Skip to content

Commit fa09f5b

Browse files
wkingwking
committed
schema/validator: Punt sha256/sha512 hex-validation to go-digest
It's covered this since opencontainers/go-digest@4ca13015 (disallow upper characters (/A-F/) in hex-encoded portion, 2017-05-12, #34), so we don't need to do it locally. Also, use a more specific check for ignoring unrecognized algorithms, because we don't want to return nil when go-digest notices an invalid encoding, etc. Signed-off-by: W. Trevor King <[email protected]>
1 parent df6f3c5 commit fa09f5b

File tree

1 file changed

+3
-18
lines changed

1 file changed

+3
-18
lines changed

schema/validator.go

Lines changed: 3 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,6 @@ import (
2020
"fmt"
2121
"io"
2222
"io/ioutil"
23-
"regexp"
2423

2524
digest "github.com/opencontainers/go-digest"
2625
"github.com/opencontainers/image-spec/specs-go/v1"
@@ -125,11 +124,6 @@ func validateManifest(r io.Reader) error {
125124
return nil
126125
}
127126

128-
var (
129-
sha256EncodedRegexp = regexp.MustCompile(`^[a-f0-9]{64}$`)
130-
sha512EncodedRegexp = regexp.MustCompile(`^[a-f0-9]{128}$`)
131-
)
132-
133127
func validateDescriptor(r io.Reader) error {
134128
header := v1.Descriptor{}
135129

@@ -143,22 +137,13 @@ func validateDescriptor(r io.Reader) error {
143137
return errors.Wrap(err, "descriptor format mismatch")
144138
}
145139

146-
if header.Digest.Validate() != nil {
140+
err = header.Digest.Validate()
141+
if err == digest.ErrDigestUnsupported {
147142
// we ignore unsupported algorithms
148143
fmt.Printf("warning: unsupported digest: %q: %v\n", header.Digest, err)
149144
return nil
150145
}
151-
switch header.Digest.Algorithm() {
152-
case digest.SHA256:
153-
if !sha256EncodedRegexp.MatchString(header.Digest.Hex()) {
154-
return errors.Errorf("unexpected sha256 digest: %q", header.Digest)
155-
}
156-
case digest.SHA512:
157-
if !sha512EncodedRegexp.MatchString(header.Digest.Hex()) {
158-
return errors.Errorf("unexpected sha512 digest: %q", header.Digest)
159-
}
160-
}
161-
return nil
146+
return err
162147
}
163148

164149
func validateIndex(r io.Reader) error {

0 commit comments

Comments
 (0)