github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Wrap creation of CryptoConfig in constructors

Browse Source 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This commit is contained in:
Stefan Berger
2019-07-23 19:00:34 -04:00
parent f7761411b8
commit 364de4c35d
5 changed files with 32 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
images/encryption/encryption.go
View File

@@ -415,15 +415,13 @@ func DecryptImage(ctx context.Context, cs content.Store, desc ocispec.Descriptor
// It takes decrypting of the layers only as far as decrypting the asymmetrically encrypted data
// The decryption is only done for the current platform
func CheckAuthorization(ctx context.Context, cs content.Store, desc ocispec.Descriptor, dc *encconfig.DecryptConfig) error {
cc := encconfig.CryptoConfig{
DecryptConfig: dc,
}
cc := encconfig.InitDecryption(dc.Parameters)
lf := func(desc ocispec.Descriptor) bool {
return true
}
_, _, err := cryptImage(ctx, cs, desc, &cc, lf, cryptoOpUnwrapOnly)
_, _, err := cryptImage(ctx, cs, desc, cc, lf, cryptoOpUnwrapOnly)
if err != nil {
return errors.Wrapf(err, "you are not authorized to use this image")
}