From d01b451dd56b038fe88202ded944d4f90e16a366 Mon Sep 17 00:00:00 2001
From: Josh Hawn <josh.hawn@docker.com>
Date: Fri, 23 Jan 2015 09:54:17 -0800
Subject: [PATCH] Always store images with tarsum.v1 checksum added

Updates `image.StoreImage()` to always ensure that images
that are installed in Docker have a tarsum.v1 checksum.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
---
 tarsum/tarsum.go     |  1 +
 tarsum/versioning.go | 12 ++++++++++++
 2 files changed, 13 insertions(+)

diff --git a/tarsum/tarsum.go b/tarsum/tarsum.go
index c6a7294..88fcbe4 100644
--- a/tarsum/tarsum.go
+++ b/tarsum/tarsum.go
@@ -122,6 +122,7 @@ type tHashConfig struct {
 }
 
 var (
+	// NOTE: DO NOT include MD5 or SHA1, which are considered insecure.
 	standardHashConfigs = map[string]tHashConfig{
 		"sha256": {name: "sha256", hash: crypto.SHA256},
 		"sha512": {name: "sha512", hash: crypto.SHA512},
diff --git a/tarsum/versioning.go b/tarsum/versioning.go
index be1d070..0ceb529 100644
--- a/tarsum/versioning.go
+++ b/tarsum/versioning.go
@@ -22,6 +22,18 @@ const (
 	VersionDev
 )
 
+// VersionLabelForChecksum returns the label for the given tarsum
+// checksum, i.e., everything before the first `+` character in
+// the string or an empty string if no label separator is found.
+func VersionLabelForChecksum(checksum string) string {
+	// Checksums are in the form: {versionLabel}+{hashID}:{hex}
+	sepIndex := strings.Index(checksum, "+")
+	if sepIndex < 0 {
+		return ""
+	}
+	return checksum[:sepIndex]
+}
+
 // Get a list of all known tarsum Version
 func GetVersions() []Version {
 	v := []Version{}