go.mod: bump osbuild/images to 0.55

vendor/github.com/sigstore/sigstore/pkg/signature/ed25519ph.go

@@ -0,0 +1,211 @@
+//
+// Copyright 2024 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package signature
+
+import (
+	"crypto"
+	"crypto/ed25519"
+	"crypto/rand"
+	"errors"
+	"fmt"
+	"io"
+
+	"github.com/sigstore/sigstore/pkg/signature/options"
+)
+
+var ed25519phSupportedHashFuncs = []crypto.Hash{
+	crypto.SHA512,
+}
+
+// ED25519phSigner is a signature.Signer that uses the Ed25519 public-key signature system with pre-hashing
+type ED25519phSigner struct {
+	priv ed25519.PrivateKey
+}
+
+// LoadED25519phSigner calculates signatures using the specified private key.
+func LoadED25519phSigner(priv ed25519.PrivateKey) (*ED25519phSigner, error) {
+	if priv == nil {
+		return nil, errors.New("invalid ED25519 private key specified")
+	}
+
+	return &ED25519phSigner{
+		priv: priv,
+	}, nil
+}
+
+// ToED25519SignerVerifier creates a ED25519SignerVerifier from a ED25519phSignerVerifier
+//
+// Clients that use ED25519phSignerVerifier should use this method to get a
+// SignerVerifier that uses the same ED25519 private key, but with the Pure
+// Ed25519 algorithm. This might be necessary to interact with Fulcio, which
+// only supports the Pure Ed25519 algorithm.
+func (e ED25519phSignerVerifier) ToED25519SignerVerifier() (*ED25519SignerVerifier, error) {
+	return LoadED25519SignerVerifier(e.priv)
+}
+
+// SignMessage signs the provided message. If the message is provided,
+// this method will compute the digest according to the hash function specified
+// when the ED25519phSigner was created.
+//
+// This function recognizes the following Options listed in order of preference:
+//
+// - WithDigest()
+//
+// All other options are ignored if specified.
+func (e ED25519phSigner) SignMessage(message io.Reader, opts ...SignOption) ([]byte, error) {
+	digest, _, err := ComputeDigestForSigning(message, crypto.SHA512, ed25519phSupportedHashFuncs, opts...)
+	if err != nil {
+		return nil, err
+	}
+
+	return e.priv.Sign(nil, digest, crypto.SHA512)
+}
+
+// Public returns the public key that can be used to verify signatures created by
+// this signer.
+func (e ED25519phSigner) Public() crypto.PublicKey {
+	if e.priv == nil {
+		return nil
+	}
+
+	return e.priv.Public()
+}
+
+// PublicKey returns the public key that can be used to verify signatures created by
+// this signer. As this value is held in memory, all options provided in arguments
+// to this method are ignored.
+func (e ED25519phSigner) PublicKey(_ ...PublicKeyOption) (crypto.PublicKey, error) {
+	return e.Public(), nil
+}
+
+// Sign computes the signature for the specified message; the first and third arguments to this
+// function are ignored as they are not used by the ED25519ph algorithm.
+func (e ED25519phSigner) Sign(_ io.Reader, digest []byte, _ crypto.SignerOpts) ([]byte, error) {
+	return e.SignMessage(nil, options.WithDigest(digest))
+}
+
+// ED25519phVerifier is a signature.Verifier that uses the Ed25519 public-key signature system
+type ED25519phVerifier struct {
+	publicKey ed25519.PublicKey
+}
+
+// LoadED25519phVerifier returns a Verifier that verifies signatures using the
+// specified ED25519 public key.
+func LoadED25519phVerifier(pub ed25519.PublicKey) (*ED25519phVerifier, error) {
+	if pub == nil {
+		return nil, errors.New("invalid ED25519 public key specified")
+	}
+
+	return &ED25519phVerifier{
+		publicKey: pub,
+	}, nil
+}
+
+// PublicKey returns the public key that is used to verify signatures by
+// this verifier. As this value is held in memory, all options provided in arguments
+// to this method are ignored.
+func (e *ED25519phVerifier) PublicKey(_ ...PublicKeyOption) (crypto.PublicKey, error) {
+	return e.publicKey, nil
+}
+
+// VerifySignature verifies the signature for the given message. Unless provided
+// in an option, the digest of the message will be computed using the hash function specified
+// when the ED25519phVerifier was created.
+//
+// This function returns nil if the verification succeeded, and an error message otherwise.
+//
+// This function recognizes the following Options listed in order of preference:
+//
+// - WithDigest()
+//
+// All other options are ignored if specified.
+func (e *ED25519phVerifier) VerifySignature(signature, message io.Reader, opts ...VerifyOption) error {
+	if signature == nil {
+		return errors.New("nil signature passed to VerifySignature")
+	}
+
+	digest, _, err := ComputeDigestForVerifying(message, crypto.SHA512, ed25519phSupportedHashFuncs, opts...)
+	if err != nil {
+		return err
+	}
+
+	sigBytes, err := io.ReadAll(signature)
+	if err != nil {
+		return fmt.Errorf("reading signature: %w", err)
+	}
+
+	if err := ed25519.VerifyWithOptions(e.publicKey, digest, sigBytes, &ed25519.Options{Hash: crypto.SHA512}); err != nil {
+		return fmt.Errorf("failed to verify signature: %w", err)
+	}
+	return nil
+}
+
+// ED25519phSignerVerifier is a signature.SignerVerifier that uses the Ed25519 public-key signature system
+type ED25519phSignerVerifier struct {
+	*ED25519phSigner
+	*ED25519phVerifier
+}
+
+// LoadED25519phSignerVerifier creates a combined signer and verifier. This is
+// a convenience object that simply wraps an instance of ED25519phSigner and ED25519phVerifier.
+func LoadED25519phSignerVerifier(priv ed25519.PrivateKey) (*ED25519phSignerVerifier, error) {
+	signer, err := LoadED25519phSigner(priv)
+	if err != nil {
+		return nil, fmt.Errorf("initializing signer: %w", err)
+	}
+	pub, ok := priv.Public().(ed25519.PublicKey)
+	if !ok {
+		return nil, fmt.Errorf("given key is not ed25519.PublicKey")
+	}
+	verifier, err := LoadED25519phVerifier(pub)
+	if err != nil {
+		return nil, fmt.Errorf("initializing verifier: %w", err)
+	}
+
+	return &ED25519phSignerVerifier{
+		ED25519phSigner:   signer,
+		ED25519phVerifier: verifier,
+	}, nil
+}
+
+// NewDefaultED25519phSignerVerifier creates a combined signer and verifier using ED25519.
+// This creates a new ED25519 key using crypto/rand as an entropy source.
+func NewDefaultED25519phSignerVerifier() (*ED25519phSignerVerifier, ed25519.PrivateKey, error) {
+	return NewED25519phSignerVerifier(rand.Reader)
+}
+
+// NewED25519phSignerVerifier creates a combined signer and verifier using ED25519.
+// This creates a new ED25519 key using the specified entropy source.
+func NewED25519phSignerVerifier(rand io.Reader) (*ED25519phSignerVerifier, ed25519.PrivateKey, error) {
+	_, priv, err := ed25519.GenerateKey(rand)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	sv, err := LoadED25519phSignerVerifier(priv)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return sv, priv, nil
+}
+
+// PublicKey returns the public key that is used to verify signatures by
+// this verifier. As this value is held in memory, all options provided in arguments
+// to this method are ignored.
+func (e ED25519phSignerVerifier) PublicKey(_ ...PublicKeyOption) (crypto.PublicKey, error) {
+	return e.publicKey, nil
+}

vendor/github.com/sigstore/sigstore/pkg/signature/options.go

@@ -18,6 +18,7 @@ package signature
 import (
 	"context"
 	"crypto"
+	"crypto/rsa"
 	"io"
 
 	"github.com/sigstore/sigstore/pkg/signature/options"
@@ -55,3 +56,10 @@ type VerifyOption interface {
 	RPCOption
 	MessageOption
 }
+
+// LoadOption specifies options to be used when creating a Signer/Verifier
+type LoadOption interface {
+	ApplyHash(*crypto.Hash)
+	ApplyED25519ph(*bool)
+	ApplyRSAPSS(**rsa.PSSOptions)
+}

vendor/github.com/sigstore/sigstore/pkg/signature/options/loadoptions.go

@@ -0,0 +1,76 @@
+//
+// Copyright 2024 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package options
+
+import (
+	"crypto"
+	"crypto/rsa"
+)
+
+// RequestHash implements the functional option pattern for setting a Hash
+// function when loading a signer or verifier
+type RequestHash struct {
+	NoOpOptionImpl
+	hashFunc crypto.Hash
+}
+
+// ApplyHash sets the hash as requested by the functional option
+func (r RequestHash) ApplyHash(hash *crypto.Hash) {
+	*hash = r.hashFunc
+}
+
+// WithHash specifies that the given hash function should be used when loading a signer or verifier
+func WithHash(hash crypto.Hash) RequestHash {
+	return RequestHash{hashFunc: hash}
+}
+
+// RequestED25519ph implements the functional option pattern for specifying
+// ED25519ph (pre-hashed) should be used when loading a signer or verifier and a
+// ED25519 key is
+type RequestED25519ph struct {
+	NoOpOptionImpl
+	useED25519ph bool
+}
+
+// ApplyED25519ph sets the ED25519ph flag as requested by the functional option
+func (r RequestED25519ph) ApplyED25519ph(useED25519ph *bool) {
+	*useED25519ph = r.useED25519ph
+}
+
+// WithED25519ph specifies that the ED25519ph algorithm should be used when a ED25519 key is used
+func WithED25519ph() RequestED25519ph {
+	return RequestED25519ph{useED25519ph: true}
+}
+
+// RequestPSSOptions implements the functional option pattern for specifying RSA
+// PSS should be used when loading a signer or verifier and a RSA key is
+// detected
+type RequestPSSOptions struct {
+	NoOpOptionImpl
+	opts *rsa.PSSOptions
+}
+
+// ApplyRSAPSS sets the RSAPSS options as requested by the functional option
+func (r RequestPSSOptions) ApplyRSAPSS(opts **rsa.PSSOptions) {
+	*opts = r.opts
+}
+
+// WithRSAPSS specifies that the RSAPSS algorithm should be used when a RSA key is used
+// Note that the RSA PSSOptions contains an hash algorithm, which will override
+// the hash function specified with WithHash.
+func WithRSAPSS(opts *rsa.PSSOptions) RequestPSSOptions {
+	return RequestPSSOptions{opts: opts}
+}

vendor/github.com/sigstore/sigstore/pkg/signature/options/noop.go

@@ -18,6 +18,7 @@ package options
 import (
 	"context"
 	"crypto"
+	"crypto/rsa"
 	"io"
 )
 
@@ -47,3 +48,12 @@ func (NoOpOptionImpl) ApplyKeyVersion(_ *string) {}
 
 // ApplyKeyVersionUsed is a no-op required to fully implement the requisite interfaces
 func (NoOpOptionImpl) ApplyKeyVersionUsed(_ **string) {}
+
+// ApplyHash is a no-op required to fully implement the requisite interfaces
+func (NoOpOptionImpl) ApplyHash(_ *crypto.Hash) {}
+
+// ApplyED25519ph is a no-op required to fully implement the requisite interfaces
+func (NoOpOptionImpl) ApplyED25519ph(_ *bool) {}
+
+// ApplyRSAPSS is a no-op required to fully implement the requisite interfaces
+func (NoOpOptionImpl) ApplyRSAPSS(_ **rsa.PSSOptions) {}

vendor/github.com/sigstore/sigstore/pkg/signature/signer.go

@@ -30,6 +30,7 @@ import (
 	_ "crypto/sha512"
 
 	"github.com/sigstore/sigstore/pkg/cryptoutils"
+	"github.com/sigstore/sigstore/pkg/signature/options"
 
 	// these ensure we have the implementations loaded
 	_ "golang.org/x/crypto/sha3"
@@ -59,12 +60,33 @@ func (s SignerOpts) HashFunc() crypto.Hash {
 // If privateKey is an RSA key, a RSAPKCS1v15Signer will be returned. If a
 // RSAPSSSigner is desired instead, use the LoadRSAPSSSigner() method directly.
 func LoadSigner(privateKey crypto.PrivateKey, hashFunc crypto.Hash) (Signer, error) {
+	return LoadSignerWithOpts(privateKey, options.WithHash(hashFunc))
+}
+
+// LoadSignerWithOpts returns a signature.Signer based on the algorithm of the private key
+// provided.
+func LoadSignerWithOpts(privateKey crypto.PrivateKey, opts ...LoadOption) (Signer, error) {
+	var rsaPSSOptions *rsa.PSSOptions
+	var useED25519ph bool
+	hashFunc := crypto.SHA256
+	for _, o := range opts {
+		o.ApplyED25519ph(&useED25519ph)
+		o.ApplyHash(&hashFunc)
+		o.ApplyRSAPSS(&rsaPSSOptions)
+	}
+
 	switch pk := privateKey.(type) {
 	case *rsa.PrivateKey:
+		if rsaPSSOptions != nil {
+			return LoadRSAPSSSigner(pk, hashFunc, rsaPSSOptions)
+		}
 		return LoadRSAPKCS1v15Signer(pk, hashFunc)
 	case *ecdsa.PrivateKey:
 		return LoadECDSASigner(pk, hashFunc)
 	case ed25519.PrivateKey:
+		if useED25519ph {
+			return LoadED25519phSigner(pk)
+		}
 		return LoadED25519Signer(pk)
 	}
 	return nil, errors.New("unsupported public key type")
@@ -87,3 +109,17 @@ func LoadSignerFromPEMFile(path string, hashFunc crypto.Hash, pf cryptoutils.Pas
 	}
 	return LoadSigner(priv, hashFunc)
 }
+
+// LoadSignerFromPEMFileWithOpts returns a signature.Signer based on the algorithm of the private key
+// in the file. The Signer will use the hash function specified in the options when computing digests.
+func LoadSignerFromPEMFileWithOpts(path string, pf cryptoutils.PassFunc, opts ...LoadOption) (Signer, error) {
+	fileBytes, err := os.ReadFile(filepath.Clean(path))
+	if err != nil {
+		return nil, err
+	}
+	priv, err := cryptoutils.UnmarshalPEMToPrivateKey(fileBytes, pf)
+	if err != nil {
+		return nil, err
+	}
+	return LoadSignerWithOpts(priv, opts...)
+}

vendor/github.com/sigstore/sigstore/pkg/signature/signerverifier.go

@@ -25,6 +25,7 @@ import (
 	"path/filepath"
 
 	"github.com/sigstore/sigstore/pkg/cryptoutils"
+	"github.com/sigstore/sigstore/pkg/signature/options"
 )
 
 // SignerVerifier creates and verifies digital signatures over a message using a specified key pair
@@ -39,12 +40,33 @@ type SignerVerifier interface {
 // If privateKey is an RSA key, a RSAPKCS1v15SignerVerifier will be returned. If a
 // RSAPSSSignerVerifier is desired instead, use the LoadRSAPSSSignerVerifier() method directly.
 func LoadSignerVerifier(privateKey crypto.PrivateKey, hashFunc crypto.Hash) (SignerVerifier, error) {
+	return LoadSignerVerifierWithOpts(privateKey, options.WithHash(hashFunc))
+}
+
+// LoadSignerVerifierWithOpts returns a signature.SignerVerifier based on the
+// algorithm of the private key provided and the user's choice.
+func LoadSignerVerifierWithOpts(privateKey crypto.PrivateKey, opts ...LoadOption) (SignerVerifier, error) {
+	var rsaPSSOptions *rsa.PSSOptions
+	var useED25519ph bool
+	hashFunc := crypto.SHA256
+	for _, o := range opts {
+		o.ApplyED25519ph(&useED25519ph)
+		o.ApplyHash(&hashFunc)
+		o.ApplyRSAPSS(&rsaPSSOptions)
+	}
+
 	switch pk := privateKey.(type) {
 	case *rsa.PrivateKey:
+		if rsaPSSOptions != nil {
+			return LoadRSAPSSSignerVerifier(pk, hashFunc, rsaPSSOptions)
+		}
 		return LoadRSAPKCS1v15SignerVerifier(pk, hashFunc)
 	case *ecdsa.PrivateKey:
 		return LoadECDSASignerVerifier(pk, hashFunc)
 	case ed25519.PrivateKey:
+		if useED25519ph {
+			return LoadED25519phSignerVerifier(pk)
+		}
 		return LoadED25519SignerVerifier(pk)
 	}
 	return nil, errors.New("unsupported public key type")
@@ -67,3 +89,17 @@ func LoadSignerVerifierFromPEMFile(path string, hashFunc crypto.Hash, pf cryptou
 	}
 	return LoadSignerVerifier(priv, hashFunc)
 }
+
+// LoadSignerVerifierFromPEMFileWithOpts returns a signature.SignerVerifier based on the algorithm of the private key
+// in the file. The SignerVerifier will use the hash function specified in the options when computing digests.
+func LoadSignerVerifierFromPEMFileWithOpts(path string, pf cryptoutils.PassFunc, opts ...LoadOption) (SignerVerifier, error) {
+	fileBytes, err := os.ReadFile(filepath.Clean(path))
+	if err != nil {
+		return nil, err
+	}
+	priv, err := cryptoutils.UnmarshalPEMToPrivateKey(fileBytes, pf)
+	if err != nil {
+		return nil, err
+	}
+	return LoadSignerVerifierWithOpts(priv, opts...)
+}

vendor/github.com/sigstore/sigstore/pkg/signature/verifier.go

@@ -26,6 +26,7 @@ import (
 	"path/filepath"
 
 	"github.com/sigstore/sigstore/pkg/cryptoutils"
+	"github.com/sigstore/sigstore/pkg/signature/options"
 )
 
 // Verifier verifies the digital signature using a specified public key
@@ -40,12 +41,33 @@ type Verifier interface {
 // If publicKey is an RSA key, a RSAPKCS1v15Verifier will be returned. If a
 // RSAPSSVerifier is desired instead, use the LoadRSAPSSVerifier() method directly.
 func LoadVerifier(publicKey crypto.PublicKey, hashFunc crypto.Hash) (Verifier, error) {
+	return LoadVerifierWithOpts(publicKey, options.WithHash(hashFunc))
+}
+
+// LoadVerifierWithOpts returns a signature.Verifier based on the algorithm of the public key
+// provided that will use the hash function specified when computing digests.
+func LoadVerifierWithOpts(publicKey crypto.PublicKey, opts ...LoadOption) (Verifier, error) {
+	var rsaPSSOptions *rsa.PSSOptions
+	var useED25519ph bool
+	hashFunc := crypto.SHA256
+	for _, o := range opts {
+		o.ApplyED25519ph(&useED25519ph)
+		o.ApplyHash(&hashFunc)
+		o.ApplyRSAPSS(&rsaPSSOptions)
+	}
+
 	switch pk := publicKey.(type) {
 	case *rsa.PublicKey:
+		if rsaPSSOptions != nil {
+			return LoadRSAPSSVerifier(pk, hashFunc, rsaPSSOptions)
+		}
 		return LoadRSAPKCS1v15Verifier(pk, hashFunc)
 	case *ecdsa.PublicKey:
 		return LoadECDSAVerifier(pk, hashFunc)
 	case ed25519.PublicKey:
+		if useED25519ph {
+			return LoadED25519phVerifier(pk)
+		}
 		return LoadED25519Verifier(pk)
 	}
 	return nil, errors.New("unsupported public key type")
@@ -98,3 +120,19 @@ func LoadVerifierFromPEMFile(path string, hashFunc crypto.Hash) (Verifier, error
 
 	return LoadVerifier(pubKey, hashFunc)
 }
+
+// LoadVerifierFromPEMFileWithOpts returns a signature.Verifier based on the contents of a
+// file located at path. The Verifier wil use the hash function specified in the options when computing digests.
+func LoadVerifierFromPEMFileWithOpts(path string, opts ...LoadOption) (Verifier, error) {
+	fileBytes, err := os.ReadFile(filepath.Clean(path))
+	if err != nil {
+		return nil, err
+	}
+
+	pubKey, err := cryptoutils.UnmarshalPEMToPublicKey(fileBytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return LoadVerifierWithOpts(pubKey, opts...)
+}