Skip to content

Add failure cases for checkpoints #139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
woodruffw merged 1 commit into from
Mar 20, 2024
Merged

Add failure cases for checkpoints #139

woodruffw merged 1 commit into from
Mar 20, 2024

Conversation

@loosebazooka
Copy link
Member

@loosebazooka loosebazooka commented Mar 20, 2024

a.txt.checkpoint_bad_keyhint.sigstore
modify the first base64 character of the signature, to affect the keyhint for that signature line

a.txt.checkpoint_invalid_signature.sigstore
modify the signature so it no longer validates

a.txt.checkpoint_wrong_roothash.txt
replace the checkpoint with an otherwise valid checkpoint from another bundle (from the same log instance)

This should catch any client not verifying a checkpoint from a bundle. (like sigstore-java was)

@loosebazooka
Add failure cases for checkpoints
34e3361 
a.txt.checkpoint_bad_keyhint.sigstore
modify the first base64 character of the signature, to affect
the keyhint for that signature line

a.txt.checkpoint_invalid_signature.sigstore
modify the signature so it no longer validates

a.txt.checkpoint_wrong_roothash.txt
replace the checkpoint with an otherwise valid checkpoint
from another bundle (from the same log instance)

Signed-off-by: Appu Goundan <appu@google.com>
@loosebazooka loosebazooka requested a review from woodruffw March 20, 2024 15:14
@loosebazooka
Copy link
Member Author

loosebazooka commented Mar 20, 2024

@william since we were talking about this on slack.

@woodruffw
Copy link
Member

woodruffw commented Mar 20, 2024

Thanks @loosebazooka! Looking today. FYI @william is not me 😉

@loosebazooka
Copy link
Member Author

loosebazooka commented Mar 20, 2024

loool, poor @william I'm sorry. I don't why auto-fill did this to them.

@loosebazooka loosebazooka mentioned this pull request Mar 20, 2024
Merged
woodruffw
woodruffw approved these changes Mar 20, 2024
View reviewed changes
Copy link
Member

@woodruffw woodruffw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @loosebazooka, looks great!

@woodruffw woodruffw merged commit 0a0196b into main Mar 20, 2024
@woodruffw woodruffw deleted the checkpoint-tests branch March 20, 2024 20:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@woodruffw woodruffw woodruffw approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@loosebazooka @woodruffw