docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[PATCH 5/8] Add sha512 check on CLI command 

Include:
- verify

Signed-off-by: Hu Keping <hukeping@huawei.com>
This commit is contained in:
HuKeping 2016-02-26 19:32:41 +08:00
parent 206d02ab4d
commit 95ed108c12
1 changed files with 3 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cmd/notary/tuf.go
View File

@ -2,7 +2,6 @@ package main
import ( import (
"bufio" "bufio"
"crypto/sha256"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"net" "net"
@ -12,8 +11,6 @@ import (
"strings" "strings"
"time" "time"
"crypto/subtle"
"github.com/Sirupsen/logrus" "github.com/Sirupsen/logrus"
"github.com/docker/distribution/registry/client/auth" "github.com/docker/distribution/registry/client/auth"
"github.com/docker/distribution/registry/client/transport" "github.com/docker/distribution/registry/client/transport"
@ -385,13 +382,10 @@ func (t *tufCommander) tufVerify(cmd *cobra.Command, args []string) error {
return fmt.Errorf("error retrieving target by name:%s, error:%v", targetName, err) return fmt.Errorf("error retrieving target by name:%s, error:%v", targetName, err)
} }
// Create hasher and hash data if err := data.CheckHashes(payload, target.Hashes); err != nil {
stdinHash := sha256.Sum256(payload) return fmt.Errorf("data not present in the trusted collection, %v", err)
serverHash := target.Hashes["sha256"]
if subtle.ConstantTimeCompare(stdinHash[:], serverHash) == 0 {
return fmt.Errorf("notary: data not present in the trusted collection")
} }
_, _ = os.Stdout.Write(payload) _, _ = os.Stdout.Write(payload)
return nil return nil
} }