Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Document why AnyCertificate::unsecure_load is incompatible with SequesterService & SequesterRevokedService #9065

Merged
merged 1 commit into from
Dec 2, 2024
Merged

Document why AnyCertificate::unsecure_load is incompatible with SequesterService & SequesterRevokedService #9065

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 12 additions & 1 deletion libparsec/crates/types/src/certif.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1430,8 +1430,19 @@ impl AnyCertificate {
unsecure,
})
}
// Sequester service & revoked service certificates are signed by the sequester
// authority, this implies two things:
// - We *always* know the author of the signature, and hence don't need
// `unsecure_load` (since it goal is to peek inside the certificate before
// it is properly validated in order to get the author).
// - Those certificates are signed in a different way than the other certificates,
// so we can only end up here by (bad) luck if the two signature algorithms
// happened to have a similar layout.
//
// In any way, we should never end up here, and if we do then it's a
// "bullshit-in, bullshit-out" case...
AnyCertificate::SequesterService(_) | AnyCertificate::SequesterRevokedService(_) => {
unreachable!()
panic!("signed by sequester authority");
}
})
}
Expand Down
Loading