Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix the SCT header return value from the API to base64 encode it. #288

Merged
merged 1 commit into from
Dec 21, 2021

Conversation

dlorenc
Copy link
Member

@dlorenc dlorenc commented Dec 21, 2021

I don't actually know what's correct here - but the current client expects
it to be base64 encoded. We could keep it "raw", but then we have to fix the client
that's currently in cosign.

Signed-off-by: Dan Lorenc lorenc.d@gmail.com

Summary

Ticket Link

Fixes

Release Note


pkg/api/ca.go Outdated
@@ -203,7 +203,7 @@ func signingCert(w http.ResponseWriter, req *http.Request) {
}

// Set the SCT and Content-Type headers, and then respond with a 201 Created.
w.Header().Add("SCT", string(sctBytes))
w.Header().Add("SCT", base64.RawStdEncoding.EncodeToString(sctBytes))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the client uses StdEncoding when decoding, should this use that too?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doh, changed.

I don't actually know what's correct here - but the current client expects
it to be base64 encoded. We could keep it "raw", but then we have to fix the client
that's currently in cosign.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>
@vaikas
Copy link
Contributor

vaikas commented Dec 21, 2021

/lgtm

@vaikas
Copy link
Contributor

vaikas commented Dec 21, 2021

I'm also adding a test for this as part of #289

vaikas added a commit to vaikas/fulcio that referenced this pull request Dec 21, 2021
* Add tests for exercising STL
* Fix sigstore#289
* Validates that the new STL tests failed unless backporting sigstore#288

Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
@cpanato cpanato requested a review from lukehinds December 21, 2021 08:51
dlorenc pushed a commit that referenced this pull request Dec 21, 2021
* Add tests for exercising STL
* Fix #289
* Validates that the new STL tests failed unless backporting #288

Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
@dlorenc dlorenc merged commit c1cba21 into sigstore:main Dec 21, 2021
@dlorenc dlorenc deleted the b64 branch December 21, 2021 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants