...

Package verify

import "github.com/google/go-containerregistry/internal/verify"
Overview
Index

Overview ▾

Package verify provides a ReadCloser that verifies content matches the expected hash values.

Constants

SizeUnknown is a sentinel value to indicate that the expected size is not known.

const SizeUnknown = -1

func Descriptor

func Descriptor(d v1.Descriptor) error

Descriptor verifies that the embedded Data field matches the Size and Digest fields of the given v1.Descriptor, returning an error if the Data field is missing or if it contains incorrect data.

func ReadCloser

func ReadCloser(r io.ReadCloser, size int64, h v1.Hash) (io.ReadCloser, error)

ReadCloser wraps the given io.ReadCloser to verify that its contents match the provided v1.Hash before io.EOF is returned.

The reader will only be read up to size bytes, to prevent resource exhaustion. If EOF is returned before size bytes are read, an error is returned.

A size of SizeUnknown (-1) indicates disables size verification when the size is unknown ahead of time.

type Error

Error provides information about the failed hash verification.

type Error struct {
    // contains filtered or unexported fields
}

func (Error) Error

func (v Error) Error() string