Improve validation of data in ImageEngine.SetTrust

- Also reject public keys with types that don't use them
- Reject unknown trust types
- And add unit tests

Signed-off-by: Miloslav Trmač <mitr@redhat.com>

1 files changed, 15 insertions, 3 deletions

diff --git a/pkg/trust/policy.go b/pkg/trust/policy.go
index 352be781c..df4f49ff1 100644
--- a/pkg/trust/policy.go
+++ b/pkg/trust/policy.go
@@ -143,10 +143,22 @@ func AddPolicyEntries(policyPath string, input AddPolicyEntriesInput) error {
 	if trustType == "accept" {
 		trustType = "insecureAcceptAnything"
 	}
-
 	pubkeysfile := input.PubKeyFiles
-	if len(pubkeysfile) == 0 && trustType == "signedBy" {
-		return errors.New("at least one public key must be defined for type 'signedBy'")
+
+	// The error messages in validation failures use input.Type instead of trustType to match the user’s input.
+	switch trustType {
+	case "insecureAcceptAnything", "reject":
+		if len(pubkeysfile) != 0 {
+			return fmt.Errorf("%d public keys unexpectedly provided for trust type %v", len(pubkeysfile), input.Type)
+		}
+
+	case "signedBy":
+		if len(pubkeysfile) == 0 {
+			return errors.New("at least one public key must be defined for type 'signedBy'")
+		}
+
+	default:
+		return fmt.Errorf("unknown trust type %q", input.Type)
 	}
 
 	_, err := os.Stat(policyPath)