Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
cleanup: clean up notation CLI (notaryproject#485)
Browse files Browse the repository at this point in the history
This PR intends to resolve notaryproject#446, notaryproject#477.

Signed-off-by: Patrick Zheng <[email protected]>
Signed-off-by: vaninrao10 <[email protected]>
Two-Hearts authored and vaninrao10 committed Jan 5, 2023
1 parent c6ab817 commit 8ff4bf2
Showing 3 changed files with 7 additions and 93 deletions.
13 changes: 7 additions & 6 deletions cmd/notation/verify.go
Original file line number Diff line number Diff line change
@@ -8,7 +8,6 @@ import (
"reflect"

"github.com/notaryproject/notation-go"
"github.com/notaryproject/notation-go/log"
notationregistry "github.com/notaryproject/notation-go/registry"
"github.com/notaryproject/notation-go/verifier"
"github.com/notaryproject/notation-go/verifier/trustpolicy"
@@ -63,7 +62,6 @@ Example - Verify a signature on an OCI artifact identified by a tag (Notation w
func runVerify(command *cobra.Command, opts *verifyOpts) error {
// set log level
ctx := opts.LoggingFlagOpts.SetLoggerLevel(command.Context())
logger := log.GetLogger(ctx)

// initialize
reference := opts.reference
@@ -101,13 +99,16 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error {
MaxSignatureAttempts: math.MaxInt64,
}

// core process
// core verify process
_, outcomes, err := notation.Verify(ctx, verifier, sigRepo, verifyOpts)
if err != nil {
logger.Error(err)
}
// write out on failure
if err != nil || len(outcomes) == 0 {
if err != nil {
var errorVerificationFailed *notation.ErrorVerificationFailed
if !errors.As(err, &errorVerificationFailed) {
return fmt.Errorf("signature verification failed: %w", err)
}
}
return fmt.Errorf("signature verification failed for all the signatures associated with %s", ref.String())
}

17 changes: 0 additions & 17 deletions internal/envelope/envelope.go
Original file line number Diff line number Diff line change
@@ -1,12 +1,10 @@
package envelope

import (
"errors"
"fmt"

"github.com/notaryproject/notation-core-go/signature/cose"
"github.com/notaryproject/notation-core-go/signature/jws"
gcose "github.com/veraison/go-cose"
)

// Supported envelope format.
@@ -15,21 +13,6 @@ const (
JWS = "jws"
)

// SpeculateSignatureEnvelopeFormat speculates envelope format by looping all builtin envelope format.
//
// TODO: abandon this fature in RC1.
func SpeculateSignatureEnvelopeFormat(raw []byte) (string, error) {
var msg gcose.Sign1Message
if err := msg.UnmarshalCBOR(raw); err == nil {
return cose.MediaTypeEnvelope, nil
}
if len(raw) == 0 || raw[0] != '{' {
// very certain
return "", errors.New("unsupported signature format")
}
return jws.MediaTypeEnvelope, nil
}

// GetEnvelopeMediaType converts the envelope type to mediaType name.
func GetEnvelopeMediaType(sigFormat string) (string, error) {
switch sigFormat {
70 changes: 0 additions & 70 deletions internal/envelope/envelope_test.go
Original file line number Diff line number Diff line change
@@ -1,79 +1,9 @@
package envelope

import (
"encoding/json"
"errors"
"testing"

"github.com/notaryproject/notation-core-go/signature/cose"
"github.com/notaryproject/notation-core-go/signature/jws"
gcose "github.com/veraison/go-cose"
)

var (
validJwsSignatureEnvelope, _ = json.Marshal(struct{}{})
validCoseSignatureEnvelope []byte
invalidSignatureEnvelope = []byte("invalid")
)

func init() {
msg := gcose.Sign1Message{
Headers: gcose.NewSign1Message().Headers,
Payload: []byte("valid"),
Signature: []byte("valid"),
}
validCoseSignatureEnvelope, _ = msg.MarshalCBOR()
}

func checkErrorEqual(expected, got error) bool {
if expected == nil && got == nil {
return true
}
if expected != nil && got != nil {
return expected.Error() == got.Error()
}
return false
}

func TestSpeculateSignatureEnvelopeFormat(t *testing.T) {
tests := []struct {
name string
raw []byte
expectedType string
expectedErr error
}{
{
name: "jws signature media type",
raw: validJwsSignatureEnvelope,
expectedType: jws.MediaTypeEnvelope,
expectedErr: nil,
},
{
name: "cose signature media type",
raw: validCoseSignatureEnvelope,
expectedType: cose.MediaTypeEnvelope,
expectedErr: nil,
},
{
name: "invalid signature media type",
raw: invalidSignatureEnvelope,
expectedType: "",
expectedErr: errors.New("unsupported signature format"),
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
eType, err := SpeculateSignatureEnvelopeFormat(tt.raw)
if !checkErrorEqual(tt.expectedErr, err) {
t.Fatalf("expected speculate signature envelope format err: %v, got: %v", tt.expectedErr, err)
}
if eType != tt.expectedType {
t.Fatalf("expected signatureFormat: %v, got: %v", tt.expectedType, eType)
}
})
}
}

func TestGetEnvelopeMediaType(t *testing.T) {
type args struct {
sigFormat string

0 comments on commit 8ff4bf2

Please sign in to comment.