notaryproject · priteshbandi · Feb 16, 2023 · Feb 16, 2023
@@ -4,7 +4,7 @@ go 1.18
 
 require (
 	github.com/go-ldap/ldap/v3 v3.4.4
-	github.com/notaryproject/notation-core-go v1.0.0-rc.1
+	github.com/notaryproject/notation-core-go v1.0.0-rc.2
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.1.0-rc2
 	github.com/veraison/go-cose v1.0.0

@@ -13,6 +13,8 @@ github.com/golang-jwt/jwt/v4 v4.4.3 h1:Hxl6lhQFj4AnOX6MLrsCb/+7tCj7DxP7VA+2rDIq5
 github.com/golang-jwt/jwt/v4 v4.4.3/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/notaryproject/notation-core-go v1.0.0-rc.1 h1:ACi0gr6mD1bzp9+gu3P0meJ/N6iWHlyM9zgtdnooNAA=
 github.com/notaryproject/notation-core-go v1.0.0-rc.1/go.mod h1:n8Gbvl9sKa00KptkKEL5XKUyMTIALe74QipKauE2rj4=
+github.com/notaryproject/notation-core-go v1.0.0-rc.2 h1:nNJuXa12jVNSSETjGNJEcZgv1NwY5ToYPo+c0P9syCI=
+github.com/notaryproject/notation-core-go v1.0.0-rc.2/go.mod h1:ASoc9KbJkSHLbKhO96lb0pIEWJRMZq9oprwBSZ0EAx0=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.0-rc2 h1:2zx/Stx4Wc5pIPDvIxHXvXtQFW/7XWJGmnM7r3wg034=

@@ -30,7 +30,7 @@ var (
 		SupportedContractVersions: []string{proto.ContractVersion},
 		Capabilities:              []proto.Capability{proto.CapabilitySignatureGenerator},
 	}
-	validSignDescriptor, validSignOpts = generateSigningContent(nil)
+	validSignDescriptor, validSignOpts = generateSigningContent()
 	invalidSignatureEnvelope           = []byte("invalid")
 )
 
@@ -186,7 +186,7 @@ func (p *mockPlugin) GenerateEnvelope(ctx context.Context, req *proto.GenerateEn
 		return &proto.GenerateEnvelopeResponse{
 			SignatureEnvelope:     data,
 			SignatureEnvelopeType: req.SignatureEnvelopeType,
-			Annotations: p.annotations,
+			Annotations:           p.annotations,
 		}, nil
 	}
 	return &proto.GenerateEnvelopeResponse{}, nil
@@ -330,9 +330,9 @@ func TestPluginSigner_SignWithAnnotations_Valid(t *testing.T) {
 				annts := map[string]string{"key": "value"}
 				pluginSigner := pluginSigner{
 					plugin: &mockPlugin{
-						key:         keyCert.key,
-						certs:       keyCert.certs,
-						keySpec:     keySpec,
+						key:          keyCert.key,
+						certs:        keyCert.certs,
+						keySpec:      keySpec,
 						annotations:  map[string]string{"key": "value"},
 						wantEnvelope: true,
 					},

@@ -21,7 +21,6 @@ import (
 	_ "github.com/notaryproject/notation-core-go/signature/cose"
 	_ "github.com/notaryproject/notation-core-go/signature/jws"
 	"github.com/notaryproject/notation-core-go/testhelper"
-	"github.com/notaryproject/notation-core-go/timestamp/timestamptest"
 	"github.com/notaryproject/notation-go"
 	"github.com/notaryproject/notation-go/internal/envelope"
 	"github.com/notaryproject/notation-go/plugin/proto"
@@ -134,7 +133,7 @@ func testSignerFromFile(t *testing.T, keyCert *keyCertPair, envelopeType, dir st
 	if err != nil {
 		t.Fatalf("NewSignerFromFiles() failed: %v", err)
 	}
-	desc, opts := generateSigningContent(nil)
+	desc, opts := generateSigningContent()
 	opts.SignatureMediaType = envelopeType
 	sig, _, err := s.Sign(context.Background(), desc, opts)
 	if err != nil {
@@ -167,40 +166,6 @@ func TestSignWithCertChain(t *testing.T) {
 	}
 }
 
-// TODO: Enable once we have timestamping inplace https://github.com/notaryproject/notation-go/issues/78
-func TestSignWithTimestamp(t *testing.T) {
-	t.Skip("Skipping testing as we dont have timestamping hooked up")
-	// prepare signer
-	for _, envelopeType := range signature.RegisteredEnvelopeTypes() {
-		for _, keyCert := range keyCertPairCollections {
-			t.Run(fmt.Sprintf("envelopeType=%v_keySpec=%v", envelopeType, keyCert.keySpecName), func(t *testing.T) {
-				s, err := New(keyCert.key, keyCert.certs)
-				if err != nil {
-					t.Fatalf("NewSigner() error = %v", err)
-				}
-
-				// configure TSA
-				tsa, err := timestamptest.NewTSA()
-				if err != nil {
-					t.Fatalf("timestamptest.NewTSA() error = %v", err)
-				}
-
-				// sign content
-				ctx := context.Background()
-				desc, sOpts := generateSigningContent(tsa)
-				sOpts.SignatureMediaType = envelopeType
-				sig, _, err := s.Sign(ctx, desc, sOpts)
-				if err != nil {
-					t.Fatalf("Sign() error = %v", err)
-				}
-
-				// basic verification
-				basicVerification(t, sig, envelopeType, keyCert.certs[len(keyCert.certs)-1], &validMetadata)
-			})
-		}
-	}
-}
-
 func TestSignWithoutExpiry(t *testing.T) {
 	// sign with key
 	for _, envelopeType := range signature.RegisteredEnvelopeTypes() {
@@ -212,7 +177,7 @@ func TestSignWithoutExpiry(t *testing.T) {
 				}
 
 				ctx := context.Background()
-				desc, sOpts := generateSigningContent(nil)
+				desc, sOpts := generateSigningContent()
 				sOpts.ExpiryDuration = 0 // reset expiry
 				sOpts.SignatureMediaType = envelopeType
 				sig, _, err := s.Sign(ctx, desc, sOpts)
@@ -258,7 +223,7 @@ func localSign(payload []byte, hash crypto.Hash, pk crypto.PrivateKey) ([]byte,
 }
 
 // generateSigningContent generates common signing content with options for testing.
-func generateSigningContent(tsa *timestamptest.TSA) (ocispec.Descriptor, notation.SignOptions) {
+func generateSigningContent() (ocispec.Descriptor, notation.SignOptions) {
 	content := "hello world"
 	desc := ocispec.Descriptor{
 		MediaType: "test media type",
@@ -271,11 +236,6 @@ func generateSigningContent(tsa *timestamptest.TSA) (ocispec.Descriptor, notatio
 	}
 	sOpts := notation.SignOptions{ExpiryDuration: 24 * time.Hour}
 
-	if tsa != nil {
-		tsaRoots := x509.NewCertPool()
-		tsaRoots.AddCert(tsa.Certificate())
-	}
-
 	return desc, sOpts
 }
 
@@ -328,7 +288,7 @@ func validateSignWithCerts(t *testing.T, envelopeType string, key crypto.Private
 	}
 
 	ctx := context.Background()
-	desc, sOpts := generateSigningContent(nil)
+	desc, sOpts := generateSigningContent()
 	sOpts.SignatureMediaType = envelopeType
 	sig, _, err := s.Sign(ctx, desc, sOpts)
 	if err != nil {