Skip to content

Commit

Permalink
make arg unused
Browse files Browse the repository at this point in the history
Signed-off-by: Asra Ali <asraa@google.com>
  • Loading branch information
asraa committed Oct 20, 2022
1 parent b45a4f3 commit 60d3122
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 11 deletions.
4 changes: 2 additions & 2 deletions cmd/cosign/cli/verify/verify_blob.go
Original file line number Diff line number Diff line change
Expand Up @@ -364,7 +364,7 @@ func verifyBlob(ctx context.Context, co *cosign.CheckOpts,
fallthrough
// We are provided a log entry, possibly from above, or search.
case e != nil:
if err := cosign.VerifyTLogEntry(ctx, e); err != nil {
if err := cosign.VerifyTLogEntry(ctx, nil, e); err != nil {
return err
}

Expand Down Expand Up @@ -488,7 +488,7 @@ func verifyRekorBundle(ctx context.Context, bundle *bundle.RekorBundle,
return nil, err
}

publicKeys, err := cosign.GetRekorPubs(ctx)
publicKeys, err := cosign.GetRekorPubs(ctx, nil)
if err != nil {
return nil, fmt.Errorf("retrieving rekor public key: %w", err)
}
Expand Down
11 changes: 5 additions & 6 deletions pkg/cosign/tlog.go
Original file line number Diff line number Diff line change
Expand Up @@ -88,12 +88,10 @@ func intotoEntry(ctx context.Context, signature, pubKey []byte) (models.Proposed

// GetRekorPubs retrieves trusted Rekor public keys from the embedded or cached
// TUF root. If expired, makes a network call to retrieve the updated targets.
// A Rekor client may optionally be provided in case using SIGSTORE_TRUST_REKOR_API_PUBLIC_KEY
// (see below).
// There are two Env variable that can be used to override this behaviour:
// SIGSTORE_REKOR_PUBLIC_KEY - If specified, location of the file that contains
// the Rekor Public Key on local filesystem
func GetRekorPubs(ctx context.Context) (map[string]RekorPubKey, error) {
func GetRekorPubs(ctx context.Context, _ *client.Rekor) (map[string]RekorPubKey, error) {
publicKeys := make(map[string]RekorPubKey)
altRekorPub := env.Getenv(env.VariableSigstoreRekorPublicKey)

Expand Down Expand Up @@ -176,7 +174,7 @@ func doUpload(ctx context.Context, rekorClient *client.Rekor, pe models.Proposed
if err != nil {
return nil, err
}
return e, VerifyTLogEntry(ctx, e)
return e, VerifyTLogEntry(ctx, nil, e)
}
return nil, err
}
Expand Down Expand Up @@ -405,7 +403,8 @@ func FindTLogEntriesByPayload(ctx context.Context, rekorClient *client.Rekor, pa
}

// VerityTLogEntry verifies a TLog entry.
func VerifyTLogEntry(ctx context.Context, e *models.LogEntryAnon) error {
// The argument *client.Rekor is unused and may be nil.
func VerifyTLogEntry(ctx context.Context, _ *client.Rekor, e *models.LogEntryAnon) error {
if e.Verification == nil || e.Verification.InclusionProof == nil {
return errors.New("inclusion proof not provided")
}
Expand Down Expand Up @@ -437,7 +436,7 @@ func VerifyTLogEntry(ctx context.Context, e *models.LogEntryAnon) error {
LogID: *e.LogID,
}

rekorPubKeys, err := GetRekorPubs(ctx)
rekorPubKeys, err := GetRekorPubs(ctx, nil)
if err != nil {
return fmt.Errorf("unable to fetch Rekor public keys: %w", err)
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/cosign/tlog_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import (
)

func TestGetRekorPubKeys(t *testing.T) {
keys, err := GetRekorPubs(context.Background())
keys, err := GetRekorPubs(context.Background(), nil)
if err != nil {
t.Errorf("Unexpected error calling GetRekorPubs, expected nil: %v", err)
}
Expand Down
4 changes: 2 additions & 2 deletions pkg/cosign/verify.go
Original file line number Diff line number Diff line change
Expand Up @@ -447,7 +447,7 @@ func tlogValidateEntry(ctx context.Context, client *client.Rekor, sig oci.Signat
entryVerificationErrs := make([]string, 0)
for _, e := range tlogEntries {
entry := e
if err := VerifyTLogEntry(ctx, &entry); err != nil {
if err := VerifyTLogEntry(ctx, nil, &entry); err != nil {
entryVerificationErrs = append(entryVerificationErrs, err.Error())
continue
}
Expand Down Expand Up @@ -885,7 +885,7 @@ func VerifyBundle(ctx context.Context, sig oci.Signature, rekorClient *client.Re
return false, err
}

publicKeys, err := GetRekorPubs(ctx)
publicKeys, err := GetRekorPubs(ctx, nil)
if err != nil {
return false, fmt.Errorf("retrieving rekor public key: %w", err)
}
Expand Down

0 comments on commit 60d3122

Please sign in to comment.