986f076276
Add a new generic container registry client via a new `container` package. Use this to create a command line utility as well as a new upload target for container registries. The code uses the github.com/containers/* project and packages to interact with container registires that is also used by skopeo, podman et al. One if the dependencies is `proglottis/gpgme` that is using cgo to bind libgpgme, so we have to add the corresponding devel package to the BuildRequires as well as installing it on CI. Checks will follow later via an integration test.
56 lines
1.3 KiB
Go
56 lines
1.3 KiB
Go
package libtrust
|
|
|
|
import (
|
|
"crypto"
|
|
_ "crypto/sha256" // Registrer SHA224 and SHA256
|
|
_ "crypto/sha512" // Registrer SHA384 and SHA512
|
|
"fmt"
|
|
)
|
|
|
|
type signatureAlgorithm struct {
|
|
algHeaderParam string
|
|
hashID crypto.Hash
|
|
}
|
|
|
|
func (h *signatureAlgorithm) HeaderParam() string {
|
|
return h.algHeaderParam
|
|
}
|
|
|
|
func (h *signatureAlgorithm) HashID() crypto.Hash {
|
|
return h.hashID
|
|
}
|
|
|
|
var (
|
|
rs256 = &signatureAlgorithm{"RS256", crypto.SHA256}
|
|
rs384 = &signatureAlgorithm{"RS384", crypto.SHA384}
|
|
rs512 = &signatureAlgorithm{"RS512", crypto.SHA512}
|
|
es256 = &signatureAlgorithm{"ES256", crypto.SHA256}
|
|
es384 = &signatureAlgorithm{"ES384", crypto.SHA384}
|
|
es512 = &signatureAlgorithm{"ES512", crypto.SHA512}
|
|
)
|
|
|
|
func rsaSignatureAlgorithmByName(alg string) (*signatureAlgorithm, error) {
|
|
switch {
|
|
case alg == "RS256":
|
|
return rs256, nil
|
|
case alg == "RS384":
|
|
return rs384, nil
|
|
case alg == "RS512":
|
|
return rs512, nil
|
|
default:
|
|
return nil, fmt.Errorf("RSA Digital Signature Algorithm %q not supported", alg)
|
|
}
|
|
}
|
|
|
|
func rsaPKCS1v15SignatureAlgorithmForHashID(hashID crypto.Hash) *signatureAlgorithm {
|
|
switch {
|
|
case hashID == crypto.SHA512:
|
|
return rs512
|
|
case hashID == crypto.SHA384:
|
|
return rs384
|
|
case hashID == crypto.SHA256:
|
|
fallthrough
|
|
default:
|
|
return rs256
|
|
}
|
|
}
|