Skip to content

Commit

Permalink
BUG: verifyX509Time should return the verifier even if the verify f…
Browse files Browse the repository at this point in the history 
…ails (we want to get information about it later) (#247)

this function should return the verifier because we want to know which
verifier returned the error

Signed-off-by: chaosinthecrd <[email protected]>
  • Loading branch information
@ChaosInTheCRD
ChaosInTheCRD authored May 14, 2024
1 parent c49ee39 commit 777497a
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 5 deletions.
2 changes: 1 addition & 1 deletion dsse/dsse.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ func (e ErrNoMatchingSigs) Error() string {
if v.Error != nil {
kid, err := v.Verifier.KeyID()
if err != nil {
log.Warn("failed to get key id from verifier: %v", err)
log.Warnf("failed to get key id from verifier: %w", err)
}

s := fmt.Sprintf(" %s: %v\n", kid, v.Error)
Expand Down
6 changes: 2 additions & 4 deletions dsse/verify.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,9 +197,7 @@ func verifyX509Time(cert *x509.Certificate, sigIntermediates, roots []*x509.Cert
return nil, err
}

if err := verifier.Verify(bytes.NewReader(pae), sig); err != nil {
return nil, err
}
err = verifier.Verify(bytes.NewReader(pae), sig)

return verifier, nil
return verifier, err
}

0 comments on commit 777497a

Please sign in to comment.