COSE envelope implementation updates #26
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Binbin Li <[email protected]>
Codecov Report
@@ Coverage Diff @@
## main #26 +/- ##
==========================================
- Coverage 70.33% 63.77% -6.56%
==========================================
Files 23 27 +4
Lines 1591 2363 +772
==========================================
+ Hits 1119 1507 +388
- Misses 355 647 +292
- Partials 117 209 +92
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
shizhMSFT
commented
Aug 8, 2022
Signed-off-by: Binbin Li <[email protected]>
Signed-off-by: Binbin Li <[email protected]>
Refactor Verify so that it just returns the payload and signerInfo from the internal envelope. Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Junjie Gao <[email protected]> Co-authored-by: Junjie Gao <[email protected]>
Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
* feat: implemented COSE envelope sign Signed-off-by: Patrick Zheng <[email protected]> * implemented cose envelope Signed-off-by: Patrick Zheng <[email protected]> * update per code review Signed-off-by: Patrick Zheng <[email protected]> * resolve conflicts Signed-off-by: Patrick Zheng <[email protected]> * added extendedAttributes related logic Signed-off-by: Patrick Zheng <[email protected]> * updated to most current cose branch Signed-off-by: Patrick Zheng <[email protected]> * per code review Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * updates Signed-off-by: Patrick Zheng <[email protected]> * updates Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
|
I will work on this task. |
* refactor: add common logic to base envelope Signed-off-by: Binbin Li <[email protected]> * feat: add payload and signerInfo verification in Verify Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
* updated COSE envelope implementation per code reivew Signed-off-by: Patrick Zheng <[email protected]> * renamed to envelope under cose package Signed-off-by: Patrick Zheng <[email protected]> * update per code review Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * clean up Signed-off-by: Patrick Zheng <[email protected]> * more clean up Signed-off-by: Patrick Zheng <[email protected]> * updated errors according to errors.go Signed-off-by: Patrick Zheng <[email protected]> * clean up Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* feat: add error Signed-off-by: Binbin Li <[email protected]> * feat: validate key and cert while creating local signer Signed-off-by: Binbin Li <[email protected]> * refactor: refactor isKeyPair Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
qmuntal
reviewed
Aug 16, 2022
|
@binbin-li, @shizhMSFT, we have a set of DCO errors. Can we get these fixed up? |
@SteveLasker This PR is just show the working progress of COSE, and will be split to multiple PRs to be reviewed and merged. Once those PRs are merged, this PR will be closed. |
1. JWT sign replace custom sign 2. add SigningScheme, crit Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Junjie Gao <[email protected]> Co-authored-by: Junjie Gao <[email protected]>
* updated COSE envelope implementation per code reivew Signed-off-by: Patrick Zheng <[email protected]> * renamed to envelope under cose package Signed-off-by: Patrick Zheng <[email protected]> * update per code review Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * clean up Signed-off-by: Patrick Zheng <[email protected]> * more clean up Signed-off-by: Patrick Zheng <[email protected]> * updated errors according to errors.go Signed-off-by: Patrick Zheng <[email protected]> * clean up Signed-off-by: Patrick Zheng <[email protected]> * update unit tests Signed-off-by: Patrick Zheng <[email protected]> * update unit tests Signed-off-by: Patrick Zheng <[email protected]> * update cose unprotected header Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* updated COSE envelope implementation per code reivew Signed-off-by: Patrick Zheng <[email protected]> * renamed to envelope under cose package Signed-off-by: Patrick Zheng <[email protected]> * update per code review Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * clean up Signed-off-by: Patrick Zheng <[email protected]> * more clean up Signed-off-by: Patrick Zheng <[email protected]> * updated errors according to errors.go Signed-off-by: Patrick Zheng <[email protected]> * clean up Signed-off-by: Patrick Zheng <[email protected]> * update unit tests Signed-off-by: Patrick Zheng <[email protected]> * update unit tests Signed-off-by: Patrick Zheng <[email protected]> * update cose unprotected header Signed-off-by: Patrick Zheng <[email protected]> * updated COSE expiry header check Signed-off-by: Patrick Zheng <[email protected]> * updated COSE expiry header check Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
qmuntal
reviewed
Aug 17, 2022
signature/errors.go
Outdated
|
|
||
| // Error returns the formatted error message | ||
| func (e *EnvelopeKeyRepeatedError) Error() string { | ||
| return fmt.Sprintf("repeated key: `%s` exists in the envelope.", e.Key) |
There was a problem hiding this comment.
The %q verb automagically quotes the string. Use it instead of `%s`.
There was a problem hiding this comment.
@binbin-li Could you address this?
Payload() returns the raw payload context instead of base64 encoded data Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Junjie Gao <[email protected]>
* doc: add signature documents Signed-off-by: Binbin Li <[email protected]> * doc: refactor comments Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
* test: add signature unit tests Signed-off-by: Binbin Li <[email protected]> * test: add tests for base envelope Signed-off-by: Binbin Li <[email protected]> * test: add more valid cases Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
* updated COSE envelope implementation per code reivew Signed-off-by: Patrick Zheng <[email protected]> * renamed to envelope under cose package Signed-off-by: Patrick Zheng <[email protected]> * update per code review Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * clean up Signed-off-by: Patrick Zheng <[email protected]> * more clean up Signed-off-by: Patrick Zheng <[email protected]> * updated errors according to errors.go Signed-off-by: Patrick Zheng <[email protected]> * clean up Signed-off-by: Patrick Zheng <[email protected]> * update unit tests Signed-off-by: Patrick Zheng <[email protected]> * update unit tests Signed-off-by: Patrick Zheng <[email protected]> * update cose unprotected header Signed-off-by: Patrick Zheng <[email protected]> * updated COSE expiry header check Signed-off-by: Patrick Zheng <[email protected]> * updated COSE expiry header check Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updated COSE unit tests Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
… well (#48) Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
Signed-off-by: Binbin Li <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: Binbin Li <[email protected]>
* added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updating certificate chain Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for the certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updating certificate chain Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for the certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated to latest go-cose Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* add jws test Signed-off-by: Junjie Gao <[email protected]> * update PR Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Junjie Gao <[email protected]> Co-authored-by: Junjie Gao <[email protected]>
* added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updating certificate chain Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for the certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated to latest go-cose Signed-off-by: Patrick Zheng <[email protected]> * added COSE conformance tests Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated comments Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Junjie Gao <[email protected]> Co-authored-by: Junjie Gao <[email protected]>
Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Junjie Gao <[email protected]> Co-authored-by: Junjie Gao <[email protected]>
* added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updating certificate chain Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for the certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated to latest go-cose Signed-off-by: Patrick Zheng <[email protected]> * added COSE conformance tests Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated comments Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * added verification plugin critical headers check Signed-off-by: Patrick Zheng <[email protected]> * updated errors related code Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updating certificate chain Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for the certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated to latest go-cose Signed-off-by: Patrick Zheng <[email protected]> * added COSE conformance tests Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated comments Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * added verification plugin critical headers check Signed-off-by: Patrick Zheng <[email protected]> * updated errors related code Signed-off-by: Patrick Zheng <[email protected]> * quick fix Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* fix: update jwt.Claims Signed-off-by: Junjie Gao <[email protected]> * update PR Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Junjie Gao <[email protected]> Co-authored-by: Junjie Gao <[email protected]>
…ror (#63) * added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updating certificate chain Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for the certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated to latest go-cose Signed-off-by: Patrick Zheng <[email protected]> * added COSE conformance tests Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated comments Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * added verification plugin critical headers check Signed-off-by: Patrick Zheng <[email protected]> * updated errors related code Signed-off-by: Patrick Zheng <[email protected]> * quick fix Signed-off-by: Patrick Zheng <[email protected]> * renamed TestSignatureNotFoundError to TestSignatureEnvelopeNotFoundError Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updating certificate chain Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for the certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated to latest go-cose Signed-off-by: Patrick Zheng <[email protected]> * added COSE conformance tests Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated comments Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * added verification plugin critical headers check Signed-off-by: Patrick Zheng <[email protected]> * updated errors related code Signed-off-by: Patrick Zheng <[email protected]> * quick fix Signed-off-by: Patrick Zheng <[email protected]> * renamed TestSignatureNotFoundError to TestSignatureEnvelopeNotFoundError Signed-off-by: Patrick Zheng <[email protected]> * quick update regarding verification plugin Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Patrick Zheng <[email protected]>
* Bump github.com/golang-jwt/jwt/v4 from 4.4.1 to 4.4.2 (#14) Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.4.1 to 4.4.2. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](golang-jwt/jwt@v4.4.1...v4.4.2) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * added extended attribute getter for notation-go Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope unit tests Signed-off-by: Patrick Zheng <[email protected]> * updating certificate chain Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for the certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated COSE envelope for certificate chain changes Signed-off-by: Patrick Zheng <[email protected]> * updated to latest go-cose Signed-off-by: Patrick Zheng <[email protected]> * added COSE conformance tests Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * updated comments Signed-off-by: Patrick Zheng <[email protected]> * updated per code review Signed-off-by: Patrick Zheng <[email protected]> * added verification plugin critical headers check Signed-off-by: Patrick Zheng <[email protected]> * updated errors related code Signed-off-by: Patrick Zheng <[email protected]> * quick fix Signed-off-by: Patrick Zheng <[email protected]> * renamed TestSignatureNotFoundError to TestSignatureEnvelopeNotFoundError Signed-off-by: Patrick Zheng <[email protected]> * quick update regarding verification plugin Signed-off-by: Patrick Zheng <[email protected]> * refactor: refactor envelope and signer to support cose (#53) Signed-off-by: Binbin Li <[email protected]> * resolve conflicts Signed-off-by: Patrick Zheng <[email protected]> * update Signed-off-by: Patrick Zheng <[email protected]> * fixed broken unit tests Signed-off-by: Patrick Zheng <[email protected]> * added maps for Notation CLI cert Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Binbin Li <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Binbin Li <[email protected]>
Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Junjie Gao <[email protected]> Co-authored-by: Junjie Gao <[email protected]>
Signed-off-by: Binbin Li <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Tracking the merger of the cose branch into
main.