in aws_signing_helper/file_system_signer.go [42:77]
func (fileSystemSigner *FileSystemSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) {
privateKey, _, _ := fileSystemSigner.readCertFiles()
var hash []byte
switch opts.HashFunc() {
case crypto.SHA256:
sum := sha256.Sum256(digest)
hash = sum[:]
case crypto.SHA384:
sum := sha512.Sum384(digest)
hash = sum[:]
case crypto.SHA512:
sum := sha512.Sum512(digest)
hash = sum[:]
default:
return nil, ErrUnsupportedHash
}
ecdsaPrivateKey, ok := privateKey.(*ecdsa.PrivateKey)
if ok {
sig, err := ecdsa.SignASN1(rand, ecdsaPrivateKey, hash[:])
if err == nil {
return sig, nil
}
}
rsaPrivateKey, ok := privateKey.(*rsa.PrivateKey)
if ok {
sig, err := rsa.SignPKCS1v15(rand, rsaPrivateKey, opts.HashFunc(), hash[:])
if err == nil {
return sig, nil
}
}
log.Println("unsupported algorithm")
return nil, errors.New("unsupported algorithm")
}