diff --git a/.circleci/config.yml b/.circleci/config.yml index d2a17637..c3d3cb25 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -16,6 +16,9 @@ executors: golang-latest: docker: - image: golang:1.19 + golang-rc: + docker: + - image: golang:1.20-rc jobs: lint-markdown: @@ -129,11 +132,11 @@ workflows: - build-source: matrix: parameters: - e: ["golang-previous", "golang-latest"] + e: ["golang-previous", "golang-latest", "golang-rc"] - unit-test: matrix: parameters: - e: ["golang-previous", "golang-latest"] + e: ["golang-previous", "golang-latest", "golang-rc"] - release-test tagged-release: diff --git a/pkg/integrity/dsse_test.go b/pkg/integrity/dsse_test.go index 36cb7532..6edb7835 100644 --- a/pkg/integrity/dsse_test.go +++ b/pkg/integrity/dsse_test.go @@ -22,12 +22,9 @@ import ( ) func Test_dsseEncoder_signMessage(t *testing.T) { - ecdsa := getTestSignerVerifier(t, "ecdsa.pem") ed25519 := getTestSignerVerifier(t, "ed25519.pem") rsa := getTestSignerVerifier(t, "rsa.pem") - fakeRand := make([]byte, 1024) - tests := []struct { name string signers []signature.Signer @@ -36,19 +33,8 @@ func Test_dsseEncoder_signMessage(t *testing.T) { wantHash crypto.Hash }{ { - name: "Multi", - signers: []signature.Signer{ecdsa, ed25519, rsa}, - signOpts: []signature.SignOption{ - options.WithRand(bytes.NewReader(fakeRand)), // For deterministic ECDSA signature. - }, - wantHash: crypto.SHA256, - }, - { - name: "ECDSA", - signers: []signature.Signer{ecdsa}, - signOpts: []signature.SignOption{ - options.WithRand(bytes.NewReader(fakeRand)), // For deterministic ECDSA signature. - }, + name: "Multi", + signers: []signature.Signer{ed25519, rsa}, wantHash: crypto.SHA256, }, { diff --git a/pkg/integrity/testdata/Test_dsseEncoder_signMessage/ECDSA.golden b/pkg/integrity/testdata/Test_dsseEncoder_signMessage/ECDSA.golden deleted file mode 100644 index bb683961..00000000 --- a/pkg/integrity/testdata/Test_dsseEncoder_signMessage/ECDSA.golden +++ /dev/null @@ -1 +0,0 @@ -{"payloadType":"application/vnd.sylabs.sif-metadata+json","payload":"eyJPbmUiOjEsIlR3byI6Mn0K","signatures":[{"keyid":"SHA256:13cNV0A11AxgIQYCvlDmJlRi0CjRtjnYF47RzrMhlaU","sig":"MEQCIFo8YCnASBqoUCa0T2H2L/crRYxZ9vFkSpbplBYo4IR6AiAUNulVHknRpFlrRWayZLY6vG9WIW5mx/ywLyI90KchQA=="}]} diff --git a/pkg/integrity/testdata/Test_dsseEncoder_signMessage/Multi.golden b/pkg/integrity/testdata/Test_dsseEncoder_signMessage/Multi.golden index ead06c85..8854372d 100644 --- a/pkg/integrity/testdata/Test_dsseEncoder_signMessage/Multi.golden +++ b/pkg/integrity/testdata/Test_dsseEncoder_signMessage/Multi.golden @@ -1 +1 @@ -{"payloadType":"application/vnd.sylabs.sif-metadata+json","payload":"eyJPbmUiOjEsIlR3byI6Mn0K","signatures":[{"keyid":"SHA256:13cNV0A11AxgIQYCvlDmJlRi0CjRtjnYF47RzrMhlaU","sig":"MEQCIFo8YCnASBqoUCa0T2H2L/crRYxZ9vFkSpbplBYo4IR6AiAUNulVHknRpFlrRWayZLY6vG9WIW5mx/ywLyI90KchQA=="},{"keyid":"SHA256:x6l8ZblpSSXGaPMCzySedWg88BwIFcz8jlPb6el0mFs","sig":"SNnYRFIhDwWjk0pxoreaNiLea6L2WAFUm4boxnv7jiBNGmvMnbCxdsHYsTRBLXvMJHwEfKGvHFJmi9VvMe4JCQ=="},{"keyid":"SHA256:BhCwr7qZulYcOMSl2Jt2DuYHxHNnN6th4NdMqR/PGa4","sig":"qtxC0N3TWRUOOF4nAFwf8izZMVhpGca/s0STBi2h/OU/lND9M4uPG70LMGJ+n2GhCOyKKLR5BpgtlUkBpwhsxiPDqyyXFE2/Rvu/MsNicNIal7A1E64X3iOrMmaXK7qHDY6TpwC0KlxTOsh2XHJSM/cItgebkiRn5ZaZl48/10IzMsq/nOr0k9fGdAdgeApnRAQzBuHzcSAMpz8k9ovbyecfwuNLxXk6PO3isetpFx2j1d11gNfmwE54lCQ9ZGC3hiTJVt9WLBP+xC5AGoiX9f5FQpRzQrg9xGjyfwZDF4PSE9UFfUAC4fGPdultxUPXp8afWocJwbDgZBOkUKgE2L16LtMYSPFMdmAy615Ah6AOyudDTY+6iUr8D7YFdXgkjuQOGxtk7Wh2AIwk1lTOF4nrpycNjOJawBW5AFxdjEJ0LvG/XEJgSC88RoAkQ0YdN7j5N8nNf4+bZJ+CmTXPWU0MdFVDgI59bJKUJU/lt1WM/ZEIzujCgtqYKwCc8LNl5Fruh+2nHmtsAS3bxxPv51Nbw5d8T316SBp0bhjY+R7OncQDaP2FQ+nwpUXuDX3Tr9pqMJxDgErbIATOdSaRQ3KB1iC5gzTwIikuwPIxAuB2Gb5wWGxhqqfx7iA38TpnP5x8YXsjGCseUxFjrKoj5uL1p6ayGXOPJy/D9FsQVtA="}]} +{"payloadType":"application/vnd.sylabs.sif-metadata+json","payload":"eyJPbmUiOjEsIlR3byI6Mn0K","signatures":[{"keyid":"SHA256:x6l8ZblpSSXGaPMCzySedWg88BwIFcz8jlPb6el0mFs","sig":"SNnYRFIhDwWjk0pxoreaNiLea6L2WAFUm4boxnv7jiBNGmvMnbCxdsHYsTRBLXvMJHwEfKGvHFJmi9VvMe4JCQ=="},{"keyid":"SHA256:BhCwr7qZulYcOMSl2Jt2DuYHxHNnN6th4NdMqR/PGa4","sig":"qtxC0N3TWRUOOF4nAFwf8izZMVhpGca/s0STBi2h/OU/lND9M4uPG70LMGJ+n2GhCOyKKLR5BpgtlUkBpwhsxiPDqyyXFE2/Rvu/MsNicNIal7A1E64X3iOrMmaXK7qHDY6TpwC0KlxTOsh2XHJSM/cItgebkiRn5ZaZl48/10IzMsq/nOr0k9fGdAdgeApnRAQzBuHzcSAMpz8k9ovbyecfwuNLxXk6PO3isetpFx2j1d11gNfmwE54lCQ9ZGC3hiTJVt9WLBP+xC5AGoiX9f5FQpRzQrg9xGjyfwZDF4PSE9UFfUAC4fGPdultxUPXp8afWocJwbDgZBOkUKgE2L16LtMYSPFMdmAy615Ah6AOyudDTY+6iUr8D7YFdXgkjuQOGxtk7Wh2AIwk1lTOF4nrpycNjOJawBW5AFxdjEJ0LvG/XEJgSC88RoAkQ0YdN7j5N8nNf4+bZJ+CmTXPWU0MdFVDgI59bJKUJU/lt1WM/ZEIzujCgtqYKwCc8LNl5Fruh+2nHmtsAS3bxxPv51Nbw5d8T316SBp0bhjY+R7OncQDaP2FQ+nwpUXuDX3Tr9pqMJxDgErbIATOdSaRQ3KB1iC5gzTwIikuwPIxAuB2Gb5wWGxhqqfx7iA38TpnP5x8YXsjGCseUxFjrKoj5uL1p6ayGXOPJy/D9FsQVtA="}]} diff --git a/pkg/integrity/verify_test.go b/pkg/integrity/verify_test.go index dc7a512a..8aa62ba6 100644 --- a/pkg/integrity/verify_test.go +++ b/pkg/integrity/verify_test.go @@ -982,8 +982,6 @@ func TestVerifier_Verify(t *testing.T) { t.Fatal(err) } - ecdsa := getTestSignerVerifier(t, "ecdsa.pem") - ed25519 := getTestSignerVerifier(t, "ed25519.pem") ed25519Pub, err := ed25519.PublicKey() if err != nil { @@ -1032,7 +1030,7 @@ func TestVerifier_Verify(t *testing.T) { name: "SignatureNotValidErrorDSSE", f: oneGroupSignedDSSEImage, opts: []VerifierOpt{ - OptVerifyWithVerifier(ecdsa), // Not signed with EC. + OptVerifyWithVerifier(getTestSignerVerifier(t, "ecdsa.pem")), // Not signed with ECDSA. }, wantErr: &SignatureNotValidError{ID: 3}, },