-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: timestamping #243
fix: timestamping #243
Conversation
Signed-off-by: Patrick Zheng <[email protected]>
Signed-off-by: Patrick Zheng <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #243 +/- ##
==========================================
- Coverage 91.81% 91.79% -0.03%
==========================================
Files 30 30
Lines 2616 2607 -9
==========================================
- Hits 2402 2393 -9
Misses 163 163
Partials 51 51 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Signed-off-by: Patrick Zheng <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Is this true for verification ? |
This PR is for signing only. We will have another PR for verification in notation-go once this PR gets merged. @priteshbandi |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Due to implementation needs, we must provide a
time.Time
when verifying TSA certificate chain validity after signing. Originally, this time value was taken from the timestamp countersignature envelope itself.This PR switches to use the
current time
when verifying TSA certificate chain validity since the tsa cert chain is expected to be valid during signing.