Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: timestamping #243

Merged
merged 4 commits into from
Nov 12, 2024
Merged

fix: timestamping #243

merged 4 commits into from
Nov 12, 2024

Conversation

Two-Hearts
Copy link
Contributor

@Two-Hearts Two-Hearts commented Nov 5, 2024

Due to implementation needs, we must provide a time.Time when verifying TSA certificate chain validity after signing. Originally, this time value was taken from the timestamp countersignature envelope itself.
This PR switches to use the current time when verifying TSA certificate chain validity since the tsa cert chain is expected to be valid during signing.

Signed-off-by: Patrick Zheng <[email protected]>
Signed-off-by: Patrick Zheng <[email protected]>
Copy link

codecov bot commented Nov 5, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 91.79%. Comparing base (49a6aaa) to head (8ba314a).
Report is 1 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #243      +/-   ##
==========================================
- Coverage   91.81%   91.79%   -0.03%     
==========================================
  Files          30       30              
  Lines        2616     2607       -9     
==========================================
- Hits         2402     2393       -9     
  Misses        163      163              
  Partials       51       51              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

JeyJeyGao
JeyJeyGao previously approved these changes Nov 6, 2024
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

internal/timestamp/timestamp.go Outdated Show resolved Hide resolved
Signed-off-by: Patrick Zheng <[email protected]>
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@priteshbandi
Copy link
Contributor

This PR switches to use the current time when verifying TSA certificate chain validity since the tsa cert chain is expected to be valid during signing.

Is this true for verification ?

@Two-Hearts
Copy link
Contributor Author

Two-Hearts commented Nov 7, 2024

Is this true for verification ?

This PR is for signing only. We will have another PR for verification in notation-go once this PR gets merged. @priteshbandi

Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Two-Hearts Two-Hearts merged commit 33af15a into notaryproject:main Nov 12, 2024
9 checks passed
@Two-Hearts Two-Hearts deleted the timestamp branch November 12, 2024 00:12
@Two-Hearts Two-Hearts mentioned this pull request Dec 6, 2024
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants