Typo fix, remove log duplicate

houdini91 · houdini91 · commit bdb1aa5e5594 · 2021-12-02T13:28:33.000+02:00
Signed-off-by: houdini91 &lt;mdstrauss91@gmail.com&gt;
diff --git a/dsse/sign_test.go b/dsse/sign_test.go
@@ -108,7 +108,7 @@ func (n errsigner) Public() crypto.PublicKey {
 
 type errverifier int
 
-var errVerify = fmt.Errorf("Accepted signitures do not match threshold, Found: 0, Expected 1")
+var errVerify = fmt.Errorf("Accepted signatures do not match threshold, Found: 0, Expected 1")
 var errThreshold = fmt.Errorf("Invalid threshold")
 
 func (n errverifier) Sign(data []byte) ([]byte, error) {
diff --git a/dsse/verify.go b/dsse/verify.go
@@ -47,6 +47,7 @@ func (ev *envelopeVerifier) Verify(e *Envelope) ([]AcceptedKey, error) {
 	// If *any* signature is found to be incorrect, it is skipped
 	var acceptedKeys []AcceptedKey
 	usedKeyids := make(map[string]string)
+	unverified_providers := ev.providers
 	for _, s := range e.Signatures {
 		sig, err := b64Decode(s.Sig)
 		if err != nil {
@@ -57,7 +58,8 @@ func (ev *envelopeVerifier) Verify(e *Envelope) ([]AcceptedKey, error) {
 		// If provider and signature include key IDs but do not match skip.
 		// If a provider recognizes the key, we exit
 		// the loop and use the result.
-		for _, v := range ev.providers {
+		providers := unverified_providers
+		for i, v := range providers {
 			keyID, err := v.KeyID()
 
 			// Verifiers that do not provide a keyid will be generated one using public.
@@ -82,6 +84,7 @@ func (ev *envelopeVerifier) Verify(e *Envelope) ([]AcceptedKey, error) {
 				KeyID:  keyID,
 				Sig:    s,
 			}
+			unverified_providers = RemoveIndex(providers, i)
 
 			// See https://github.com/in-toto/in-toto/pull/251
 			if _, ok := usedKeyids[keyID]; ok {
@@ -133,3 +136,7 @@ func SHA256KeyID(pub crypto.PublicKey) (string, error) {
 	fingerprint := ssh.FingerprintSHA256(sshpk)
 	return fingerprint, nil
 }
+
+func RemoveIndex(v []Verifier, index int) []Verifier {
+	return append(v[:index], v[index+1:]...)
+}
