Simplify and rename hash functions

This commit is contained in:
Jonny Stoten
2024-05-08 10:28:01 +01:00
parent d5b059043f
commit e3d02ab2e1
9 changed files with 11 additions and 15 deletions

View File

@@ -5,14 +5,11 @@ import (
"encoding/hex"
)
func HexHashBytes(input []byte) string {
s256 := sha256.New()
s256.Write(input)
hashSum := s256.Sum(nil)
return hex.EncodeToString(hashSum)
func SHA256Hex(input []byte) string {
return hex.EncodeToString(SHA256(input))
}
func S256(data []byte) []byte {
func SHA256(data []byte) []byte {
h := sha256.Sum256(data)
return h[:]
}

View File

@@ -19,7 +19,7 @@ func SignDSSE(ctx context.Context, payload []byte, payloadType string, signer ds
encPayload := dsse.PAE(payloadType, payload)
// statement message digest
hash := util.S256(encPayload)
hash := util.SHA256(encPayload)
// sign message digest
sig, err := signer.Sign(ctx, hash)

View File

@@ -121,7 +121,7 @@ func verifySignature(ctx context.Context, sig Signature, payload []byte, keys Ke
return fmt.Errorf("error failed to decode signature: %w", err)
}
// verify payload ecdsa signature
ok = ecdsa.VerifyASN1(publicKey, util.S256(payload), signature)
ok = ecdsa.VerifyASN1(publicKey, util.SHA256(payload), signature)
if !ok {
return fmt.Errorf("payload signature is not valid")
}

View File

@@ -38,7 +38,7 @@ func (s *ECDSA256_SignerVerifier) Verify(ctx context.Context, data []byte, sig [
if !ok {
return fmt.Errorf("public key is not ecdsa")
}
ok = ecdsa.VerifyASN1(pub, util.S256(data), sig)
ok = ecdsa.VerifyASN1(pub, util.SHA256(data), sig)
if !ok {
return fmt.Errorf("payload signature is not valid")
}

View File

@@ -13,5 +13,5 @@ func KeyID(pubKey crypto.PublicKey) (string, error) {
if err != nil {
return "", fmt.Errorf("error marshalling public key: %w", err)
}
return util.HexHashBytes(pub), nil
return util.SHA256Hex(pub), nil
}

View File

@@ -7,7 +7,6 @@ import (
"crypto/x509"
"crypto/x509/pkix"
"encoding/base64"
"encoding/hex"
"encoding/pem"
"fmt"
"math/big"
@@ -214,7 +213,7 @@ func (tl *RekorTL) VerifyEntryPayload(entryBytes, payload, publicKey []byte) err
}
// compare payload hashes
payloadHash := hex.EncodeToString(util.S256(payload))
payloadHash := util.SHA256Hex(payload)
if rekord.Hash != payloadHash {
return fmt.Errorf("error payload and tl entry hash mismatch")
}

View File

@@ -44,7 +44,7 @@ func TestCreateX509Cert(t *testing.T) {
func TestUploadAndVerifyLogEntry(t *testing.T) {
// message digest
payload := []byte("test")
hash := util.S256(payload)
hash := util.SHA256(payload)
// generate ephemeral keys to sign message digest
signer, err := signerverifier.GenKeyPair()

View File

@@ -121,7 +121,7 @@ func TestFindFileInManifest(t *testing.T) {
// make test image manifest
file := "test.json"
data := []byte("test")
hash := v1.Hash{Algorithm: "sha256", Hex: util.HexHashBytes(data)}
hash := v1.Hash{Algorithm: "sha256", Hex: util.SHA256Hex(data)}
img := empty.Image
img = mutate.MediaType(img, types.OCIManifestSchema1)
img = mutate.ConfigMediaType(img, types.OCIConfigJSON)

View File

@@ -44,7 +44,7 @@ func NewTufClient(initialRoot []byte, tufPath, metadataSource, targetsSource str
tufSource = OciSource
}
tufRootDigest := util.HexHashBytes(initialRoot)
tufRootDigest := util.SHA256Hex(initialRoot)
// create a directory for each initial root.json
metadataPath := filepath.Join(tufPath, tufRootDigest)