Addressed small nits

Signed-off-by: Diogo Monica <diogo@docker.com>
2015-07-19 13:43:54 -07:00 · 2015-07-19 13:43:54 -07:00 · 1e9365a384
parent cf9e6499e1
commit 1e9365a384
2 changed files with 5 additions and 4 deletions
--- a/keystoremanager/keystoremanager.go
+++ b/keystoremanager/keystoremanager.go
@ -313,7 +313,7 @@ func validRootLeafCerts(root *data.SignedRoot, gun string) ([]*x509.Certificate,
 			cert.SignatureAlgorithm == x509.DSAWithSHA1 ||
 			cert.SignatureAlgorithm == x509.ECDSAWithSHA1 {

-			logrus.Debugf("error certificate uses old ciphers")
+			logrus.Debugf("error certificate uses deprecated hashing algorithm (SHA1)")
 			continue
 		}

@ -327,6 +327,8 @@ func validRootLeafCerts(root *data.SignedRoot, gun string) ([]*x509.Certificate,
 	return validLeafCerts, nil
 }

+// parseAllCerts returns two maps, one with all of the leafCertificates and one
+// with all the intermediate certificates found in signedRoot
 func parseAllCerts(signedRoot *data.SignedRoot) (map[string]*x509.Certificate, map[string][]*x509.Certificate) {
 	leafCerts := make(map[string]*x509.Certificate)
 	intCerts := make(map[string][]*x509.Certificate)
--- a/trustmanager/x509utils.go
+++ b/trustmanager/x509utils.go
@ -191,10 +191,9 @@ func GetLeafCerts(certs []*x509.Certificate) []*x509.Certificate {
 // ones marked as a CA, to be used as intermediates
 func GetIntermediateCerts(certs []*x509.Certificate) (intCerts []*x509.Certificate) {
 	for _, cert := range certs {
-		if !cert.IsCA {
-			continue
+		if cert.IsCA {
+			intCerts = append(intCerts, cert)
 		}
-		intCerts = append(intCerts, cert)
 	}
 	return intCerts
 }