From b8d368b93479233a8ecbeba3daf4b10bee8f0a4a Mon Sep 17 00:00:00 2001 From: StevenWdV Date: Sat, 20 Nov 2021 15:04:53 +0100 Subject: Change 'time:' to 'timestamp:' in TC (not sure where I got 'time:' from, minisign uses 'timestamp:') --- verify.go | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'verify.go') diff --git a/verify.go b/verify.go index a61731a..89a3d74 100644 --- a/verify.go +++ b/verify.go @@ -31,7 +31,7 @@ func Verify(signatureFileContent string, signedJson []byte, expectedFileName str // Verification is performed using a matching key in allowedPublicKeys. // The signature is checked to be a Blake2b-prehashed Ed25519 Minisign signature with a valid trusted comment. // The file type that is verified is indicated by expectedFileName, which must be one of server_list.json/organization_list.json. -// The trusted comment is checked to be of the form "time<(stamp)>:\tfile:", optionally suffixed by something, e.g. "\thashed". +// The trusted comment is checked to be of the form "timestamp:\tfile:", optionally suffixed by something, e.g. "\thashed". // The signature is checked to have a timestamp with a value of at least minSignTime, which is a UNIX timestamp without milliseconds; // // The return value will either be (true, nil) on success or (false, err) on failure. @@ -71,13 +71,10 @@ func verifyWithKeys(signatureFileContent string, signedJson []byte, expectedFile var signTime uint64 var sigFileName string // sigFileName cannot have spaces - _, err = fmt.Sscanf(sig.TrustedComment, "trusted comment: time:%d\tfile:%s", &signTime, &sigFileName) + _, err = fmt.Sscanf(sig.TrustedComment, "trusted comment: timestamp:%d\tfile:%s", &signTime, &sigFileName) if err != nil { - _, err = fmt.Sscanf(sig.TrustedComment, "trusted comment: timestamp:%d\tfile:%s", &signTime, &sigFileName) - if err != nil { - return false, VerifyError{ErrInvalidTrustedComment, - fmt.Sprintf("failed to interpret trusted comment (%q)", sig.TrustedComment), err} - } + return false, VerifyError{ErrInvalidTrustedComment, + fmt.Sprintf("failed to interpret trusted comment (%q)", sig.TrustedComment), err} } if sigFileName != expectedFileName { -- cgit v1.2.3