Skip to content

Commit

Permalink
more refactoring to use cryptoutils (#465)
Browse files Browse the repository at this point in the history 
Signed-off-by: Jake Sanders <jsand@google.com>
  • Loading branch information
Jake Sanders committed Jul 22, 2021
1 parent 840f9a6 commit a7f1ef6
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 18 deletions.
4 changes: 3 additions & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ module github.com/sigstore/cosign
go 1.16

require (
github.com/cenkalti/backoff/v3 v3.2.2 // indirect
github.com/cyberphone/json-canonicalization v0.0.0-20210303052042-6bc126869bf4
github.com/go-openapi/runtime v0.19.29
github.com/go-openapi/strfmt v0.20.1
Expand All @@ -12,13 +13,14 @@ require (
github.com/google/go-containerregistry v0.5.1
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/trillian v1.3.14-0.20210713114448-df474653733c
github.com/hashicorp/vault/api v1.1.1 // indirect
github.com/manifoldco/promptui v0.8.0
github.com/open-policy-agent/opa v0.30.2
github.com/peterbourgon/ff/v3 v3.1.0
github.com/pkg/errors v0.9.1
github.com/sigstore/fulcio v0.0.0-20210720153316-846105495d38
github.com/sigstore/rekor v0.2.1-0.20210714185543-38d532d5c0b1
github.com/sigstore/sigstore v0.0.0-20210720205156-8a12b31f8ca6
github.com/sigstore/sigstore v0.0.0-20210722023421-fd3b69438dba
github.com/stretchr/testify v1.7.0
github.com/theupdateframework/go-tuf v0.0.0-20210630170422-22a94818d17b
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1132,8 +1132,8 @@ github.com/sigstore/fulcio v0.0.0-20210720153316-846105495d38/go.mod h1:FZL7iVdW
github.com/sigstore/rekor v0.2.1-0.20210714185543-38d532d5c0b1 h1:oSxPcSsScZwrurlM+FjMs+lbjdE/I42WdGy+jV0lO88=
github.com/sigstore/rekor v0.2.1-0.20210714185543-38d532d5c0b1/go.mod h1:cL9B3+/gp3BG+/bhkSHBA3MQZMten5xM6BhJYd5b5zU=
github.com/sigstore/sigstore v0.0.0-20210713222344-1fee53516622/go.mod h1:aOSeNrlcHsfUD8Q1hwWd8KloNqBnxEZlu4k47cFg5rg=
github.com/sigstore/sigstore v0.0.0-20210720205156-8a12b31f8ca6 h1:a4GimMAzOiCya9WNVo07mSuPKP1jh5z/nmug4z5Wh24=
github.com/sigstore/sigstore v0.0.0-20210720205156-8a12b31f8ca6/go.mod h1:OqEZWzGLbeyDBLpamU3H9ocwyoseksz6qVkZCoDHGyI=
github.com/sigstore/sigstore v0.0.0-20210722023421-fd3b69438dba h1:NH2JUe2UWJ27vzzCwJPh4xtxfdGsJrtMcm8M1lqhb54=
github.com/sigstore/sigstore v0.0.0-20210722023421-fd3b69438dba/go.mod h1:p+VFprG1w+oRcb3fgEKa9uvw3/7N9TR0srIi2JerPKo=
github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
Expand Down
20 changes: 5 additions & 15 deletions pkg/cosign/keys.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,24 +128,14 @@ func LoadECDSAPrivateKey(key []byte, pass []byte) (*signature.ECDSASignerVerifie
return signature.LoadECDSASignerVerifier(epk, crypto.SHA256)
}

const pubKeyPemType = "PUBLIC KEY"

func PemToECDSAKey(raw []byte) (*ecdsa.PublicKey, error) {
p, _ := pem.Decode(raw)
if p == nil {
return nil, errors.New("pem.Decode failed")
}
if p.Type != pubKeyPemType {
return nil, fmt.Errorf("not public: %q", p.Type)
}

decoded, err := x509.ParsePKIXPublicKey(p.Bytes)
func PemToECDSAKey(pemBytes []byte) (*ecdsa.PublicKey, error) {
pub, err := cryptoutils.UnmarshalPEMToPublicKey(pemBytes)
if err != nil {
return nil, err
}
ed, ok := decoded.(*ecdsa.PublicKey)
ecdsaPub, ok := pub.(*ecdsa.PublicKey)
if !ok {
return nil, fmt.Errorf("invalid public key: was %T, require *ecdsa.PublicKey", raw)
return nil, fmt.Errorf("invalid public key: was %T, require *ecdsa.PublicKey", pub)
}
return ed, nil
return ecdsaPub, nil
}

0 comments on commit a7f1ef6

Please sign in to comment.