github/skopeo
1
0
Fork 0
mirror of https://github.com/containers/skopeo.git synced 2025-09-29 05:56:22 +00:00
Code Issues Projects Releases Wiki Activity

[release-1.2] bump c/storage, c/image, c/common for RHEL 8.4.0.2

Browse Source 
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
This commit is contained in:
TomSweeneyRedHat
2021-06-25 19:35:40 -04:00
parent e7880c4a89
commit fa50defee6
1374 changed files with 115558 additions and 26646 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
vendor/github.com/containers/ocicrypt/utils/utils.go generated vendored
View File

@@ -24,6 +24,8 @@ import (
"fmt"
"strings"
"github.com/containers/ocicrypt/crypto/pkcs11"
"github.com/pkg/errors"
"golang.org/x/crypto/openpgp"
json "gopkg.in/square/go-jose.v2"
@@ -55,6 +57,18 @@ func parseJWKPublicKey(privKey []byte, prefix string) (interface{}, error) {
return &jwk, nil
}
// parsePkcs11PrivateKeyYaml parses the input byte array as pkcs11 key file yaml format)
func parsePkcs11PrivateKeyYaml(yaml []byte, prefix string) (*pkcs11.Pkcs11KeyFileObject, error) {
// if the URI does not have enough attributes, we will throw an error when decrypting
return pkcs11.ParsePkcs11KeyFile(yaml)
}
// parsePkcs11URIPublicKey parses the input byte array as a pkcs11 key file yaml
func parsePkcs11PublicKeyYaml(yaml []byte, prefix string) (*pkcs11.Pkcs11KeyFileObject, error) {
// if the URI does not have enough attributes, we will throw an error when decrypting
return pkcs11.ParsePkcs11KeyFile(yaml)
}
// IsPasswordError checks whether an error is related to a missing or wrong
// password
func IsPasswordError(err error) bool {
@@ -81,11 +95,11 @@ func ParsePrivateKey(privKey, privKeyPassword []byte, prefix string) (interface{
block, _ := pem.Decode(privKey)
if block != nil {
var der []byte
if x509.IsEncryptedPEMBlock(block) {
if x509.IsEncryptedPEMBlock(block) { //nolint:staticcheck // ignore SA1019, which is kept for backward compatibility
if privKeyPassword == nil {
return nil, errors.Errorf("%s: Missing password for encrypted private key", prefix)
}
der, err = x509.DecryptPEMBlock(block, privKeyPassword)
der, err = x509.DecryptPEMBlock(block, privKeyPassword) //nolint:staticcheck // ignore SA1019, which is kept for backward compatibility
if err != nil {
return nil, errors.Errorf("%s: Wrong password: could not decrypt private key", prefix)
}
@@ -102,6 +116,9 @@ func ParsePrivateKey(privKey, privKeyPassword []byte, prefix string) (interface{
}
} else {
key, err = parseJWKPrivateKey(privKey, prefix)
if err != nil {
key, err = parsePkcs11PrivateKeyYaml(privKey, prefix)
}
}
}
return key, err
@@ -114,6 +131,11 @@ func IsPrivateKey(data []byte, password []byte) (bool, error) {
return err == nil, err
}
// IsPkcs11PrivateKey returns true in case the given byte array represents a pkcs11 private key
func IsPkcs11PrivateKey(data []byte) bool {
return pkcs11.IsPkcs11PrivateKey(data)
}
// ParsePublicKey tries to parse a public key in DER format first and
// PEM format after, returning an error if the parsing failed
func ParsePublicKey(pubKey []byte, prefix string) (interface{}, error) {
@@ -127,6 +149,9 @@ func ParsePublicKey(pubKey []byte, prefix string) (interface{}, error) {
}
} else {
key, err = parseJWKPublicKey(pubKey, prefix)
if err != nil {
key, err = parsePkcs11PublicKeyYaml(pubKey, prefix)
}
}
}
return key, err
@@ -138,6 +163,11 @@ func IsPublicKey(data []byte) bool {
return err == nil
}
// IsPkcs11PublicKey returns true in case the given byte array represents a pkcs11 public key
func IsPkcs11PublicKey(data []byte) bool {
return pkcs11.IsPkcs11PublicKey(data)
}
// ParseCertificate tries to parse a public key in DER format first and
// PEM format after, returning an error if the parsing failed
func ParseCertificate(certBytes []byte, prefix string) (*x509.Certificate, error) {