Skip to content

Commit

Permalink
docs: Add comment for signature decoding (#380)
Browse files Browse the repository at this point in the history 
* update

Signed-off-by: laurentsimon <laurentsimon@google.com>

* Update verifiers/internal/gcb/provenance.go

Co-authored-by: asraa <asraa@google.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Signed-off-by: laurentsimon <laurentsimon@google.com>

Signed-off-by: laurentsimon <laurentsimon@google.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Co-authored-by: asraa <asraa@google.com>
  • Loading branch information
@laurentsimon @asraa
laurentsimon and asraa authored Dec 2, 2022
1 parent b6a9853 commit b9058c5
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions verifiers/internal/gcb/provenance.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -412,13 +412,19 @@ func (self *Provenance) VerifyVersionedTag(tag string) error {

func decodeSignature(s string) ([]byte, []error) {
var errs []error
// First try the std decoding.
rsig, err := base64.StdEncoding.DecodeString(s)
if err == nil {
// No error, return the value.
return rsig, nil
}
errs = append(errs, err)

// If std decoding failed, try URL decoding.
// We try both because we encountered decoding failures
// during our tests. The DSSE documentation does not prescribe
// which encoding to use: `Either standard or URL-safe encoding is allowed`.
// https://github.com/secure-systems-lab/dsse/blob/27ce241dec575998dee8967c3c76d4edd5d6ee73/envelope.md#standard-json-envelope.
rsig, err = base64.URLEncoding.DecodeString(s)
if err == nil {
// No error, return the value.
Expand Down

0 comments on commit b9058c5

Please sign in to comment.