Repository: mesos
Updated Branches:
  refs/heads/master 3b6f1458b -> 3140aafea


Fixed docker v2 image manifest protobuf definition.

Previously, the protobuf definition for docker v2 image manifest
is not correct. Some proto fields should not be 'required'. E.g.,
when using the private docker registry from JFrog, the 'kid' (the
key ID) may not exist in the JWK from the manifest signature.

Depending on this reference:
https://tools.ietf.org/html/rfc7517#section-4.5

'kid' should be OPTIONAL.

This patch re-inspects the specification of JWS and JWK, and
fixed the wrong defined protobuf fields.

Review: https://reviews.apache.org/r/52847/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/3140aafe
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/3140aafe
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/3140aafe

Branch: refs/heads/master
Commit: 3140aafea4187026fadff0124ca83989f100581f
Parents: 3b6f145
Author: Gilbert Song <songzihao1...@gmail.com>
Authored: Thu Oct 13 20:41:40 2016 -0700
Committer: Jie Yu <yujie....@gmail.com>
Committed: Thu Oct 13 20:41:40 2016 -0700

----------------------------------------------------------------------
 include/mesos/docker/v2.proto | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/3140aafe/include/mesos/docker/v2.proto
----------------------------------------------------------------------
diff --git a/include/mesos/docker/v2.proto b/include/mesos/docker/v2.proto
index e2c0a13..9b5bfb5 100644
--- a/include/mesos/docker/v2.proto
+++ b/include/mesos/docker/v2.proto
@@ -47,20 +47,22 @@ message ImageManifest {
 
   message Signature {
 
-    //JOSE (A JSON Web Signature).
+    // The JSON Web Signature. For more detail please see:
+    // http://self-issued.info/docs/draft-ietf-jose-json-web-signature.html
     message Header {
 
-      //JSON Web Key.
+      // The JSON Web Key. For more detail please see:
+      // https://tools.ietf.org/html/rfc7517 for more
       message Jwk {
-        required string crv = 1;
-        required string kid = 2;
-        required string kty = 3;
-        required string x = 4;
-        required string y = 5;
+        optional string crv = 1;    // The cryptographic curve.
+        optional string kid = 2;    // The key ID. OPTIONAL.
+        required string kty = 3;    // The key type. MUST be present in a JWK.
+        optional string x = 4;      // The base64url-encoded x coordinate.
+        optional string y = 5;      // The base64url-encoded y coordinate.
       }
 
-      optional Jwk jwk = 1;
-      required string alg = 2;
+      optional Jwk jwk = 1;         // The JSON Web Key. OPTIONAL.
+      required string alg = 2;      // The algorithm. MUST be present.
     }
 
     required Header header = 1;

Reply via email to