-
Notifications
You must be signed in to change notification settings - Fork 362
/
cosign.go
38 lines (32 loc) · 1.32 KB
/
cosign.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
package signature
import "encoding/json"
const CosignSignatureMIMEType = "application/vnd.dev.cosign.simplesigning.v1+json"
// Cosign is a github.com/Cosign/cosign signature.
// For the persistent-storage format used for blobChunk(), we want
// a degree of forward compatibility against unexpected field changes
// (as has happened before), which is why this data type
// contains just a payload + annotations (including annotations
// that we don’t recognize or support), instead of individual fields
// for the known annotations.
type Cosign struct {
UntrustedMIMEType string `json:"mimeType"`
UntrustedPayload []byte `json:"payload"`
UntrustedAnnotations map[string]string `json:"annotations"`
}
// cosignFromBlobChunk converts a Cosign signature, as returned by Cosign.blobChunk, into a Cosign object.
func cosignFromBlobChunk(blobChunk []byte) (Cosign, error) {
var res Cosign
if err := json.Unmarshal(blobChunk, &res); err != nil {
return Cosign{}, err
}
return res, nil
}
// FIXME FIXME: MIME type? Int? String?
func (s Cosign) FormatID() FormatID {
return CosignFormat
}
// blobChunk returns a representation of signature as a []byte, suitable for long-term storage.
// Almost everyone should use signature.Blob() instead.
func (s Cosign) blobChunk() ([]byte, error) {
return json.Marshal(s)
}