Refactor to use notation-core-go's SignatureEnvelope

Signed-off-by: Pritesh Bandi <[email protected]>
notaryproject · Jul 7, 2022 · d0f25b6 · d0f25b6
1 parent 4a649a9
commit d0f25b6
Show file tree

Hide file tree

Showing 12 changed files with 517 additions and 1,092 deletions.
diff --git a/errors.go b/errors.go
diff --git a/jws.go b/jws.go
diff --git a/notation.go b/notation.go
@@ -2,7 +2,6 @@ package notation
 
 import (
 	"context"
-	"crypto"
 	"crypto/x509"
 	"time"
 
@@ -33,6 +32,10 @@ func (d Descriptor) Equal(t Descriptor) bool {
 	return d.MediaType == t.MediaType && d.Digest == t.Digest && d.Size == t.Size
 }
 
+type Payload struct {
+	TargetArtifact Descriptor `json:"targetArtifact"`
+}
+
 // SignOptions contains parameters for Signer.Sign.
 type SignOptions struct {
 	// Expiry identifies the expiration time of the resulted signature.
@@ -80,83 +83,3 @@ type Service interface {
 	Signer
 	Verifier
 }
-
-// KeySpec defines a key type and size.
-type KeySpec string
-
-// One of following supported specs
-// https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#algorithm-selection
-const (
-	RSA_2048 KeySpec = "RSA_2048"
-	RSA_3072 KeySpec = "RSA_3072"
-	RSA_4096 KeySpec = "RSA_4096"
-	EC_256   KeySpec = "EC_256"
-	EC_384   KeySpec = "EC_384"
-	EC_512   KeySpec = "EC_512"
-)
-
-// SignatureAlgorithm returns the signing algorithm associated with KeyType k.
-func (k KeySpec) SignatureAlgorithm() SignatureAlgorithm {
-	switch k {
-	case RSA_2048:
-		return RSASSA_PSS_SHA_256
-	case RSA_3072:
-		return RSASSA_PSS_SHA_384
-	case RSA_4096:
-		return RSASSA_PSS_SHA_512
-	case EC_256:
-		return ECDSA_SHA_256
-	case EC_384:
-		return ECDSA_SHA_384
-	case EC_512:
-		return ECDSA_SHA_512
-	}
-	return ""
-}
-
-// HashAlgorithm algorithm associated with the key spec.
-type HashAlgorithm string
-
-const (
-	SHA256 HashAlgorithm = "SHA_256"
-	SHA384 HashAlgorithm = "SHA_384"
-	SHA512 HashAlgorithm = "SHA_512"
-)
-
-// HashFunc returns the Hash associated k.
-func (h HashAlgorithm) HashFunc() crypto.Hash {
-	switch h {
-	case SHA256:
-		return crypto.SHA256
-	case SHA384:
-		return crypto.SHA384
-	case SHA512:
-		return crypto.SHA512
-	}
-	return 0
-}
-
-// SignatureAlgorithm defines the supported signature algorithms.
-type SignatureAlgorithm string
-
-const (
-	RSASSA_PSS_SHA_256 SignatureAlgorithm = "RSASSA_PSS_SHA_256"
-	RSASSA_PSS_SHA_384 SignatureAlgorithm = "RSASSA_PSS_SHA_384"
-	RSASSA_PSS_SHA_512 SignatureAlgorithm = "RSASSA_PSS_SHA_512"
-	ECDSA_SHA_256      SignatureAlgorithm = "ECDSA_SHA_256"
-	ECDSA_SHA_384      SignatureAlgorithm = "ECDSA_SHA_384"
-	ECDSA_SHA_512      SignatureAlgorithm = "ECDSA_SHA_512"
-)
-
-// Hash returns the Hash associated s.
-func (s SignatureAlgorithm) Hash() HashAlgorithm {
-	switch s {
-	case RSASSA_PSS_SHA_256, ECDSA_SHA_256:
-		return SHA256
-	case RSASSA_PSS_SHA_384, ECDSA_SHA_384:
-		return SHA384
-	case RSASSA_PSS_SHA_512, ECDSA_SHA_512:
-		return SHA512
-	}
-	return ""
-}
diff --git a/plugin/plugin.go b/plugin/plugin.go
@@ -3,7 +3,7 @@ package plugin
 import (
 	"context"
 
-	"github.com/notaryproject/notation-go"
+	"github.com/notaryproject/notation-core-go/signer"
 )
 
 // Prefix is the prefix required on all plugin binary names.
@@ -68,22 +68,22 @@ func (DescribeKeyRequest) Command() Command {
 	return CommandDescribeKey
 }
 
-// GenerateSignatureResponse is the response of a describe-key request.
+// DescribeKeyResponse is the response of a describe-key request.
 type DescribeKeyResponse struct {
 	// The same key id as passed in the request.
 	KeyID string `json:"keyId"`
 
 	// One of following supported key types:
 	// https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#algorithm-selection
-	KeySpec notation.KeySpec `json:"keySpec"`
+	KeySpec signer.KeySpec `json:"keySpec"`
 }
 
 // GenerateSignatureRequest contains the parameters passed in a generate-signature request.
 type GenerateSignatureRequest struct {
 	ContractVersion string                 `json:"contractVersion"`
 	KeyID           string                 `json:"keyId"`
-	KeySpec         notation.KeySpec       `json:"keySpec"`
-	Hash            notation.HashAlgorithm `json:"hashAlgorithm"`
+	KeySpec         signer.KeySpec         `json:"keySpec"`
+	Hash            string                 `json:"hashAlgorithm"`
 	Payload         []byte                 `json:"payload"`
 	PluginConfig    map[string]string      `json:"pluginConfig,omitempty"`
 }
@@ -96,7 +96,7 @@ func (GenerateSignatureRequest) Command() Command {
 type GenerateSignatureResponse struct {
 	KeyID            string                      `json:"keyId"`
 	Signature        []byte                      `json:"signature"`
-	SigningAlgorithm notation.SignatureAlgorithm `json:"signingAlgorithm"`
+	SigningAlgorithm signer.SignatureAlgorithm   `json:"signingAlgorithm"`
 
 	// Ordered list of certificates starting with leaf certificate
 	// and ending with root certificate.
@@ -117,7 +117,7 @@ func (GenerateEnvelopeRequest) Command() Command {
 	return CommandGenerateEnvelope
 }
 
-// GenerateSignatureResponse is the response of a generate-envelope request.
+// GenerateEnvelopeResponse is the response of a generate-envelope request.
 type GenerateEnvelopeResponse struct {
 	SignatureEnvelope     []byte            `json:"signatureEnvelope"`
 	SignatureEnvelopeType string            `json:"signatureEnvelopeType"`

diff --git a/signature/jws/algorithm.go b/signature/jws/algorithm.go