vendor: github.com/theupdateframework/notary v0.7.0

update the dependency to v0.7.0 to be closer to what docker/cli uses; https://github.com/theupdateframework/notary/compare/v0.6.1...v0.7.0 Note that docker/cli is slightly ahead of v0.7.0, and uses bf96a202a09a; https://github.com/theupdateframework/notary/compare/v0.7.0...bf96a202a09a Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-07-09 21:17:09 +08:00 · 2023-09-04 15:34:59 +02:00
parent 87e8e4b847
commit fb50d82fd8
51 changed files with 879 additions and 4134 deletions
--- a/vendor/github.com/theupdateframework/notary/tuf/data/keys.go
+++ b/vendor/github.com/theupdateframework/notary/tuf/data/keys.go
@ -12,9 +12,9 @@ import (
 	"io"
 	"math/big"

-	"github.com/agl/ed25519"
 	"github.com/docker/go/canonical/json"
 	"github.com/sirupsen/logrus"
+	"golang.org/x/crypto/ed25519"
 )

 // PublicKey is the necessary interface for public keys
@ -484,9 +484,10 @@ func (k RSAPrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts)

 // Sign creates an ed25519 signature
 func (k ED25519PrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) (signature []byte, err error) {
-	priv := [ed25519.PrivateKeySize]byte{}
-	copy(priv[:], k.private[ed25519.PublicKeySize:])
-	return ed25519.Sign(&priv, msg)[:], nil
+	priv := make([]byte, ed25519.PrivateKeySize)
+	// The ed25519 key is serialized as public key then private key, so just use private key here.
+	copy(priv, k.private[ed25519.PublicKeySize:])
+	return ed25519.Sign(ed25519.PrivateKey(priv), msg)[:], nil
 }

 // Sign on an UnknownPrivateKey raises an error because the client does not