func()

in pkg/controller/common/license/verifier.go [150:213]

• 58 lines of code
• 13 McCabe index (conditional complexity)

func (s *Signer) Sign(spec Signable) ([]byte, error) {
	toSign, err := spec.SignableContentBytes()
	if err != nil {
		return nil, err
	}
	rng := rand.Reader
	hashed := sha512.Sum512(toSign)

	rsaSig, err := rsa.SignPKCS1v15(rng, s.privateKey, crypto.SHA512, hashed[:])
	if err != nil {
		return nil, err
	}
	const magicLen = 13
	magic := make([]byte, magicLen)
	_, err = rand.Read(magic)
	if err != nil {
		return nil, err
	}
	publicKeyBytes, err := x509.MarshalPKIXPublicKey(s.PublicKey)
	if err != nil {
		return nil, errors2.Wrap(err, "while marshalling public key")
	}

	encPubKeyBytes, err := encryptWithAESECB(publicKeyBytes)
	if err != nil {
		return nil, errors2.Wrap(err, "while encrypting public key")
	}

	hash := make([]byte, base64.StdEncoding.EncodedLen(len(encPubKeyBytes)))
	base64.StdEncoding.Encode(hash, encPubKeyBytes)
	// version (uint32) + magic length (uint32) + magic + hash length (uint32) + hash + sig length (uint32) + sig
	sig := make([]byte, 0, 4+4+magicLen+4+len(hash)+4+len(rsaSig))

	buf := bytes.NewBuffer(sig)

	if err := writeInt(buf, spec.Version()); err != nil {
		return nil, err
	}
	if err := writeInt(buf, len(magic)); err != nil {
		return nil, err
	}
	_, err = buf.Write(magic)
	if err != nil {
		return nil, err
	}
	if err := writeInt(buf, len(hash)); err != nil {
		return nil, err
	}
	_, err = buf.Write(hash)
	if err != nil {
		return nil, err
	}
	if err := writeInt(buf, len(rsaSig)); err != nil {
		return nil, err
	}
	_, err = buf.Write(rsaSig)
	if err != nil {
		return nil, err
	}
	sigBytes := buf.Bytes()
	out := make([]byte, base64.StdEncoding.EncodedLen(len(sigBytes)))
	base64.StdEncoding.Encode(out, sigBytes)
	return out, nil
}