... to simplify and benefit from Go 1.17.
In some cases, wrap tests in testing.T.Run() to decrease
the scope, or to make the relationship between the test and the
cleanup clearer. In some cases it's still a bit awkward
because there is no testing.T.Unsetenv, but still worth it.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Mostly just name changes that should not change behavior,
apart from ioutil.ReadDir -> os.ReadDir avoiding per-item
lstat(2) in some cases.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
To support signing images via gpgme without user prompt, allow for
providing a passphrase via the copy options. Add a new *WithOptions API
to the `signature` package and extend its interface.
To prevent breaking the API, extend the signature API with an internal
type as has already been done for other types and interfaces.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
They are handled similarly to the more common V4 signature packets,
except that MessageDetails.SignatureV3 is set instead of
MessageDetails.Signature, and they don’t support expiration.
Bulk of the commit is adding tests which use V3 signature packets.
I have regenerated unknown-key.signature because it was generated using
a temporary key created just for that purpose, and the test is simpler
when fixtures for both packet variants to use the same key.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
The default is gpgme; a containers_image_openpgp build tag can be used
to use openpgp instead.
openpgp does not currently support signing, and is based on mfojtik's
implementation (adding GPG home directory support, parsing of unarmored
keys, and fixing ImportKeysFromBytes semantics).
Also adds build documentation, including the new
containers_image_openpgp build tag, to README.md.
This does not yet hook this into Travis, because that needs a
corresponding skopeo build infrastructure and test update to make it
possible. That is a separate commit (perhaps a separate PR)?
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Instead of SigningMechanism.ImportKeysFromBytes, which may modify
long-term state in the user’s home directory, provide
NewEphemeralGPGSigningMechanism, which combines creation of a temporary
directory and key import; users of NewGPGSigningMechanism (using
$GNUPGHOME etc.) and (test-suite) users of
newGPGSigningMechanismInDirectory can no longer import keys.
To support this, all users of SigningMechanism must call .Close() on the
object.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Add signature.GetUntrustedSignatureInformationWithoutVerifying, which
returns the contents of a signature without doing any cryptographic
verification.
Expected uses are 1) debugging verification failures, and
(CAREFULLY!) 2) listing which signatures are stored in a registry along
with an image. It is STRONGLY recommended to do cryptographic
verification in the latter case, and to clearly indicate untrusted
signatures in the UI.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
(The key was one-time-generated in a temporary directory,
and is, intentionally, not available.)
This is not conceptually related to the rest of the PR, just adding a
missing case to the test, except that the added fixture will be reused
in a prSignedBy test.
This will make the output of godoc cleaner, we can't filter out the
subpackage otherwise.
Also copy the needed fixture into the integration subpackage, instead of
referring to it using ../signature/fixtures (and we can't import
signature/fixtures_info-test.go now).
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Miloslav Trmač