diff options
author | Reinhard Tartler <siretart@tauware.de> | 2023-10-27 10:28:19 -0400 |
---|---|---|
committer | Reinhard Tartler <siretart@tauware.de> | 2023-10-27 10:29:51 -0400 |
commit | 35fb740aafac3239245fc0d70af5ba954e3734c4 (patch) | |
tree | c8b2b90a21db1ba12ce8d455257fd6d46127ed76 | |
parent | d9ddc5dc961400abf9e69a11d98982adbd238ad3 (diff) |
build against securesystemslib 0.7
-rw-r--r-- | debian/control | 2 | ||||
-rw-r--r-- | debian/patches/securesystemslib-0.7.patch | 120 | ||||
-rw-r--r-- | debian/patches/series | 1 |
3 files changed, 122 insertions, 1 deletions
diff --git a/debian/control b/debian/control index 0903fe2..d9fd33f 100644 --- a/debian/control +++ b/debian/control @@ -19,7 +19,7 @@ Build-Depends: debhelper-compat (= 13), golang-github-jellydator-ttlcache-dev, golang-github-mitchellh-go-homedir-dev, golang-github-pkg-browser-dev, - golang-github-secure-systems-lab-go-securesystemslib-dev, + golang-github-secure-systems-lab-go-securesystemslib-dev (>> 0.7), golang-github-segmentio-ksuid-dev, golang-github-skratchdot-open-golang-dev, golang-github-stretchr-testify-dev, diff --git a/debian/patches/securesystemslib-0.7.patch b/debian/patches/securesystemslib-0.7.patch new file mode 100644 index 0000000..2335cb7 --- /dev/null +++ b/debian/patches/securesystemslib-0.7.patch @@ -0,0 +1,120 @@ +commit b365116178d775727fc2dfc818d3ef67948d5002 +Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> +Date: Fri Feb 24 09:57:59 2023 -0800 + + build(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.4.0 to 0.5.0 (#973) + + * build(deps): bump github.com/secure-systems-lab/go-securesystemslib + + Bumps [github.com/secure-systems-lab/go-securesystemslib](https://github.com/secure-systems-lab/go-securesystemslib) from 0.4.0 to 0.5.0. + - [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases) + - [Commits](https://github.com/secure-systems-lab/go-securesystemslib/compare/v0.4.0...v0.5.0) + + --- + updated-dependencies: + - dependency-name: github.com/secure-systems-lab/go-securesystemslib + dependency-type: direct:production + update-type: version-update:semver-minor + ... + + Signed-off-by: dependabot[bot] <support@github.com> + + * update fucntions + + Signed-off-by: cpanato <ctadeu@gmail.com> + + --------- + + Signed-off-by: dependabot[bot] <support@github.com> + Signed-off-by: cpanato <ctadeu@gmail.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> + Co-authored-by: cpanato <ctadeu@gmail.com> + +Index: golang-github-sigstore-sigstore/pkg/signature/dsse/adapters.go +=================================================================== +--- golang-github-sigstore-sigstore.orig/pkg/signature/dsse/adapters.go ++++ golang-github-sigstore-sigstore/pkg/signature/dsse/adapters.go +@@ -17,6 +17,7 @@ package dsse + + import ( + "bytes" ++ "context" + "crypto" + "errors" + +@@ -32,12 +33,12 @@ type SignerAdapter struct { + } + + // Sign implements `go-securesystemslib/dsse.Signer` +-func (a *SignerAdapter) Sign(data []byte) ([]byte, error) { ++func (a *SignerAdapter) Sign(ctx context.Context, data []byte) ([]byte, error) { + return a.SignatureSigner.SignMessage(bytes.NewReader(data), a.Opts...) + } + + // Verify disabled `go-securesystemslib/dsse.Verifier` +-func (a *SignerAdapter) Verify(data, sig []byte) error { ++func (a *SignerAdapter) Verify(ctx context.Context, data, sig []byte) error { + return errors.New("Verify disabled") + } + +@@ -59,7 +60,7 @@ type VerifierAdapter struct { + } + + // Verify implements `go-securesystemslib/dsse.Verifier` +-func (a *VerifierAdapter) Verify(data, sig []byte) error { ++func (a *VerifierAdapter) Verify(ctx context.Context, data, sig []byte) error { + return a.SignatureVerifier.VerifySignature(bytes.NewReader(sig), bytes.NewReader(data)) + } + +Index: golang-github-sigstore-sigstore/pkg/signature/dsse/dsse.go +=================================================================== +--- golang-github-sigstore-sigstore.orig/pkg/signature/dsse/dsse.go ++++ golang-github-sigstore-sigstore/pkg/signature/dsse/dsse.go +@@ -17,6 +17,7 @@ package dsse + + import ( + "bytes" ++ "context" + "crypto" + "encoding/base64" + "encoding/json" +@@ -110,7 +111,8 @@ func (w *wrappedVerifier) VerifySignatur + if err != nil { + return err + } +- _, err = verifier.Verify(&env) ++ ++ _, err = verifier.Verify(context.Background(), &env) + return err + } + +Index: golang-github-sigstore-sigstore/pkg/signature/dsse/multidsse.go +=================================================================== +--- golang-github-sigstore-sigstore.orig/pkg/signature/dsse/multidsse.go ++++ golang-github-sigstore-sigstore/pkg/signature/dsse/multidsse.go +@@ -16,6 +16,7 @@ + package dsse + + import ( ++ "context" + "crypto" + "encoding/json" + "errors" +@@ -78,7 +79,7 @@ func (wL *wrappedMultiSigner) SignMessag + return nil, err + } + +- env, err := envSigner.SignPayload(wL.payloadType, p) ++ env, err := envSigner.SignPayload(context.Background(), wL.payloadType, p) + if err != nil { + return nil, err + } +@@ -144,7 +145,7 @@ func (wL *wrappedMultiVerifier) VerifySi + return err + } + +- _, err = envVerifier.Verify(&env) ++ _, err = envVerifier.Verify(context.Background(), &env) + return err + } + diff --git a/debian/patches/series b/debian/patches/series index f9df8ff..d5929c6 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ avoid-boulder.patch ttlcache-v3.patch tuf-0.4.patch avoid-hashivault.patch +securesystemslib-0.7.patch |