Skip to content

_internal/fulcio: refactor SCT model #94

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
May 19, 2022
Merged

_internal/fulcio: refactor SCT model #94

merged 5 commits into from
May 19, 2022

Conversation

woodruffw
Copy link
Member

This replaces FulcioSignedCertificateTimestamp with FulcioSCT,
which inherits from pydantic.BaseModel and uses pydantic's
verification APIs instead of doing all verification ad-hoc in
the constructor.

The relationship to cryptography.x509.SignedCertificateTimestamp
is maintained via virtual subclassing.

This should make testing detached SCTs much easier. Marking as a draft until I add some corresponding tests.

Signed-off-by: William Woodruff [email protected]

@woodruffw
_internal/fulcio: refactor SCT model
6fbecba 
This replaces `FulcioSignedCertificateTimestamp` with `FulcioSCT`,
which inherits from `pydantic.BaseModel` and uses pydantic's
verification APIs instead of doing all verification ad-hoc in
the constructor.

The relationship to `cryptography.x509.SignedCertificateTimestamp`
is maintained via virtual subclassing.

Signed-off-by: William Woodruff <[email protected]>
@woodruffw woodruffw added component:signing Core signing functionality refactoring Refactoring tasks. labels May 18, 2022
@woodruffw woodruffw requested review from di and tetsuo-cpp May 18, 2022 16:36
@woodruffw woodruffw self-assigned this May 18, 2022
@woodruffw woodruffw marked this pull request as draft May 18, 2022 16:37
woodruffw
woodruffw commented May 18, 2022
View reviewed changes
woodruffw
woodruffw commented May 18, 2022
View reviewed changes
@woodruffw woodruffw marked this pull request as ready for review May 18, 2022 19:18
di
di reviewed May 19, 2022
View reviewed changes
di
di previously approved these changes May 19, 2022
View reviewed changes
Copy link
Member

@di di left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM assuming comments are resolved.

woodruffw added 2 commits May 19, 2022 11:57
@woodruffw
sigstore: remove raw_timestamp
b8061c7 
We're able to get this fidelity with the round-trip, after all.

Signed-off-by: William Woodruff <[email protected]>
@woodruffw
test: fulcio: test constructors more thoroughly
95f860e 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw woodruffw requested a review from di May 19, 2022 16:07
@woodruffw woodruffw merged commit 57da099 into main May 19, 2022
@woodruffw woodruffw deleted the ww/pydantic-sct-model branch May 19, 2022 16:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@di di di approved these changes

@tetsuo-cpp tetsuo-cpp Awaiting requested review from tetsuo-cpp

Assignees

@woodruffw woodruffw

Labels
component:signing Core signing functionality refactoring Refactoring tasks.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@woodruffw @di