build against securesystemslib 0.7

3 files changed, 122 insertions, 1 deletions

diff --git a/debian/control b/debian/control
index 0903fe2..d9fd33f 100644
--- a/debian/control
+++ b/debian/control
@@ -19,7 +19,7 @@ Build-Depends: debhelper-compat (= 13),
                golang-github-jellydator-ttlcache-dev,
                golang-github-mitchellh-go-homedir-dev,
                golang-github-pkg-browser-dev,
-               golang-github-secure-systems-lab-go-securesystemslib-dev,
+               golang-github-secure-systems-lab-go-securesystemslib-dev (>> 0.7),
                golang-github-segmentio-ksuid-dev,
                golang-github-skratchdot-open-golang-dev,
                golang-github-stretchr-testify-dev,
diff --git a/debian/patches/securesystemslib-0.7.patch b/debian/patches/securesystemslib-0.7.patch
new file mode 100644
index 0000000..2335cb7
--- /dev/null
+++ b/debian/patches/securesystemslib-0.7.patch
@@ -0,0 +1,120 @@
+commit b365116178d775727fc2dfc818d3ef67948d5002
+Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
+Date:   Fri Feb 24 09:57:59 2023 -0800
+
+    build(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.4.0 to 0.5.0 (#973)
+    
+    * build(deps): bump github.com/secure-systems-lab/go-securesystemslib
+    
+    Bumps [github.com/secure-systems-lab/go-securesystemslib](https://github.com/secure-systems-lab/go-securesystemslib) from 0.4.0 to 0.5.0.
+    - [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases)
+    - [Commits](https://github.com/secure-systems-lab/go-securesystemslib/compare/v0.4.0...v0.5.0)
+    
+    ---
+    updated-dependencies:
+    - dependency-name: github.com/secure-systems-lab/go-securesystemslib
+      dependency-type: direct:production
+      update-type: version-update:semver-minor
+    ...
+    
+    Signed-off-by: dependabot[bot] <support@github.com>
+    
+    * update fucntions
+    
+    Signed-off-by: cpanato <ctadeu@gmail.com>
+    
+    ---------
+    
+    Signed-off-by: dependabot[bot] <support@github.com>
+    Signed-off-by: cpanato <ctadeu@gmail.com>
+    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
+    Co-authored-by: cpanato <ctadeu@gmail.com>
+
+Index: golang-github-sigstore-sigstore/pkg/signature/dsse/adapters.go
+===================================================================
+--- golang-github-sigstore-sigstore.orig/pkg/signature/dsse/adapters.go
++++ golang-github-sigstore-sigstore/pkg/signature/dsse/adapters.go
+@@ -17,6 +17,7 @@ package dsse
+ 
+ import (
+ 	"bytes"
++	"context"
+ 	"crypto"
+ 	"errors"
+ 
+@@ -32,12 +33,12 @@ type SignerAdapter struct {
+ }
+ 
+ // Sign implements `go-securesystemslib/dsse.Signer`
+-func (a *SignerAdapter) Sign(data []byte) ([]byte, error) {
++func (a *SignerAdapter) Sign(ctx context.Context, data []byte) ([]byte, error) {
+ 	return a.SignatureSigner.SignMessage(bytes.NewReader(data), a.Opts...)
+ }
+ 
+ // Verify disabled `go-securesystemslib/dsse.Verifier`
+-func (a *SignerAdapter) Verify(data, sig []byte) error {
++func (a *SignerAdapter) Verify(ctx context.Context, data, sig []byte) error {
+ 	return errors.New("Verify disabled")
+ }
+ 
+@@ -59,7 +60,7 @@ type VerifierAdapter struct {
+ }
+ 
+ // Verify implements `go-securesystemslib/dsse.Verifier`
+-func (a *VerifierAdapter) Verify(data, sig []byte) error {
++func (a *VerifierAdapter) Verify(ctx context.Context, data, sig []byte) error {
+ 	return a.SignatureVerifier.VerifySignature(bytes.NewReader(sig), bytes.NewReader(data))
+ }
+ 
+Index: golang-github-sigstore-sigstore/pkg/signature/dsse/dsse.go
+===================================================================
+--- golang-github-sigstore-sigstore.orig/pkg/signature/dsse/dsse.go
++++ golang-github-sigstore-sigstore/pkg/signature/dsse/dsse.go
+@@ -17,6 +17,7 @@ package dsse
+ 
+ import (
+ 	"bytes"
++	"context"
+ 	"crypto"
+ 	"encoding/base64"
+ 	"encoding/json"
+@@ -110,7 +111,8 @@ func (w *wrappedVerifier) VerifySignatur
+ 	if err != nil {
+ 		return err
+ 	}
+-	_, err = verifier.Verify(&env)
++
++	_, err = verifier.Verify(context.Background(), &env)
+ 	return err
+ }
+ 
+Index: golang-github-sigstore-sigstore/pkg/signature/dsse/multidsse.go
+===================================================================
+--- golang-github-sigstore-sigstore.orig/pkg/signature/dsse/multidsse.go
++++ golang-github-sigstore-sigstore/pkg/signature/dsse/multidsse.go
+@@ -16,6 +16,7 @@
+ package dsse
+ 
+ import (
++	"context"
+ 	"crypto"
+ 	"encoding/json"
+ 	"errors"
+@@ -78,7 +79,7 @@ func (wL *wrappedMultiSigner) SignMessag
+ 		return nil, err
+ 	}
+ 
+-	env, err := envSigner.SignPayload(wL.payloadType, p)
++	env, err := envSigner.SignPayload(context.Background(), wL.payloadType, p)
+ 	if err != nil {
+ 		return nil, err
+ 	}
+@@ -144,7 +145,7 @@ func (wL *wrappedMultiVerifier) VerifySi
+ 		return err
+ 	}
+ 
+-	_, err = envVerifier.Verify(&env)
++	_, err = envVerifier.Verify(context.Background(), &env)
+ 	return err
+ }
+ 
diff --git a/debian/patches/series b/debian/patches/series
index f9df8ff..d5929c6 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@ avoid-boulder.patch
 ttlcache-v3.patch
 tuf-0.4.patch
 avoid-hashivault.patch
+securesystemslib-0.7.patch