pkg/keys/keys.go - third_party/go-tuf - Git at Google

 package keys

 import (
 	"errors"
 	"fmt"
 	"sync"

 	"github.com/theupdateframework/go-tuf/data"
 )

 // SignerMap stores mapping between key type strings and signer constructors.
 var SignerMap sync.Map

 // Verifier stores mapping between key type strings and verifier constructors.
 var VerifierMap sync.Map

 var (
 	ErrInvalid    = errors.New("tuf: signature verification failed")
 	ErrInvalidKey = errors.New("invalid key")
 )

 // A Verifier verifies public key signatures.
 type Verifier interface {
 	// UnmarshalPublicKey takes key data to a working verifier implementation for the key type.
 	// This performs any validation over the data.PublicKey to ensure that the verifier is usable
 	// to verify signatures.
 	UnmarshalPublicKey(key *data.PublicKey) error

 	// MarshalPublicKey returns the data.PublicKey object associated with the verifier.
 	MarshalPublicKey() *data.PublicKey

 	// This is the public string used as a unique identifier for the verifier instance.
 	Public() string

 	// Verify takes a message and signature, all as byte slices,
 	// and determines whether the signature is valid for the given
 	// key and message.
 	Verify(msg, sig []byte) error
 }

 type Signer interface {
 	// MarshalPrivateKey returns the private key data.
 	MarshalPrivateKey() (*data.PrivateKey, error)

 	// UnmarshalPrivateKey takes private key data to a working Signer implementation for the key type.
 	UnmarshalPrivateKey(key *data.PrivateKey) error

 	// Returns the public data.PublicKey from the private key
 	PublicData() *data.PublicKey

 	// Sign returns the signature of the message.
 	// The signer is expected to do its own hashing, so the full message will be
 	// provided as the message to Sign with a zero opts.HashFunc().
 	SignMessage(message []byte) ([]byte, error)
 }

 func GetVerifier(key *data.PublicKey) (Verifier, error) {
 	st, ok := VerifierMap.Load(key.Type)
 	if !ok {
 		return nil, ErrInvalidKey
 	}
 	s := st.(func() Verifier)()
 	if err := s.UnmarshalPublicKey(key); err != nil {
 		return nil, fmt.Errorf("tuf: error unmarshalling key: %w", err)
 	}
 	return s, nil
 }

 func GetSigner(key *data.PrivateKey) (Signer, error) {
 	st, ok := SignerMap.Load(key.Type)
 	if !ok {
 		return nil, ErrInvalidKey
 	}
 	s := st.(func() Signer)()
 	if err := s.UnmarshalPrivateKey(key); err != nil {
 		return nil, fmt.Errorf("tuf: error unmarshalling key: %w", err)
 	}
 	return s, nil
 }
	package keys

	import (
	"errors"
	"fmt"
	"sync"

	"github.com/theupdateframework/go-tuf/data"
	)

	// SignerMap stores mapping between key type strings and signer constructors.
	var SignerMap sync.Map

	// Verifier stores mapping between key type strings and verifier constructors.
	var VerifierMap sync.Map

	var (
	ErrInvalid = errors.New("tuf: signature verification failed")
	ErrInvalidKey = errors.New("invalid key")
	)

	// A Verifier verifies public key signatures.
	type Verifier interface {
	// UnmarshalPublicKey takes key data to a working verifier implementation for the key type.
	// This performs any validation over the data.PublicKey to ensure that the verifier is usable
	// to verify signatures.
	UnmarshalPublicKey(key *data.PublicKey) error

	// MarshalPublicKey returns the data.PublicKey object associated with the verifier.
	MarshalPublicKey() *data.PublicKey

	// This is the public string used as a unique identifier for the verifier instance.
	Public() string

	// Verify takes a message and signature, all as byte slices,
	// and determines whether the signature is valid for the given
	// key and message.
	Verify(msg, sig []byte) error
	}

	type Signer interface {
	// MarshalPrivateKey returns the private key data.
	MarshalPrivateKey() (*data.PrivateKey, error)

	// UnmarshalPrivateKey takes private key data to a working Signer implementation for the key type.
	UnmarshalPrivateKey(key *data.PrivateKey) error

	// Returns the public data.PublicKey from the private key
	PublicData() *data.PublicKey

	// Sign returns the signature of the message.
	// The signer is expected to do its own hashing, so the full message will be
	// provided as the message to Sign with a zero opts.HashFunc().
	SignMessage(message []byte) ([]byte, error)
	}

	func GetVerifier(key *data.PublicKey) (Verifier, error) {
	st, ok := VerifierMap.Load(key.Type)
	if !ok {
	return nil, ErrInvalidKey
	}
	s := st.(func() Verifier)()
	if err := s.UnmarshalPublicKey(key); err != nil {
	return nil, fmt.Errorf("tuf: error unmarshalling key: %w", err)
	}
	return s, nil
	}

	func GetSigner(key *data.PrivateKey) (Signer, error) {
	st, ok := SignerMap.Load(key.Type)
	if !ok {
	return nil, ErrInvalidKey
	}
	s := st.(func() Signer)()
	if err := s.UnmarshalPrivateKey(key); err != nil {
	return nil, fmt.Errorf("tuf: error unmarshalling key: %w", err)
	}
	return s, nil
	}