podman

1
package libtrust
2

3
import (
4
	"crypto"
5
	_ "crypto/sha256" // Registrer SHA224 and SHA256
6
	_ "crypto/sha512" // Registrer SHA384 and SHA512
7
	"fmt"
8
)
9

10
type signatureAlgorithm struct {
11
	algHeaderParam string
12
	hashID         crypto.Hash
13
}
14

15
func (h *signatureAlgorithm) HeaderParam() string {
16
	return h.algHeaderParam
17
}
18

19
func (h *signatureAlgorithm) HashID() crypto.Hash {
20
	return h.hashID
21
}
22

23
var (
24
	rs256 = &signatureAlgorithm{"RS256", crypto.SHA256}
25
	rs384 = &signatureAlgorithm{"RS384", crypto.SHA384}
26
	rs512 = &signatureAlgorithm{"RS512", crypto.SHA512}
27
	es256 = &signatureAlgorithm{"ES256", crypto.SHA256}
28
	es384 = &signatureAlgorithm{"ES384", crypto.SHA384}
29
	es512 = &signatureAlgorithm{"ES512", crypto.SHA512}
30
)
31

32
func rsaSignatureAlgorithmByName(alg string) (*signatureAlgorithm, error) {
33
	switch {
34
	case alg == "RS256":
35
		return rs256, nil
36
	case alg == "RS384":
37
		return rs384, nil
38
	case alg == "RS512":
39
		return rs512, nil
40
	default:
41
		return nil, fmt.Errorf("RSA Digital Signature Algorithm %q not supported", alg)
42
	}
43
}
44

45
func rsaPKCS1v15SignatureAlgorithmForHashID(hashID crypto.Hash) *signatureAlgorithm {
46
	switch {
47
	case hashID == crypto.SHA512:
48
		return rs512
49
	case hashID == crypto.SHA384:
50
		return rs384
51
	case hashID == crypto.SHA256:
52
		fallthrough
53
	default:
54
		return rs256
55
	}
56
}
57