New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support PKCS1 encoded and non-ECDSA CT log public keys #1806
Conversation
This came up while testing out staging, which uses a PKCS1 encoded public key. We should be flexible on the supported key format. Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
cc @dlorenc - If 1.8 hasn't gone out yet, getting this in too would be nice! |
Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
@dlorenc - pushed another commit that removes the requirement that the key is an ECDSA key - I don't see any reason this should be enforced. |
Codecov Report
@@ Coverage Diff @@
## main #1806 +/- ##
==========================================
+ Coverage 32.73% 32.75% +0.01%
==========================================
Files 147 147
Lines 9313 9327 +14
==========================================
+ Hits 3049 3055 +6
- Misses 5907 5915 +8
Partials 357 357
Continue to review full report at Codecov.
|
* Support PKCS1 encoded CT log public keys This came up while testing out staging, which uses a PKCS1 encoded public key. We should be flexible on the supported key format. Signed-off-by: Hayden Blauzvern <hblauzvern@google.com> * Update comment Signed-off-by: Hayden Blauzvern <hblauzvern@google.com> * Remove requirement that key is ECDSA Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
This came up while testing out staging, which uses a PKCS1 encoded
public key. We should be flexible on the supported key format.
This also relaxes the requirement that CT log keys from TUF are ECDSA keys.
Signed-off-by: Hayden Blauzvern hblauzvern@google.com
Summary
Ticket Link
Fixes
Release Note