/dsse.go +++ b/pkg/integrity/dsse.go @@ -45,7 +45,7 @@ func newDSSEEncoder(ss []signature.Signer, opts ...signature.SignOption) (*dsseE opts = append(opts, options.WithCryptoSignerOpts(so)) } - dss := make([]dsse.SignerVerifier, 0, len(ss)) + dss := make([]dsse.Signer, 0, len(ss)) for _, s := range ss { ds, err := newDSSESigner(s, opts...) if err != nil { @@ -145,8 +145,7 @@ type dsseSigner struct { pub crypto.PublicKey } -// newDSSESigner returns a dsse.SignerVerifier that uses s to sign according to opts. Note that the -// returned value is suitable only for signing, and not verification. +// newDSSESigner returns a dsse.Signer that uses s to sign according to opts. func newDSSESigner(s signature.Signer, opts ...signature.SignOption) (*dsseSigner, error) { pub, err := s.PublicKey() if err != nil { @@ -168,18 +167,6 @@ func (s *dsseSigner) Sign(ctx context.Context, data []byte) ([]byte, error) { return s.s.SignMessage(bytes.NewReader(data), opts...) } -var errVerifyNotImplemented = errors.New("verify not implemented") - -// Verify is not implemented, but required for the dsse.SignerVerifier interface. -func (s *dsseSigner) Verify(_ context.Context, _, _ []byte) error { - return errVerifyNotImplemented -} - -// Public returns the public key associated with s. -func (s *dsseSigner) Public() crypto.PublicKey { - return s.pub -} - // KeyID returns the key ID associated with s. func (s dsseSigner) KeyID() (string, error) { return dsse.SHA256KeyID(s.pub)