-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
verify: verify checkpoint's STH against the inclusion proof root hash #1092
Conversation
Signed-off-by: Asra Ali <asraa@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
d3c134d
I made a |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good catch!
Codecov Report
@@ Coverage Diff @@
## main #1092 +/- ##
=======================================
Coverage 64.09% 64.10%
=======================================
Files 82 82
Lines 7498 7507 +9
=======================================
+ Hits 4806 4812 +6
- Misses 2068 2070 +2
- Partials 624 625 +1
Flags with carried forward coverage won't be shown. Click here to find out more.
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
https://build.opensuse.org/request/show/1029934 by user msmeissn + dimstar_suse - updated to rekor 1.0.0 (sc#SLE-23476): - add description on /api/v1/index/retrieve endpoint by @bobcallaway in sigstore/rekor#1073 - Adding e2e test coverage by @cdris in sigstore/rekor#1071 - export rekor build/version information by @cpanato in sigstore/rekor#1074 - Use POST instead of GET for /api/log/entries/retrieve metrics. by @var-sdk in sigstore/rekor#1083 - Search through all shards when searching by hash by @priyawadhwa in sigstore/rekor#1082 - verify: verify checkpoint's STH against the inclusion proof root hash by @asraa in sigstore/rekor#1092 - add ability to enable/disable specific rekor API endpoints by @bobcallaway in
Signed-off-by: Asra Ali asraa@google.com
Verifying the checkpoint signature of an entry should also verify that the root hash corresponds to the one in the inclusion proof.
Required for slsa-framework/slsa-verifier#281
Summary
Release Note
Documentation