Skip to content

fix: change timestamp validation to return new required info fields #1191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Jul 9, 2025
Merged

fix: change timestamp validation to return new required info fields #1191

merged 12 commits into from
Jul 9, 2025

Conversation

@mauricefisher64
Copy link
Collaborator

@mauricefisher64 mauricefisher64 commented Jun 25, 2025
edited
Loading

Changes in this pull request

Log info for every timestamp error
Timestamp must be validated against Timestamp trust before using
Support intermediate certs trust anchors for OpenSSL path
Support separate trust list reporting
Fix for upcoming spec change to disallow empty algorithm value in a Claim
Dump name of cert that was validated

Checklist

  • This PR represents a single feature, fix, or change.
  • All applicable changes have been documented.
  • Any TO DO items (or similar) have been entered as GitHub issues and the link to that issue has been included in a comment.

@mauricefisher64
Fix timestamp validation to match spec
5c20b6c 
Timestamp must be validated before using for validation
Timestamp trust list checks
Support intermediate certs trust anchors for OpenSSL path
Support separate trust list
Fix for upcoming spec change to disallow empty algorithm value in a Claim
@codecov
Copy link

codecov bot commented Jun 25, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 72.86432% with 216 lines in your changes missing coverage. Please review.

Project coverage is 79.09%. Comparing base (2ab141d) to head (8ae5bfe).
Report is 4 commits behind head on main.

Files with missing lines Patch % Lines
sdk/src/crypto/time_stamp/verify.rs 47.30% 166 Missing ⚠️
...entity/claim_aggregation/ica_signature_verifier.rs 69.04% 13 Missing ⚠️
sdk/src/claim.rs 70.27% 11 Missing ⚠️
sdk/src/crypto/cose/ocsp.rs 74.28% 9 Missing ⚠️
sdk/src/crypto/time_stamp/response.rs 73.33% 8 Missing ⚠️
sdk/src/crypto/cose/certificate_trust_policy.rs 98.44% 2 Missing ⚠️
sdk/src/crypto/ocsp/mod.rs 96.66% 2 Missing ⚠️
sdk/src/crypto/time_stamp/http_request.rs 60.00% 2 Missing ⚠️
sdk/src/store.rs 95.34% 2 Missing ⚠️
sdk/src/reader.rs 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1191      +/-   ##
==========================================
- Coverage   79.57%   79.09%   -0.48%     
==========================================
  Files         147      147              
  Lines       40551    41009     +458     
==========================================
+ Hits        32268    32438     +170     
- Misses       8283     8571     +288

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@tmathern
Copy link
Contributor

Short note and link - The checks on the PR for clippy are failing due to new enforced clippy rules after the Rust update.
Fixes are in the PR #1193 (targets that branch).

@mauricefisher64 mauricefisher64 linked an issue Jul 7, 2025 that may be closed by this pull request
Support 2.2 TimeStamp logging & timestamp trust support #1206
Closed
gpeacock
gpeacock approved these changes Jul 8, 2025
View reviewed changes
Copy link
Collaborator

@gpeacock gpeacock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a couple of comments and an idea for better logging context.

@mauricefisher64 mauricefisher64 merged commit d1d3e50 into main Jul 9, 2025
36 of 38 checks passed
@mauricefisher64 mauricefisher64 deleted the crypto_fixes branch July 9, 2025 12:55
@caiopensrc caiopensrc mentioned this pull request Jul 9, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gpeacock gpeacock gpeacock approved these changes

@ok-nick ok-nick Awaiting requested review from ok-nick

@tmathern tmathern Awaiting requested review from tmathern

@scouten-adobe scouten-adobe Awaiting requested review from scouten-adobe

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support 2.2 TimeStamp logging & timestamp trust support

3 participants

@mauricefisher64 @tmathern @gpeacock