Skip to content

Deserialize plain DI certs as raw DER #1953

Deserialize plain DI certs as raw DER

Deserialize plain DI certs as raw DER #1953

Triggered via pull request September 7, 2023 14:30
Status Failure
Total duration 12m 26s
Artifacts

ci.yml

on: pull_request
Fit to window
Zoom out
Zoom in

Annotations

1 error and 1 warning
commitlint
You have commit messages with errors ⧗ input: Deserialize plain DI certs as raw DER Because of the deserialize implementation that's automatically generated, at this moment the expected value for the public_key_store in the manufacturing server is a CBOR array of the DER certificate. This commit adds a new type PlainBytes which (de)serializes transparently, and makes the manufacturing server use it for the public key store. NOTE: this means that with this patch, the store format on disk changes. This store is a ReadOnly (the server will never write to it), but if anyone would've put a CBOR file in place, that will now fail to open. Raw DER was always the intention (and documented) format, but it still is a risk. Signed-off-by: Patrick Uiterwijk <[email protected]> Fixes: #477 ✖ subject may not be empty [subject-empty] ✖ type may not be empty [type-empty] ⚠ footer must have leading blank line [footer-leading-blank] ✖ found 2 problems, 1 warnings ⓘ Get help: https://github.com/conventional-changelog/commitlint/#what-is-commitlint
Test docs building
github-pages can't satisfy your Gemfile's dependencies.