mirror of
https://github.com/containers/image.git
synced 2025-04-18 19:44:05 +03:00
28 lines
683 B
Go
28 lines
683 B
Go
//go:build containers_image_fulcio_stub
|
|
|
|
package signature
|
|
|
|
import (
|
|
"crypto"
|
|
"crypto/ecdsa"
|
|
"crypto/x509"
|
|
"errors"
|
|
)
|
|
|
|
type fulcioTrustRoot struct {
|
|
caCertificates *x509.CertPool
|
|
oidcIssuer string
|
|
subjectEmail string
|
|
}
|
|
|
|
func (f *fulcioTrustRoot) validate() error {
|
|
return errors.New("fulcio disabled at compile-time")
|
|
}
|
|
|
|
func verifyRekorFulcio(rekorPublicKeys []*ecdsa.PublicKey, fulcioTrustRoot *fulcioTrustRoot, untrustedRekorSET []byte,
|
|
untrustedCertificateBytes []byte, untrustedIntermediateChainBytes []byte, untrustedBase64Signature string,
|
|
untrustedPayloadBytes []byte) (crypto.PublicKey, error) {
|
|
return nil, errors.New("fulcio disabled at compile-time")
|
|
|
|
}
|