Skip to content

Start basic SCT support #423

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
djc wants to merge 14 commits into
base: main
Choose a base branch
from
Open

Start basic SCT support #423

djc wants to merge 14 commits into from
+396 −2

Conversation

@djc
Copy link
Member

@djc djc commented Dec 11, 2025

No description provided.

@djc djc requested a review from ctz December 11, 2025 13:01
@djc djc force-pushed the jbp-sct branch 2 times, most recently from 842a112 to e918319 Compare December 11, 2025 13:23
djc
djc commented Dec 11, 2025
View reviewed changes
src/sct.rs Outdated
Comment on lines 58 to 61
#[allow(dead_code)] // pending sct verification
extensions: untrusted::Input<'a>,
#[allow(dead_code)] // pending sct verification
signature_algorithm: u16,
#[allow(dead_code)] // pending sct verification
signature: untrusted::Input<'a>,
Copy link
Member Author

@djc djc Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What kind of verification needs to happen? Thoughts on a testing strategy?

Copy link
Member

@ctz ctz Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Verification here would be a separate feature, taking a set of valid CT logs (their IDs, public keys, etc) and checking each SCT purported to come from a valid known log is correctly signed. Doing this verification is a future upki feature, mainly because tracking "valid CT logs" requires ongoing, current knowledge.

@codecov
Copy link

codecov bot commented Dec 11, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 96.77419% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 96.78%. Comparing base (9b8b30e) to head (6eb2c59).

Files with missing lines Patch % Lines
src/verify_cert.rs 0.00% 5 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #423      +/-   ##
==========================================
- Coverage   96.78%   96.78%   -0.01%     
==========================================
  Files          19       20       +1     
  Lines        3797     3952     +155     
==========================================
+ Hits         3675     3825     +150     
- Misses        122      127       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@djc djc changed the title Improve SCT support Start basic SCT support Dec 11, 2025
@djc
Copy link
Member Author

djc commented Jan 18, 2026

Need to make sure to fuse the iterator if there's an unrecoverable error.

(Personally not sure I mind Result<Iter<Item = Result<_, _>>> all that much, and I don't think this API will be all that widely used?)

@ctz
Copy link
Member

ctz commented Jan 18, 2026

Need to make sure to fuse the iterator if there's an unrecoverable error.

(Personally not sure I mind Result<Iter<Item = Result<_, _>>> all that much, and I don't think this API will be all that widely used?)

What do you think about the opposite change -- Result<Iter<Item = Foo>>? It means it is two pass, but the error handling is much simplified as they happen up-front.

Anyway, not married to this either way.

I have one more addition to make on this PR then we can squash.

@djc
Copy link
Member Author

djc commented Jan 18, 2026

Need to make sure to fuse the iterator if there's an unrecoverable error.
(Personally not sure I mind Result<Iter<Item = Result<_, _>>> all that much, and I don't think this API will be all that widely used?)

What do you think about the opposite change -- Result<Iter<Item = Foo>>? It means it is two pass, but the error handling is much simplified as they happen up-front.

Uh, do we allocate after the first pass, or unwrap() during the second? Neither sound all that appealing.

@ctz
Copy link
Member

ctz commented Jan 19, 2026

Uh, do we allocate after the first pass, or unwrap() during the second? Neither sound all that appealing.

I was thinking unwrap() -- I have dropped this commit just now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ctz ctz Awaiting requested review from ctz

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@djc @ctz