summaryrefslogtreecommitdiff
path: root/pkg/trust
diff options
context:
space:
mode:
authorMiloslav Trmač <mitr@redhat.com>2022-08-24 19:39:11 +0200
committerMiloslav Trmač <mitr@redhat.com>2022-08-25 01:50:43 +0200
commite2d1bdd1d8c10617818e5805330c54523580b647 (patch)
tree65911731b1d3ea8074fd2f32940fb10bbd40766b /pkg/trust
parentcbdbb025a3f6e6e5417cdade032075d679842056 (diff)
downloadpodman-e2d1bdd1d8c10617818e5805330c54523580b647.tar.gz
podman-e2d1bdd1d8c10617818e5805330c54523580b647.tar.bz2
podman-e2d1bdd1d8c10617818e5805330c54523580b647.zip
Improve validation of data in ImageEngine.SetTrust
- Also reject public keys with types that don't use them - Reject unknown trust types - And add unit tests Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Diffstat (limited to 'pkg/trust')
-rw-r--r--pkg/trust/policy.go18
-rw-r--r--pkg/trust/policy_test.go32
2 files changed, 47 insertions, 3 deletions
diff --git a/pkg/trust/policy.go b/pkg/trust/policy.go
index 352be781c..df4f49ff1 100644
--- a/pkg/trust/policy.go
+++ b/pkg/trust/policy.go
@@ -143,10 +143,22 @@ func AddPolicyEntries(policyPath string, input AddPolicyEntriesInput) error {
if trustType == "accept" {
trustType = "insecureAcceptAnything"
}
-
pubkeysfile := input.PubKeyFiles
- if len(pubkeysfile) == 0 && trustType == "signedBy" {
- return errors.New("at least one public key must be defined for type 'signedBy'")
+
+ // The error messages in validation failures use input.Type instead of trustType to match the user’s input.
+ switch trustType {
+ case "insecureAcceptAnything", "reject":
+ if len(pubkeysfile) != 0 {
+ return fmt.Errorf("%d public keys unexpectedly provided for trust type %v", len(pubkeysfile), input.Type)
+ }
+
+ case "signedBy":
+ if len(pubkeysfile) == 0 {
+ return errors.New("at least one public key must be defined for type 'signedBy'")
+ }
+
+ default:
+ return fmt.Errorf("unknown trust type %q", input.Type)
}
_, err := os.Stat(policyPath)
diff --git a/pkg/trust/policy_test.go b/pkg/trust/policy_test.go
index 1f2f585c8..c4781335f 100644
--- a/pkg/trust/policy_test.go
+++ b/pkg/trust/policy_test.go
@@ -25,6 +25,38 @@ func TestAddPolicyEntries(t *testing.T) {
err = os.WriteFile(policyPath, minimalPolicyJSON, 0600)
require.NoError(t, err)
+ // Invalid input:
+ for _, invalid := range []AddPolicyEntriesInput{
+ {
+ Scope: "default",
+ Type: "accept",
+ PubKeyFiles: []string{"/does-not-make-sense"},
+ },
+ {
+ Scope: "default",
+ Type: "insecureAcceptAnything",
+ PubKeyFiles: []string{"/does-not-make-sense"},
+ },
+ {
+ Scope: "default",
+ Type: "reject",
+ PubKeyFiles: []string{"/does-not-make-sense"},
+ },
+ {
+ Scope: "default",
+ Type: "signedBy",
+ PubKeyFiles: []string{}, // A key is missing
+ },
+ {
+ Scope: "default",
+ Type: "this-is-unknown",
+ PubKeyFiles: []string{},
+ },
+ } {
+ err := AddPolicyEntries(policyPath, invalid)
+ assert.Error(t, err, "%#v", invalid)
+ }
+
err = AddPolicyEntries(policyPath, AddPolicyEntriesInput{
Scope: "default",
Type: "reject",