Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add failure cases for checkpoints #139

Merged
merged 1 commit into from
Mar 20, 2024
Merged

Add failure cases for checkpoints #139

merged 1 commit into from
Mar 20, 2024

Conversation

loosebazooka
Copy link
Member

a.txt.checkpoint_bad_keyhint.sigstore
modify the first base64 character of the signature, to affect the keyhint for that signature line

a.txt.checkpoint_invalid_signature.sigstore
modify the signature so it no longer validates

a.txt.checkpoint_wrong_roothash.txt
replace the checkpoint with an otherwise valid checkpoint from another bundle (from the same log instance)

This should catch any client not verifying a checkpoint from a bundle. (like sigstore-java was)

@loosebazooka
Add failure cases for checkpoints
34e3361 
a.txt.checkpoint_bad_keyhint.sigstore
modify the first base64 character of the signature, to affect
the keyhint for that signature line

a.txt.checkpoint_invalid_signature.sigstore
modify the signature so it no longer validates

a.txt.checkpoint_wrong_roothash.txt
replace the checkpoint with an otherwise valid checkpoint
from another bundle (from the same log instance)

Signed-off-by: Appu Goundan <appu@google.com>
@loosebazooka loosebazooka requested a review from woodruffw March 20, 2024 15:14
@loosebazooka
Copy link
Member Author

@william since we were talking about this on slack.

@woodruffw
Copy link
Member

Thanks @loosebazooka! Looking today. FYI @william is not me 😉

@loosebazooka
Copy link
Member Author

loool, poor @william I'm sorry. I don't why auto-fill did this to them.

@loosebazooka loosebazooka mentioned this pull request Mar 20, 2024
Merged
woodruffw
woodruffw approved these changes Mar 20, 2024
View reviewed changes
Copy link
Member

@woodruffw woodruffw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @loosebazooka, looks great!

@woodruffw woodruffw merged commit 0a0196b into main Mar 20, 2024
5 checks passed
@woodruffw woodruffw deleted the checkpoint-tests branch March 20, 2024 20:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@woodruffw woodruffw woodruffw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@loosebazooka @woodruffw