From 8c7bec72b1e4b3f724e862b538e3632e1fad0af9 Mon Sep 17 00:00:00 2001 From: Stephen J Day Date: Mon, 1 Dec 2014 16:13:01 -0800 Subject: [PATCH] Cleanup image verification error handling This diff removes a few early outs that caused errors to be unreported and catches a missed error case for signature verification from libtrust. More work needs to be done around ensuring consistent error handling but this is enough to make the API work correctly. --- storage/manifeststore.go | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/storage/manifeststore.go b/storage/manifeststore.go index 707311b8..e1760dd8 100644 --- a/storage/manifeststore.go +++ b/storage/manifeststore.go @@ -111,11 +111,13 @@ func (ms *manifestStore) verifyManifest(name, tag string, manifest *SignedManife var errs ErrManifestVerification if manifest.Name != name { - return fmt.Errorf("name does not match manifest name") + // TODO(stevvooe): This needs to be an exported error + errs = append(errs, fmt.Errorf("name does not match manifest name")) } if manifest.Tag != tag { - return fmt.Errorf("tag does not match manifest tag") + // TODO(stevvooe): This needs to be an exported error. + errs = append(errs, fmt.Errorf("tag does not match manifest tag")) } // TODO(stevvooe): These pubkeys need to be checked with either Verify or @@ -127,7 +129,11 @@ func (ms *manifestStore) verifyManifest(name, tag string, manifest *SignedManife case libtrust.ErrMissingSignatureKey, libtrust.ErrInvalidJSONContent, libtrust.ErrMissingSignatureKey: errs = append(errs, ErrManifestUnverified{}) default: - errs = append(errs, err) + if err.Error() == "invalid signature" { // TODO(stevvooe): This should be exported by libtrust + errs = append(errs, ErrManifestUnverified{}) + } else { + errs = append(errs, err) + } } }