Update vendor or containers/buildah

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2025-12-09 07:09:03 +08:00 · 2022-09-22 05:54:49 -04:00
parent 25dc2759e1
commit 54653ceebe
181 changed files with 2108 additions and 1314 deletions
--- a/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/certificate.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/certificate.go
@@ -13,6 +13,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

+// Package cryptoutils TODO: add meaningfull description
 package cryptoutils

 import (
--- a/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/password.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/password.go
@@ -18,7 +18,7 @@ package cryptoutils
 import (
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"

 	"golang.org/x/term"
@@ -50,7 +50,7 @@ func readPasswordFn() func() ([]byte, error) {
 	}
 	// Handle piped in passwords.
 	return func() ([]byte, error) {
-		return ioutil.ReadAll(os.Stdin)
+		return io.ReadAll(os.Stdin)
 	}
 }

--- a/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/privatekey.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/privatekey.go
@@ -31,7 +31,11 @@ import (

 const (
 	// PrivateKeyPEMType is the string "PRIVATE KEY" to be used during PEM encoding and decoding
-	PrivateKeyPEMType                PEMType = "PRIVATE KEY"
+	PrivateKeyPEMType PEMType = "PRIVATE KEY"
+	// ECPrivateKeyPEMType is the string "EC PRIVATE KEY" used to parse SEC 1 EC private keys
+	ECPrivateKeyPEMType PEMType = "EC PRIVATE KEY"
+	// PKCS1PrivateKeyPEMType is the string "RSA PRIVATE KEY" used to parse PKCS#1-encoded private keys
+	PKCS1PrivateKeyPEMType           PEMType = "RSA PRIVATE KEY"
 	encryptedCosignPrivateKeyPEMType PEMType = "ENCRYPTED COSIGN PRIVATE KEY"
 	// EncryptedSigstorePrivateKeyPEMType is the string "ENCRYPTED SIGSTORE PRIVATE KEY" to be used during PEM encoding and decoding
 	EncryptedSigstorePrivateKeyPEMType PEMType = "ENCRYPTED SIGSTORE PRIVATE KEY"
@@ -106,6 +110,10 @@ func UnmarshalPEMToPrivateKey(pemBytes []byte, pf PassFunc) (crypto.PrivateKey,
 	switch derBlock.Type {
 	case string(PrivateKeyPEMType):
 		return x509.ParsePKCS8PrivateKey(derBlock.Bytes)
+	case string(PKCS1PrivateKeyPEMType):
+		return x509.ParsePKCS1PrivateKey(derBlock.Bytes)
+	case string(ECPrivateKeyPEMType):
+		return x509.ParseECPrivateKey(derBlock.Bytes)
 	case string(EncryptedSigstorePrivateKeyPEMType), string(encryptedCosignPrivateKeyPEMType):
 		derBytes := derBlock.Bytes
 		if pf != nil {
@@ -123,7 +131,7 @@ func UnmarshalPEMToPrivateKey(pemBytes []byte, pf PassFunc) (crypto.PrivateKey,

 		return x509.ParsePKCS8PrivateKey(derBytes)
 	}
-	return nil, fmt.Errorf("unknown PEM file type: %v", derBlock.Type)
+	return nil, fmt.Errorf("unknown private key PEM file type: %v", derBlock.Type)
 }

 // MarshalPrivateKeyToDER converts a crypto.PrivateKey into a PKCS8 ASN.1 DER byte slice
@@ -134,7 +142,7 @@ func MarshalPrivateKeyToDER(priv crypto.PrivateKey) ([]byte, error) {
 	return x509.MarshalPKCS8PrivateKey(priv)
 }

-// MarshalPrivateKeyToPEM converts a crypto.PrivateKey into a PEM-encoded byte slice
+// MarshalPrivateKeyToPEM converts a crypto.PrivateKey into a PKCS#8 PEM-encoded byte slice
 func MarshalPrivateKeyToPEM(priv crypto.PrivateKey) ([]byte, error) {
 	derBytes, err := MarshalPrivateKeyToDER(priv)
 	if err != nil {
--- a/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/publickey.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/cryptoutils/publickey.go
@@ -37,6 +37,8 @@ import (
 const (
 	// PublicKeyPEMType is the string "PUBLIC KEY" to be used during PEM encoding and decoding
 	PublicKeyPEMType PEMType = "PUBLIC KEY"
+	// PKCS1PublicKeyPEMType is the string "RSA PUBLIC KEY" used to parse PKCS#1-encoded public keys
+	PKCS1PublicKeyPEMType PEMType = "RSA PUBLIC KEY"
 )

 // subjectPublicKeyInfo is used to construct a subject key ID.
@@ -55,6 +57,8 @@ func UnmarshalPEMToPublicKey(pemBytes []byte) (crypto.PublicKey, error) {
 	switch derBytes.Type {
 	case string(PublicKeyPEMType):
 		return x509.ParsePKIXPublicKey(derBytes.Bytes)
+	case string(PKCS1PublicKeyPEMType):
+		return x509.ParsePKCS1PublicKey(derBytes.Bytes)
 	default:
 		return nil, fmt.Errorf("unknown Public key PEM file type: %v. Are you passing the correct public key?",
 			derBytes.Type)
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/options/context.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/options/context.go
@@ -13,6 +13,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

+// Package options TODO: add meaningfull description
 package options

 import (
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/payload/payload.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/payload/payload.go
@@ -13,6 +13,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

+// Package payload TODO: add meaningfull description
 package payload

 import (
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/signer.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/signer.go
@@ -22,7 +22,7 @@ import (
 	"crypto/rsa"
 	"errors"
 	"io"
-	"io/ioutil"
+	"os"
 	"path/filepath"

 	// these ensure we have the implementations loaded
@@ -77,7 +77,7 @@ func LoadSigner(privateKey crypto.PrivateKey, hashFunc crypto.Hash) (Signer, err
 // RSAPSSSigner is desired instead, use the LoadRSAPSSSigner() and
 // cryptoutils.UnmarshalPEMToPrivateKey() methods directly.
 func LoadSignerFromPEMFile(path string, hashFunc crypto.Hash, pf cryptoutils.PassFunc) (Signer, error) {
-	fileBytes, err := ioutil.ReadFile(filepath.Clean(path))
+	fileBytes, err := os.ReadFile(filepath.Clean(path))
 	if err != nil {
 		return nil, err
 	}
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/signerverifier.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/signerverifier.go
@@ -21,7 +21,7 @@ import (
 	"crypto/ed25519"
 	"crypto/rsa"
 	"errors"
-	"io/ioutil"
+	"os"
 	"path/filepath"

 	"github.com/sigstore/sigstore/pkg/cryptoutils"
@@ -57,7 +57,7 @@ func LoadSignerVerifier(privateKey crypto.PrivateKey, hashFunc crypto.Hash) (Sig
 // RSAPSSSignerVerifier is desired instead, use the LoadRSAPSSSignerVerifier() and
 // cryptoutils.UnmarshalPEMToPrivateKey() methods directly.
 func LoadSignerVerifierFromPEMFile(path string, hashFunc crypto.Hash, pf cryptoutils.PassFunc) (SignerVerifier, error) {
-	fileBytes, err := ioutil.ReadFile(filepath.Clean(path))
+	fileBytes, err := os.ReadFile(filepath.Clean(path))
 	if err != nil {
 		return nil, err
 	}
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/verifier.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/verifier.go
@@ -22,7 +22,7 @@ import (
 	"crypto/rsa"
 	"errors"
 	"io"
-	"io/ioutil"
+	"os"
 	"path/filepath"

 	"github.com/sigstore/sigstore/pkg/cryptoutils"
@@ -86,7 +86,7 @@ func LoadUnsafeVerifier(publicKey crypto.PublicKey) (Verifier, error) {
 // If the publickey is an RSA key, a RSAPKCS1v15Verifier will be returned. If a
 // RSAPSSVerifier is desired instead, use the LoadRSAPSSVerifier() and cryptoutils.UnmarshalPEMToPublicKey() methods directly.
 func LoadVerifierFromPEMFile(path string, hashFunc crypto.Hash) (Verifier, error) {
-	fileBytes, err := ioutil.ReadFile(filepath.Clean(path))
+	fileBytes, err := os.ReadFile(filepath.Clean(path))
 	if err != nil {
 		return nil, err
 	}