diff --git a/signature/algorithm.go b/signature/algorithm.go index 83eea104..8e391924 100644 --- a/signature/algorithm.go +++ b/signature/algorithm.go @@ -26,7 +26,7 @@ type Algorithm int // Signature algorithms supported by this library. // -// Reference: https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#algorithm-selection +// Reference: https://github.com/notaryproject/notaryproject/blob/main/specs/signature-specification.md#algorithm-selection const ( AlgorithmPS256 Algorithm = 1 + iota // RSASSA-PSS with SHA-256 AlgorithmPS384 // RSASSA-PSS with SHA-384 diff --git a/signature/internal/base/envelope.go b/signature/internal/base/envelope.go index 5dbf24f5..41c685e0 100644 --- a/signature/internal/base/envelope.go +++ b/signature/internal/base/envelope.go @@ -33,7 +33,7 @@ type Envelope struct { // Sign generates signature in terms of given SignRequest. // -// Reference: https://github.com/notaryproject/notaryproject/blob/main/signing-and-verification-workflow.md#signing-steps +// Reference: https://github.com/notaryproject/notaryproject/blob/main/specs/signing-and-verification-workflow.md#signing-steps func (e *Envelope) Sign(req *signature.SignRequest) ([]byte, error) { // Canonicalize request. req.SigningTime = req.SigningTime.Truncate(time.Second) @@ -71,7 +71,7 @@ func (e *Envelope) Sign(req *signature.SignRequest) ([]byte, error) { // It returns envelope content containing the payload to be signed and // SignerInfo object containing the information about the signature. // -// Reference: https://github.com/notaryproject/notaryproject/blob/main/trust-store-trust-policy-specification.md#steps +// Reference: https://github.com/notaryproject/notaryproject/blob/main/specs/trust-store-trust-policy.md#steps func (e *Envelope) Verify() (*signature.EnvelopeContent, error) { // validation before the core verify process. if len(e.Raw) == 0 { diff --git a/signature/jws/types.go b/signature/jws/types.go index 2c15b7e2..bfbb204b 100644 --- a/signature/jws/types.go +++ b/signature/jws/types.go @@ -31,7 +31,7 @@ const ( ) // headerKeys includes all system aware keys for JWS protected header -// [JWS envelope]: https://github.com/notaryproject/notaryproject/blob/main/signature-envelope-jws.md#protected-headers +// [JWS envelope]: https://github.com/notaryproject/notaryproject/blob/main/specs/signature-envelope-jws.md#protected-headers var headerKeys = []string{ headerKeyAlg, headerKeyCty, diff --git a/signature/signer.go b/signature/signer.go index 692616e4..28053a38 100644 --- a/signature/signer.go +++ b/signature/signer.go @@ -126,7 +126,7 @@ func (s *localSigner) PrivateKey() crypto.PrivateKey { // with one of the trusted certificates and returns a certificate that matches // with one of the certificates in the SignerInfo. // -// Reference: https://github.com/notaryproject/notaryproject/blob/main/trust-store-trust-policy-specification.md#steps +// Reference: https://github.com/notaryproject/notaryproject/blob/main/specs/trust-store-trust-policy.md#steps func VerifyAuthenticity(signerInfo *SignerInfo, trustedCerts []*x509.Certificate) (*x509.Certificate, error) { if len(trustedCerts) == 0 { return nil, &InvalidArgumentError{Param: "trustedCerts"} diff --git a/signature/types.go b/signature/types.go index be51b091..e324b92f 100644 --- a/signature/types.go +++ b/signature/types.go @@ -24,7 +24,7 @@ type SignatureMediaType string // SigningScheme formalizes the feature set (guarantees) provided by // the signature. -// Reference: https://github.com/notaryproject/notaryproject/blob/main/signing-scheme.md +// Reference: https://github.com/notaryproject/notaryproject/blob/main/specs/signing-scheme.md type SigningScheme string // SigningSchemes supported by notation. @@ -37,7 +37,7 @@ const ( ) // SignedAttributes represents signed metadata in the signature envelope. -// Reference: https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#signed-attributes +// Reference: https://github.com/notaryproject/notaryproject/blob/main/specs/signature-specification.md#signed-attributes type SignedAttributes struct { // SigningScheme defines the Notary Project Signing Scheme used by the signature. SigningScheme SigningScheme @@ -53,7 +53,7 @@ type SignedAttributes struct { } // UnsignedAttributes represents unsigned metadata in the Signature envelope. -// Reference: https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#unsigned-attributes +// Reference: https://github.com/notaryproject/notaryproject/blob/main/specs/signature-specification.md#unsigned-attributes type UnsignedAttributes struct { // TimestampSignature is a counter signature providing authentic timestamp. TimestampSignature []byte diff --git a/x509/cert_validations.go b/x509/cert_validations.go index 28b998d2..84ba24dd 100644 --- a/x509/cert_validations.go +++ b/x509/cert_validations.go @@ -37,7 +37,7 @@ var kuLeafCertBlockedString = "ContentCommitment, KeyEncipherment, DataEncipherm // ValidateCodeSigningCertChain takes an ordered code-signing certificate chain // and validates issuance from leaf to root // Validates certificates according to this spec: -// https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#certificate-requirements +// https://github.com/notaryproject/notaryproject/blob/main/specs/signature-specification.md#certificate-requirements func ValidateCodeSigningCertChain(certChain []*x509.Certificate, signingTime *time.Time) error { return validateCertChain(certChain, 0, signingTime) } @@ -45,7 +45,7 @@ func ValidateCodeSigningCertChain(certChain []*x509.Certificate, signingTime *ti // ValidateTimeStampingCertChain takes an ordered time-stamping certificate // chain and validates issuance from leaf to root // Validates certificates according to this spec: -// https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#certificate-requirements +// https://github.com/notaryproject/notaryproject/blob/main/specs/signature-specification.md#certificate-requirements func ValidateTimeStampingCertChain(certChain []*x509.Certificate, signingTime *time.Time) error { return validateCertChain(certChain, x509.ExtKeyUsageTimeStamping, signingTime) }