Skip to content

Commit

Permalink
Merge pull request from GHSA-8gw7-4j42-w388
Browse files Browse the repository at this point in the history 
* wip

Signed-off-by: Asra Ali <asraa@google.com>

more tests

Signed-off-by: Asra Ali <asraa@google.com>

finish tests

Signed-off-by: Asra Ali <asraa@google.com>

Add explicit testcase for failure in verifytlogentry

Signed-off-by: Asra Ali <asraa@google.com>

add testing for invalid provided bundle fails

Signed-off-by: Asra Ali <asraa@google.com>

update

Signed-off-by: Asra Ali <asraa@google.com>

address hayden comments

Signed-off-by: Asra Ali <asraa@google.com>

update

Signed-off-by: Asra Ali <asraa@google.com>

* fix: verify RekorBundle payload references blob

Co-authored-by: Cody Soyland <codysoyland@github.com>
Co-authored-by: Asra Ali <asraa@google.com>

* Add test for invalid blob signature causing error

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

* Add tests for checking identity flags

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

* address bob's comment

Signed-off-by: Asra Ali <asraa@google.com>

* add comment on intoto multisig

Signed-off-by: Asra Ali <asraa@google.com>

Signed-off-by: Asra Ali <asraa@google.com>
Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Co-authored-by: Cody Soyland <codysoyland@github.com>
Co-authored-by: Hayden Blauzvern <hblauzvern@google.com>
  • Loading branch information
@asraa @codysoyland @haydentherapper
3 people authored Sep 14, 2022
1 parent 01492c6 commit 80b79ed
Show file tree
Hide file tree
Showing 7 changed files with 1,452 additions and 236 deletions.
Loading

0 comments on commit 80b79ed

Please sign in to comment.