containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
podman/vendor/go.mozilla.org/pkcs7
History
dependabot[bot] 9457549fff build(deps): bump github.com/vbauerster/mpb/v7 from 7.5.2 to 7.5.3 
Bumps [github.com/vbauerster/mpb/v7](https://github.com/vbauerster/mpb) from 7.5.2 to 7.5.3.
- [Release notes](https://github.com/vbauerster/mpb/releases)
- [Commits](https://github.com/vbauerster/mpb/compare/v7.5.2...v7.5.3)

---
updated-dependencies:
- dependency-name: github.com/vbauerster/mpb/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Also bump the go module to 1.17 to be able to compile the new code.
Given containers/common and others already require go 1.17+ we're
safe to go.

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
 		2022-09-13 08:58:22 +02:00
..
.gitignore Bump to Buildah 1.16.0-dev in upstream 2020-08-03 14:34:24 -04:00
LICENSE Bump to Buildah 1.16.0-dev in upstream 2020-08-03 14:34:24 -04:00
Makefile Bump to Buildah 1.16.0-dev in upstream 2020-08-03 14:34:24 -04:00
README.md update buildah and c/common to latest 2022-09-09 11:58:20 +02:00
ber.go update buildah and c/common to latest 2022-09-09 11:58:20 +02:00
decrypt.go Bump to Buildah 1.16.0-dev in upstream 2020-08-03 14:34:24 -04:00
encrypt.go update buildah and c/common to latest 2022-09-09 11:58:20 +02:00
pkcs7.go Bump to Buildah 1.16.0-dev in upstream 2020-08-03 14:34:24 -04:00
sign.go update buildah and c/common to latest 2022-09-09 11:58:20 +02:00
verify.go update buildah and c/common to latest 2022-09-09 11:58:20 +02:00
verify_test_dsa.go update buildah and c/common to latest 2022-09-09 11:58:20 +02:00

README.md

pkcs7

GoDoc Build Status

pkcs7 implements parsing and creating signed and enveloped messages.

package main

import (
	"bytes"
	"crypto/rsa"
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"os"

    "go.mozilla.org/pkcs7"
)

func SignAndDetach(content []byte, cert *x509.Certificate, privkey *rsa.PrivateKey) (signed []byte, err error) {
	toBeSigned, err := NewSignedData(content)
	if err != nil {
		err = fmt.Errorf("Cannot initialize signed data: %s", err)
		return
	}
	if err = toBeSigned.AddSigner(cert, privkey, SignerInfoConfig{}); err != nil {
		err = fmt.Errorf("Cannot add signer: %s", err)
		return
	}

	// Detach signature, omit if you want an embedded signature
	toBeSigned.Detach()

	signed, err = toBeSigned.Finish()
	if err != nil {
		err = fmt.Errorf("Cannot finish signing data: %s", err)
		return
	}

	// Verify the signature
	pem.Encode(os.Stdout, &pem.Block{Type: "PKCS7", Bytes: signed})
	p7, err := pkcs7.Parse(signed)
	if err != nil {
		err = fmt.Errorf("Cannot parse our signed data: %s", err)
		return
	}

	// since the signature was detached, reattach the content here
	p7.Content = content

	if bytes.Compare(content, p7.Content) != 0 {
		err = fmt.Errorf("Our content was not in the parsed data:\n\tExpected: %s\n\tActual: %s", content, p7.Content)
		return
	}
	if err = p7.Verify(); err != nil {
		err = fmt.Errorf("Cannot verify our signed data: %s", err)
		return
	}

	return signed, nil
}

Credits

This is a fork of fullsailor/pkcs7