docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[PATCH 5/8] Add sha512 check on CLI command 

Include:
- verify

Signed-off-by: Hu Keping <hukeping@huawei.com>
This commit is contained in:
HuKeping 2016-02-26 19:32:41 +08:00
parent 206d02ab4d
commit 95ed108c12
1 changed files with 3 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cmd/notary/tuf.go
View File

@ -2,7 +2,6 @@ package main
import (
"bufio"
"crypto/sha256"
"fmt"
"io/ioutil"
"net"
@ -12,8 +11,6 @@ import (
"strings"
"time"
"crypto/subtle"
"github.com/Sirupsen/logrus"
"github.com/docker/distribution/registry/client/auth"
"github.com/docker/distribution/registry/client/transport"
@ -385,13 +382,10 @@ func (t *tufCommander) tufVerify(cmd *cobra.Command, args []string) error {
return fmt.Errorf("error retrieving target by name:%s, error:%v", targetName, err)
}
// Create hasher and hash data
stdinHash := sha256.Sum256(payload)
serverHash := target.Hashes["sha256"]
if subtle.ConstantTimeCompare(stdinHash[:], serverHash) == 0 {
return fmt.Errorf("notary: data not present in the trusted collection")
if err := data.CheckHashes(payload, target.Hashes); err != nil {
return fmt.Errorf("data not present in the trusted collection, %v", err)
}
_, _ = os.Stdout.Write(payload)
return nil
}