Meredith Lancaster
|
2137a483de
|
include alg with digest when fetching bundles from OCI
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-12-05 09:27:14 -07:00 |
|
Meredith Lancaster
|
f92d703554
|
pr feedback
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-21 15:40:15 -07:00 |
|
Meredith Lancaster
|
0fd09eb5ff
|
pr feedback
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-21 15:30:41 -07:00 |
|
Meredith Lancaster
|
2d41225dd5
|
pr feedback
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-21 09:11:18 -07:00 |
|
Meredith Lancaster
|
7a271b008a
|
undo change
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-21 08:58:23 -07:00 |
|
Meredith Lancaster
|
4d277df559
|
add more testing testing fixtures
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-21 08:43:21 -07:00 |
|
Meredith Lancaster
|
f48e6b56e3
|
verify cert extensions function should return filtered result list
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-19 14:38:28 -07:00 |
|
Meredith Lancaster
|
63f37eb369
|
pr feedback
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-18 08:24:25 -07:00 |
|
Meredith Lancaster
|
762e99d151
|
fix function param calls
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-18 08:19:07 -07:00 |
|
Meredith Lancaster
|
c518a3b1f5
|
Update pkg/cmd/attestation/verification/extensions.go
Co-authored-by: Phill MV <phillmv@github.com>
|
2024-11-18 08:18:04 -07:00 |
|
Meredith Lancaster
|
e4cd729a7b
|
simplify verifyCertExtensions
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-07 14:59:21 -07:00 |
|
Meredith Lancaster
|
8ab5f247af
|
rename type
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-07 14:47:53 -07:00 |
|
Meredith Lancaster
|
ff9b6bb883
|
refactor fetch attestations funcs
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-07 14:39:11 -07:00 |
|
Meredith Lancaster
|
0665fb4916
|
comments
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-06 09:45:42 -07:00 |
|
Meredith Lancaster
|
b65c942e1f
|
update verification slice building
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-06 09:45:03 -07:00 |
|
Meredith Lancaster
|
eae3b5baec
|
Merge branch 'trunk' into verify-attestation-monotonic-tests
|
2024-11-06 09:41:33 -07:00 |
|
Meredith Lancaster
|
ffc499110d
|
Merge branch 'trunk' into verify-attestation-monotonic-tests
|
2024-11-06 08:08:40 -07:00 |
|
Meredith Lancaster
|
f376ac1a2c
|
Merge branch 'trunk' into simplify-sigstore-verify-result-handling
|
2024-11-06 07:59:23 -07:00 |
|
Meredith Lancaster
|
b9c9f0acc2
|
move comment
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-04 07:35:42 -07:00 |
|
Meredith Lancaster
|
a5eca00d0d
|
remove emtpy string checks
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-11-01 08:20:32 -06:00 |
|
Meredith Lancaster
|
a7a70fc91c
|
check for SAN and SANRegex
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 16:59:25 -06:00 |
|
Meredith Lancaster
|
50cda0df44
|
add Valid method for EnforcementCriteria
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 16:56:49 -06:00 |
|
Meredith Lancaster
|
8336f797ad
|
use sigstore-go certificate.Summary type for criteria
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 16:27:21 -06:00 |
|
Meredith Lancaster
|
a81cb730fc
|
update VerifyCertExtensions args
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 16:14:28 -06:00 |
|
Meredith Lancaster
|
e6d0a067e6
|
Update pkg/cmd/attestation/verification/extensions.go
Co-authored-by: Phill MV <phillmv@github.com>
|
2024-10-31 16:09:45 -06:00 |
|
Meredith Lancaster
|
6f4b5ddc40
|
remove artifact from EnforcementCriteria
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 16:07:25 -06:00 |
|
Meredith Lancaster
|
23374d8c62
|
undo sigstore verify result handling changes for now
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 12:49:01 -06:00 |
|
Meredith Lancaster
|
4bd46334ff
|
return the last verification error for now
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 12:38:37 -06:00 |
|
Meredith Lancaster
|
56731c9b70
|
remove unneeded result handling struct
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 12:26:06 -06:00 |
|
Meredith Lancaster
|
26e04932f2
|
split out individual sigstore verification
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 11:59:32 -06:00 |
|
Meredith Lancaster
|
3e90628abb
|
add test for sigstore monotonic verification
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 11:23:15 -06:00 |
|
Meredith Lancaster
|
d29a4a751a
|
update extension verification logic
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 10:44:36 -06:00 |
|
Meredith Lancaster
|
97262d8ce7
|
add test case for monotonic verification success
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 10:25:45 -06:00 |
|
Meredith Lancaster
|
01f63c5cc3
|
clean up unneeded struct
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-31 10:08:05 -06:00 |
|
Meredith Lancaster
|
bb0dcd9db4
|
fix wrong field settings
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-30 17:19:15 -06:00 |
|
Meredith Lancaster
|
318bd90356
|
update extensions tests
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-30 16:21:15 -06:00 |
|
Meredith Lancaster
|
bf4f04f797
|
Merge branch 'trunk' into attestation-refactor-policy
|
2024-10-30 16:14:30 -06:00 |
|
Meredith Lancaster
|
84c823c55f
|
clean up extension verification tests
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-30 16:12:57 -06:00 |
|
Meredith Lancaster
|
1652051fc2
|
Merge pull request #9825 from malancas/verify-provenance-predicate-by-default
`gh attestation verify` should only verify provenance attestations by default
|
2024-10-30 15:45:18 -06:00 |
|
Meredith Lancaster
|
4fa5f0c5ee
|
update extensions test
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-30 15:44:53 -06:00 |
|
Meredith Lancaster
|
fa2574c1a8
|
Merge remote-tracking branch 'upstream/trunk' into attestation-refactor-policy
|
2024-10-30 15:29:27 -06:00 |
|
Meredith Lancaster
|
b44c9d3003
|
undo policy method changes
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-30 15:23:50 -06:00 |
|
Meredith Lancaster
|
7bfddec046
|
fix references
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-29 07:09:45 -06:00 |
|
Meredith Lancaster
|
efa6fafc47
|
Update pkg/cmd/attestation/verification/attestation.go
Co-authored-by: Phill MV <phillmv@github.com>
|
2024-10-29 07:06:23 -06:00 |
|
Meredith Lancaster
|
8a8f224a7a
|
fix test
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-28 15:28:00 -06:00 |
|
Meredith Lancaster
|
502856082e
|
table tests
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-28 13:40:23 -06:00 |
|
Meredith Lancaster
|
4d57c79770
|
set provenance predicate type as default for predicate-type flag
Signed-off-by: Meredith Lancaster <malancas@github.com>
|
2024-10-24 11:40:55 -06:00 |
|
Phill MV
|
28c2308458
|
While we're at it, let's ensure VerifyCertExtensions can't be tricked the same way.
|
2024-10-10 11:22:22 -04:00 |
|
Phill MV
|
aaea0166e2
|
If provided with zero attestations to verify, the LiveSigstoreVerifier.Verify func should return an error.
|
2024-10-09 16:51:00 -04:00 |
|
Brian DeHamer
|
2e13ec5d80
|
Merge pull request #9616 from cli/bdehamer/custom-issuer-error
Better messaging for `attestation verify` custom issuer mismatch error
|
2024-09-16 12:52:12 -07:00 |
|