vendor: github.com/theupdateframework/notary v0.7.0

update the dependency to v0.7.0 to be closer to what docker/cli uses; https://github.com/theupdateframework/notary/compare/v0.6.1...v0.7.0 Note that docker/cli is slightly ahead of v0.7.0, and uses bf96a202a09a; https://github.com/theupdateframework/notary/compare/v0.7.0...bf96a202a09a Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-07-09 21:17:09 +08:00 · 2023-09-04 15:34:59 +02:00
parent 87e8e4b847
commit fb50d82fd8
51 changed files with 879 additions and 4134 deletions
--- a/vendor/github.com/theupdateframework/notary/tuf/signed/interface.go
+++ b/vendor/github.com/theupdateframework/notary/tuf/signed/interface.go
@ -39,7 +39,7 @@ type CryptoService interface {
 	KeyService
 }

-// Verifier defines an interface for verfying signatures. An implementer
+// Verifier defines an interface for verifying signatures. An implementer
 // of this interface should verify signatures for one and only one
 // signing scheme.
 type Verifier interface {
--- a/vendor/github.com/theupdateframework/notary/tuf/signed/sign.go
+++ b/vendor/github.com/theupdateframework/notary/tuf/signed/sign.go
@ -87,7 +87,8 @@ func Sign(service CryptoService, s *data.Signed, signingKeys []data.PublicKey,
 		})
 	}

-	for _, sig := range s.Signatures {
+	for i := range s.Signatures {
+		sig := s.Signatures[i]
 		if _, ok := signingKeyIDs[sig.KeyID]; ok {
 			// key is in the set of key IDs for which a signature has been created
 			continue
--- a/vendor/github.com/theupdateframework/notary/tuf/signed/verifiers.go
+++ b/vendor/github.com/theupdateframework/notary/tuf/signed/verifiers.go
@ -10,9 +10,9 @@ import (
 	"fmt"
 	"math/big"

-	"github.com/agl/ed25519"
 	"github.com/sirupsen/logrus"
 	"github.com/theupdateframework/notary/tuf/data"
+	"golang.org/x/crypto/ed25519"
 )

 const (
@ -39,26 +39,26 @@ func (v Ed25519Verifier) Verify(key data.PublicKey, sig []byte, msg []byte) erro
 	if key.Algorithm() != data.ED25519Key {
 		return ErrInvalidKeyType{}
 	}
-	var sigBytes [ed25519.SignatureSize]byte
+	sigBytes := make([]byte, ed25519.SignatureSize)
 	if len(sig) != ed25519.SignatureSize {
 		logrus.Debugf("signature length is incorrect, must be %d, was %d.", ed25519.SignatureSize, len(sig))
 		return ErrInvalid
 	}
-	copy(sigBytes[:], sig)
+	copy(sigBytes, sig)

-	var keyBytes [ed25519.PublicKeySize]byte
+	keyBytes := make([]byte, ed25519.PublicKeySize)
 	pub := key.Public()
 	if len(pub) != ed25519.PublicKeySize {
 		logrus.Errorf("public key is incorrect size, must be %d, was %d.", ed25519.PublicKeySize, len(pub))
 		return ErrInvalidKeyLength{msg: fmt.Sprintf("ed25519 public key must be %d bytes.", ed25519.PublicKeySize)}
 	}
-	n := copy(keyBytes[:], key.Public())
+	n := copy(keyBytes, key.Public())
 	if n < ed25519.PublicKeySize {
 		logrus.Errorf("failed to copy the key, must have %d bytes, copied %d bytes.", ed25519.PublicKeySize, n)
 		return ErrInvalid
 	}

-	if !ed25519.Verify(&keyBytes, msg, &sigBytes) {
+	if !ed25519.Verify(ed25519.PublicKey(keyBytes), msg, sigBytes) {
 		logrus.Debugf("failed ed25519 verification")
 		return ErrInvalid
 	}