Merge master into breakout_swarm

Signed-off-by: Alex Ellis <alexellis2@gmail.com>
2025-06-21 00:06:38 +00:00 · 2018-02-01 09:25:39 +00:00
parent afeb7bbce4
commit f954bf0733
1953 changed files with 614131 additions and 175582 deletions
--- a/gateway/vendor/github.com/docker/distribution/manifest/schema1/verify.go
+++ b/gateway/vendor/github.com/docker/distribution/manifest/schema1/verify.go
@ -0,0 +1,32 @@
+package schema1
+
+import (
+	"crypto/x509"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/libtrust"
+)
+
+// Verify verifies the signature of the signed manifest returning the public
+// keys used during signing.
+func Verify(sm *SignedManifest) ([]libtrust.PublicKey, error) {
+	js, err := libtrust.ParsePrettySignature(sm.all, "signatures")
+	if err != nil {
+		logrus.WithField("err", err).Debugf("(*SignedManifest).Verify")
+		return nil, err
+	}
+
+	return js.Verify()
+}
+
+// VerifyChains verifies the signature of the signed manifest against the
+// certificate pool returning the list of verified chains. Signatures without
+// an x509 chain are not checked.
+func VerifyChains(sm *SignedManifest, ca *x509.CertPool) ([][]*x509.Certificate, error) {
+	js, err := libtrust.ParsePrettySignature(sm.all, "signatures")
+	if err != nil {
+		return nil, err
+	}
+
+	return js.VerifyChains(ca)
+}