func (r *Repo) verifySignature(name string, db *keys.DB) error {
s, err := r.signedMeta(name)
if err != nil {
return err
}
role := strings.TrimSuffix(name, ".json")
if err := signed.Verify(s, role, 0, db); err != nil {
return ErrInsufficientSignatures{name, err}
}
return nil
}
// getLocalMeta decodes and verifies metadata from local storage.
//
// The verification of local files is purely for consistency, if an attacker
// has compromised the local storage, there is no guarantee it can be trusted.
func (c *Client) getLocalMeta() error {
meta, err := c.local.GetMeta()
if err != nil {
return err
}
if rootJSON, ok := meta["root.json"]; ok {
// unmarshal root.json without verifying as we need the root
// keys first
s := &data.Signed{}
if err := json.Unmarshal(rootJSON, s); err != nil {
return err
}
root := &data.Root{}
if err := json.Unmarshal(s.Signed, root); err != nil {
return err
}
db := keys.NewDB()
for id, k := range root.Keys {
if err := db.AddKey(id, k); err != nil {
return err
}
}
for name, role := range root.Roles {
if err := db.AddRole(name, role); err != nil {
return err
}
}
if err := signed.Verify(s, "root", 0, db); err != nil {
return err
}
c.consistentSnapshot = root.ConsistentSnapshot
c.db = db
} else {
return ErrNoRootKeys
}
if snapshotJSON, ok := meta["snapshot.json"]; ok {
snapshot := &data.Snapshot{}
if err := signed.UnmarshalTrusted(snapshotJSON, snapshot, "snapshot", c.db); err != nil {
return err
}
c.snapshotVer = snapshot.Version
}
if targetsJSON, ok := meta["targets.json"]; ok {
targets := &data.Targets{}
if err := signed.UnmarshalTrusted(targetsJSON, targets, "targets", c.db); err != nil {
return err
}
c.targetsVer = targets.Version
c.targets = targets.Targets
}
if timestampJSON, ok := meta["timestamp.json"]; ok {
timestamp := &data.Timestamp{}
if err := signed.UnmarshalTrusted(timestampJSON, timestamp, "timestamp", c.db); err != nil {
return err
}
c.timestampVer = timestamp.Version
}
c.localMeta = meta
return nil
}
