diff options
| author | StevenWdV <stevenwdv@gmail.com> | 2021-11-20 15:04:53 +0100 |
|---|---|---|
| committer | StevenWdV <stevenwdv@gmail.com> | 2021-11-20 15:05:49 +0100 |
| commit | b8d368b93479233a8ecbeba3daf4b10bee8f0a4a (patch) | |
| tree | 4aa111ece1d7b56e692411f4699a78a11a39ed67 /verify.go | |
| parent | 9312eda1ef9cc8ac359039bc6b89099beba75bba (diff) | |
Change 'time:' to 'timestamp:' in TC
(not sure where I got 'time:' from, minisign uses 'timestamp:')
Diffstat (limited to 'verify.go')
| -rw-r--r-- | verify.go | 11 |
1 files changed, 4 insertions, 7 deletions
@@ -31,7 +31,7 @@ func Verify(signatureFileContent string, signedJson []byte, expectedFileName str // Verification is performed using a matching key in allowedPublicKeys. // The signature is checked to be a Blake2b-prehashed Ed25519 Minisign signature with a valid trusted comment. // The file type that is verified is indicated by expectedFileName, which must be one of server_list.json/organization_list.json. -// The trusted comment is checked to be of the form "time<(stamp)>:<timestamp>\tfile:<expectedFileName>", optionally suffixed by something, e.g. "\thashed". +// The trusted comment is checked to be of the form "timestamp:<timestamp>\tfile:<expectedFileName>", optionally suffixed by something, e.g. "\thashed". // The signature is checked to have a timestamp with a value of at least minSignTime, which is a UNIX timestamp without milliseconds; // // The return value will either be (true, nil) on success or (false, err) on failure. @@ -71,13 +71,10 @@ func verifyWithKeys(signatureFileContent string, signedJson []byte, expectedFile var signTime uint64 var sigFileName string // sigFileName cannot have spaces - _, err = fmt.Sscanf(sig.TrustedComment, "trusted comment: time:%d\tfile:%s", &signTime, &sigFileName) + _, err = fmt.Sscanf(sig.TrustedComment, "trusted comment: timestamp:%d\tfile:%s", &signTime, &sigFileName) if err != nil { - _, err = fmt.Sscanf(sig.TrustedComment, "trusted comment: timestamp:%d\tfile:%s", &signTime, &sigFileName) - if err != nil { - return false, VerifyError{ErrInvalidTrustedComment, - fmt.Sprintf("failed to interpret trusted comment (%q)", sig.TrustedComment), err} - } + return false, VerifyError{ErrInvalidTrustedComment, + fmt.Sprintf("failed to interpret trusted comment (%q)", sig.TrustedComment), err} } if sigFileName != expectedFileName { |