Skip to content

fix(attestation): verify sig during validation #1037

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: dev
Choose a base branch
from
Open

fix(attestation): verify sig during validation #1037

wants to merge 2 commits into from

Conversation

@themighty1
Copy link
Member

This PR adds the missing verification of the signature during attestation validation.
I realized that we can use a simpler approach than what we discussed in #794

Closes: #622

@themighty1 themighty1 requested a review from sinui0 October 27, 2025 12:32
@themighty1 themighty1 mentioned this pull request Oct 27, 2025
Closed
sinui0
sinui0 requested changes Oct 28, 2025
View reviewed changes
@themighty1
Copy link
Member Author

@sinui0 , ready for review.

I also made pub the inner string of a SignatureError type, otherwise I wasn't able to construct a custom sig verifier.

@themighty1 themighty1 requested a review from sinui0 October 28, 2025 08:33
sinui0
sinui0 requested changes Oct 28, 2025
View reviewed changes
crates/attestation/src/signing.rs
#[derive(Debug, thiserror::Error)]
#[error("signature verification failed: {0}")]
pub struct SignatureError(String);
pub struct SignatureError(pub String);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a from_str(msg: &str) -> Self method instead

crates/attestation/src/request.rs
pub fn validate(
&self,
attestation: &Attestation,
provider: &SignatureVerifierProvider,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should accept CryptoProvider instead, in case this method ever changes to validate more things than the signature

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sinui0 sinui0 sinui0 requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@themighty1 @sinui0