Signature verification refactor #1
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Meredith Lancaster <[email protected]>
…ficates Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
malancas
changed the title
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
malancas
commented
Dec 1, 2022
| @@ -375,3 +372,32 @@ func UnmarshalTestFixture(testPEMBlock string) TestFixture { | |||
|
|
|||
| return result | |||
| } | |||
|
|
|||
| type certChain struct { | |||
There was a problem hiding this comment.
This file contains testing helper functions used throughout other testing files, so I opted to add some new helper functions for the new verify work here. Happy to move them to verify_test.go as well.
Signed-off-by: Meredith Lancaster <[email protected]>
malancas
commented
Dec 1, 2022
| @@ -251,17 +285,6 @@ func verifyCertChain(ee *x509.Certificate, certs []*x509.Certificate, truststore | |||
| return | |||
| } | |||
|
|
|||
| // MessageDigestMismatchError is returned when the signer data digest does not | |||
There was a problem hiding this comment.
This error was moved to the top of the file alongside other errors for organization.
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
…erapper#2) * pass VerifyOptions instead of one cert pool Signed-off-by: Meredith Lancaster <[email protected]> * add eku usage to test Signed-off-by: Meredith Lancaster <[email protected]> * add new method for non breaking changes Signed-off-by: Meredith Lancaster <[email protected]> * add default EKU settings Signed-off-by: Meredith Lancaster <[email protected]> * verifySignatureAtTime should be used Signed-off-by: Meredith Lancaster <[email protected]> Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
* remove print statements made during testing Signed-off-by: Meredith Lancaster <[email protected]> * comment out use of more insecure algorithms Signed-off-by: Meredith Lancaster <[email protected]> * use GODEBUG so tests can run with sha1 algorithm Signed-off-by: Meredith Lancaster <[email protected]> * add sha1 algorithms back Signed-off-by: Meredith Lancaster <[email protected]> * update comment Signed-off-by: Meredith Lancaster <[email protected]> Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
Signed-off-by: Meredith Lancaster <[email protected]>
haydentherapper
force-pushed
the
master
branch
2 times, most recently
from
58824da
to
51331cc
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR refactors signature verification functions. It removes duplicated logic throughout
verify.go.Release Note
Documentation