-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Signature verification refactor #1
Signature verification refactor #1
Conversation
Signed-off-by: Meredith Lancaster <[email protected]>
…ficates Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
@@ -375,3 +372,32 @@ func UnmarshalTestFixture(testPEMBlock string) TestFixture { | |||
|
|||
return result | |||
} | |||
|
|||
type certChain struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file contains testing helper functions used throughout other testing files, so I opted to add some new helper functions for the new verify work here. Happy to move them to verify_test.go
as well.
Signed-off-by: Meredith Lancaster <[email protected]>
@@ -251,17 +285,6 @@ func verifyCertChain(ee *x509.Certificate, certs []*x509.Certificate, truststore | |||
return | |||
} | |||
|
|||
// MessageDigestMismatchError is returned when the signer data digest does not |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This error was moved to the top of the file alongside other errors for organization.
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
…erapper#2) * pass VerifyOptions instead of one cert pool Signed-off-by: Meredith Lancaster <[email protected]> * add eku usage to test Signed-off-by: Meredith Lancaster <[email protected]> * add new method for non breaking changes Signed-off-by: Meredith Lancaster <[email protected]> * add default EKU settings Signed-off-by: Meredith Lancaster <[email protected]> * verifySignatureAtTime should be used Signed-off-by: Meredith Lancaster <[email protected]> Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
* remove print statements made during testing Signed-off-by: Meredith Lancaster <[email protected]> * comment out use of more insecure algorithms Signed-off-by: Meredith Lancaster <[email protected]> * use GODEBUG so tests can run with sha1 algorithm Signed-off-by: Meredith Lancaster <[email protected]> * add sha1 algorithms back Signed-off-by: Meredith Lancaster <[email protected]> * update comment Signed-off-by: Meredith Lancaster <[email protected]> Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
58824da
to
51331cc
Compare
Summary
This PR refactors signature verification functions. It removes duplicated logic throughout
verify.go
.Release Note
Documentation