diff --git a/manifest/schema1/manifest_test.go b/manifest/schema1/manifest_test.go index 16cedae3..7d0d382d 100644 --- a/manifest/schema1/manifest_test.go +++ b/manifest/schema1/manifest_test.go @@ -10,10 +10,10 @@ import ( ) type testEnv struct { - name, tag string - manifest *Manifest - signed *SignedManifest - pk libtrust.PrivateKey + name, tag string + invalidSigned *SignedManifest + signed *SignedManifest + pk libtrust.PrivateKey } func TestManifestMarshaling(t *testing.T) { @@ -42,6 +42,7 @@ func TestManifestUnmarshaling(t *testing.T) { if !reflect.DeepEqual(&signed, env.signed) { t.Fatalf("manifests are different after unmarshaling: %v != %v", signed, env.signed) } + } func TestManifestVerification(t *testing.T) { @@ -69,6 +70,12 @@ func TestManifestVerification(t *testing.T) { if !found { t.Fatalf("expected public key, %v, not found in verified keys: %v", publicKey, publicKeys) } + + // Check that an invalid manifest fails verification + _, err = Verify(env.invalidSigned) + if err != nil { + t.Fatalf("Invalid manifest should not pass Verify()") + } } func genEnv(t *testing.T) *testEnv { @@ -79,7 +86,7 @@ func genEnv(t *testing.T) *testEnv { name, tag := "foo/bar", "test" - m := Manifest{ + invalid := Manifest{ Versioned: SchemaVersion, Name: name, Tag: tag, @@ -93,16 +100,37 @@ func genEnv(t *testing.T) *testEnv { }, } - sm, err := Sign(&m, pk) + valid := Manifest{ + Versioned: SchemaVersion, + Name: name, + Tag: tag, + FSLayers: []FSLayer{ + { + BlobSum: "asdf", + }, + }, + History: []History{ + { + V1Compatibility: "", + }, + }, + } + + sm, err := Sign(&valid, pk) + if err != nil { + t.Fatalf("error signing manifest: %v", err) + } + + invalidSigned, err := Sign(&invalid, pk) if err != nil { t.Fatalf("error signing manifest: %v", err) } return &testEnv{ - name: name, - tag: tag, - manifest: &m, - signed: sm, - pk: pk, + name: name, + tag: tag, + invalidSigned: invalidSigned, + signed: sm, + pk: pk, } } diff --git a/notifications/listener_test.go b/notifications/listener_test.go index e4fa79e0..04dae118 100644 --- a/notifications/listener_test.go +++ b/notifications/listener_test.go @@ -131,6 +131,9 @@ func checkExerciseRepository(t *testing.T, repository distribution.Repository) { m.FSLayers = append(m.FSLayers, schema1.FSLayer{ BlobSum: dgst, }) + m.History = append(m.History, schema1.History{ + V1Compatibility: "", + }) // Then fetch the blobs if rc, err := blobs.Open(ctx, dgst); err != nil { diff --git a/registry/handlers/api_test.go b/registry/handlers/api_test.go index c5683dfa..7f52d13d 100644 --- a/registry/handlers/api_test.go +++ b/registry/handlers/api_test.go @@ -804,6 +804,14 @@ func testManifestAPI(t *testing.T, env *testEnv, args manifestArgs) (*testEnv, m BlobSum: "qwer", }, }, + History: []schema1.History{ + { + V1Compatibility: "", + }, + { + V1Compatibility: "", + }, + }, } resp = putManifest(t, "putting unsigned manifest", manifestURL, unsignedManifest) @@ -999,6 +1007,19 @@ func testManifestAPI(t *testing.T, env *testEnv, args manifestArgs) (*testEnv, m t.Fatalf("tag not as expected: %q != %q", tagsResponse.Tags[0], tag) } + // Attempt to put a manifest with mismatching FSLayer and History array cardinalities + + unsignedManifest.History = append(unsignedManifest.History, schema1.History{ + V1Compatibility: "", + }) + invalidSigned, err := schema1.Sign(unsignedManifest, env.pk) + if err != nil { + t.Fatalf("error signing manifest") + } + + resp = putManifest(t, "putting invalid signed manifest", manifestDigestURL, invalidSigned) + checkResponse(t, "putting invalid signed manifest", resp, http.StatusBadRequest) + return env, args } @@ -1432,8 +1453,10 @@ func createRepository(env *testEnv, t *testing.T, imageName string, tag string) { BlobSum: "asdf", }, + }, + History: []schema1.History{ { - BlobSum: "qwer", + V1Compatibility: "", }, }, } @@ -1499,6 +1522,7 @@ func TestRegistryAsCacheMutationAPIs(t *testing.T) { Name: imageName, Tag: tag, FSLayers: []schema1.FSLayer{}, + History: []schema1.History{}, } sm, err := schema1.Sign(m, env.pk) diff --git a/registry/storage/manifeststore.go b/registry/storage/manifeststore.go index db49aaa4..d161fb5a 100644 --- a/registry/storage/manifeststore.go +++ b/registry/storage/manifeststore.go @@ -110,6 +110,11 @@ func (ms *manifestStore) verifyManifest(ctx context.Context, mnfst *schema1.Sign errs = append(errs, fmt.Errorf("repository name does not match manifest name")) } + if len(mnfst.History) != len(mnfst.FSLayers) { + errs = append(errs, fmt.Errorf("mismatched history and fslayer cardinality %d != %d", + len(mnfst.History), len(mnfst.FSLayers))) + } + if _, err := schema1.Verify(mnfst); err != nil { switch err { case libtrust.ErrMissingSignatureKey, libtrust.ErrInvalidJSONContent, libtrust.ErrMissingSignatureKey: diff --git a/registry/storage/manifeststore_test.go b/registry/storage/manifeststore_test.go index 30126e4b..51370e17 100644 --- a/registry/storage/manifeststore_test.go +++ b/registry/storage/manifeststore_test.go @@ -98,6 +98,10 @@ func TestManifestStorage(t *testing.T) { m.FSLayers = append(m.FSLayers, schema1.FSLayer{ BlobSum: dgst, }) + m.History = append(m.History, schema1.History{ + V1Compatibility: "", + }) + } pk, err := libtrust.GenerateECP256PrivateKey()