Refactor to use notation-core-go's SignatureEnvelope (notaryproject#77)

* Refactor to use notation-core-go's SignatureEnvelope
* move code from signature/jws to signature

Signed-off-by: Pritesh Bandi <[email protected]>
Signed-off-by: Junjie Gao <[email protected]>

go.mod

@@ -5,7 +5,7 @@ go 1.17
 require (
 	github.com/go-ldap/ldap/v3 v3.4.3
 	github.com/golang-jwt/jwt/v4 v4.4.2
-	github.com/notaryproject/notation-core-go v0.0.0-20220630163157-985d8e8f12d1
+	github.com/notaryproject/notation-core-go v0.0.0-20220712013708-3c4b3efa03c5
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.0.2
 	github.com/oras-project/artifacts-spec v1.0.0-rc.1

go.sum

@@ -7,8 +7,8 @@ github.com/go-ldap/ldap/v3 v3.4.3/go.mod h1:7LdHfVt6iIOESVEe3Bs4Jp2sHEKgDeduAhgM
 github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs=
 github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/notaryproject/notation-core-go v0.0.0-20220630163157-985d8e8f12d1 h1:dyquq1dANCeTvYVy3ccpkj2C1vsR24kjMNBcgbERXVc=
-github.com/notaryproject/notation-core-go v0.0.0-20220630163157-985d8e8f12d1/go.mod h1:n+UjcUoYhvawO/JW5JfZerUUsGbHYTd4wH8ndGeeyas=
+github.com/notaryproject/notation-core-go v0.0.0-20220712013708-3c4b3efa03c5 h1:tQ+lwjnQb4gD/a3YBlS7GmTEccW1w9nWem5fB3mITcg=
+github.com/notaryproject/notation-core-go v0.0.0-20220712013708-3c4b3efa03c5/go.mod h1:n+UjcUoYhvawO/JW5JfZerUUsGbHYTd4wH8ndGeeyas=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrBg0D7ufOcFM=

notation.go

@@ -2,7 +2,6 @@ package notation
 
 import (
 	"context"
-	"crypto"
 	"crypto/x509"
 	"time"
 
@@ -85,83 +84,3 @@ type Service interface {
 	Signer
 	Verifier
 }
-
-// KeySpec defines a key type and size.
-type KeySpec string
-
-// One of following supported specs
-// https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#algorithm-selection
-const (
-	RSA_2048 KeySpec = "RSA_2048"
-	RSA_3072 KeySpec = "RSA_3072"
-	RSA_4096 KeySpec = "RSA_4096"
-	EC_256   KeySpec = "EC_256"
-	EC_384   KeySpec = "EC_384"
-	EC_512   KeySpec = "EC_512"
-)
-
-// SignatureAlgorithm returns the signing algorithm associated with KeyType k.
-func (k KeySpec) SignatureAlgorithm() SignatureAlgorithm {
-	switch k {
-	case RSA_2048:
-		return RSASSA_PSS_SHA_256
-	case RSA_3072:
-		return RSASSA_PSS_SHA_384
-	case RSA_4096:
-		return RSASSA_PSS_SHA_512
-	case EC_256:
-		return ECDSA_SHA_256
-	case EC_384:
-		return ECDSA_SHA_384
-	case EC_512:
-		return ECDSA_SHA_512
-	}
-	return ""
-}
-
-// HashAlgorithm algorithm associated with the key spec.
-type HashAlgorithm string
-
-const (
-	SHA256 HashAlgorithm = "SHA_256"
-	SHA384 HashAlgorithm = "SHA_384"
-	SHA512 HashAlgorithm = "SHA_512"
-)
-
-// HashFunc returns the Hash associated k.
-func (h HashAlgorithm) HashFunc() crypto.Hash {
-	switch h {
-	case SHA256:
-		return crypto.SHA256
-	case SHA384:
-		return crypto.SHA384
-	case SHA512:
-		return crypto.SHA512
-	}
-	return 0
-}
-
-// SignatureAlgorithm defines the supported signature algorithms.
-type SignatureAlgorithm string
-
-const (
-	RSASSA_PSS_SHA_256 SignatureAlgorithm = "RSASSA_PSS_SHA_256"
-	RSASSA_PSS_SHA_384 SignatureAlgorithm = "RSASSA_PSS_SHA_384"
-	RSASSA_PSS_SHA_512 SignatureAlgorithm = "RSASSA_PSS_SHA_512"
-	ECDSA_SHA_256      SignatureAlgorithm = "ECDSA_SHA_256"
-	ECDSA_SHA_384      SignatureAlgorithm = "ECDSA_SHA_384"
-	ECDSA_SHA_512      SignatureAlgorithm = "ECDSA_SHA_512"
-)
-
-// Hash returns the Hash associated s.
-func (s SignatureAlgorithm) Hash() HashAlgorithm {
-	switch s {
-	case RSASSA_PSS_SHA_256, ECDSA_SHA_256:
-		return SHA256
-	case RSASSA_PSS_SHA_384, ECDSA_SHA_384:
-		return SHA384
-	case RSASSA_PSS_SHA_512, ECDSA_SHA_512:
-		return SHA512
-	}
-	return ""
-}

plugin/plugin.go

@@ -3,7 +3,7 @@ package plugin
 import (
 	"context"
 
-	"github.com/notaryproject/notation-go"
+	"github.com/notaryproject/notation-core-go/signer"
 )
 
 // Prefix is the prefix required on all plugin binary names.
@@ -68,22 +68,22 @@ func (DescribeKeyRequest) Command() Command {
 	return CommandDescribeKey
 }
 
-// GenerateSignatureResponse is the response of a describe-key request.
+// DescribeKeyResponse is the response of a describe-key request.
 type DescribeKeyResponse struct {
 	// The same key id as passed in the request.
 	KeyID string `json:"keyId"`
 
 	// One of following supported key types:
 	// https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#algorithm-selection
-	KeySpec notation.KeySpec `json:"keySpec"`
+	KeySpec signer.KeySpec `json:"keySpec"`
 }
 
 // GenerateSignatureRequest contains the parameters passed in a generate-signature request.
 type GenerateSignatureRequest struct {
 	ContractVersion string                 `json:"contractVersion"`
 	KeyID           string                 `json:"keyId"`
-	KeySpec         notation.KeySpec       `json:"keySpec"`
-	Hash            notation.HashAlgorithm `json:"hashAlgorithm"`
+	KeySpec         signer.KeySpec         `json:"keySpec"`
+	Hash            string                 `json:"hashAlgorithm"`
 	Payload         []byte                 `json:"payload"`
 	PluginConfig    map[string]string      `json:"pluginConfig,omitempty"`
 }
@@ -96,7 +96,7 @@ func (GenerateSignatureRequest) Command() Command {
 type GenerateSignatureResponse struct {
 	KeyID            string                      `json:"keyId"`
 	Signature        []byte                      `json:"signature"`
-	SigningAlgorithm notation.SignatureAlgorithm `json:"signingAlgorithm"`
+	SigningAlgorithm signer.SignatureAlgorithm   `json:"signingAlgorithm"`
 
 	// Ordered list of certificates starting with leaf certificate
 	// and ending with root certificate.
@@ -117,7 +117,7 @@ func (GenerateEnvelopeRequest) Command() Command {
 	return CommandGenerateEnvelope
 }
 
-// GenerateSignatureResponse is the response of a generate-envelope request.
+// GenerateEnvelopeResponse is the response of a generate-envelope request.
 type GenerateEnvelopeResponse struct {
 	SignatureEnvelope     []byte            `json:"signatureEnvelope"`
 	SignatureEnvelopeType string            `json:"signatureEnvelopeType"`