首页 浏览 帮助
注册 登录
hungerzs
/
rancherOS
关注 1
点赞 0
派生 0
文件 工单管理 0 合并请求 0 Wiki
分支: v1.0.x-eol
分支列表 标签列表
rancherOS
/
vendor
/
github.com
/
docker
/
distribution
/
manifest
/
schema1
/
verify.go

verify.go 876 B
永久链接 文件历史 原始文件

123456789101112131415161718192021222324252627282930313233 
  1. package schema1
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto/x509"
    5. 

  5. 

  6. 	"github.com/Sirupsen/logrus"
    7. 

  7. 	"github.com/docker/libtrust"
    8. 

  8. )
    9. 

  9. 

  10. // Verify verifies the signature of the signed manifest returning the public
    11. 

  11. // keys used during signing.
    12. 

  12. func Verify(sm *SignedManifest) ([]libtrust.PublicKey, error) {
    13. 

  13. 	js, err := libtrust.ParsePrettySignature(sm.all, "signatures")
    14. 

  14. 	if err != nil {
    15. 

  15. 		logrus.WithField("err", err).Debugf("(*SignedManifest).Verify")
    16. 

  16. 		return nil, err
    17. 

  17. 	}
    18. 

  18. 

  19. 	return js.Verify()
    20. 

  20. }
    21. 

  21. 

  22. // VerifyChains verifies the signature of the signed manifest against the
    23. 

  23. // certificate pool returning the list of verified chains. Signatures without
    24. 

  24. // an x509 chain are not checked.
    25. 

  25. func VerifyChains(sm *SignedManifest, ca *x509.CertPool) ([][]*x509.Certificate, error) {
    26. 

  26. 	js, err := libtrust.ParsePrettySignature(sm.all, "signatures")
    27. 

  27. 	if err != nil {
    28. 

  28. 		return nil, err
    29. 

  29. 	}
    30. 

  30. 

  31. 	return js.VerifyChains(ca)
    32. 

  32. }
    33. 

  33.