Add RSC support #348
Add RSC support #348
Conversation
| now: Time | ||
| ) -> Result<(ResourceCert, ResourceSignedChecklist), ValidationError> { | ||
| let cert = self.signed.validate_at(cert, strict, now)?; | ||
| Ok((cert, self.content)) |
There was a problem hiding this comment.
This should also check that the resources in the RSC content are covered by the EE certificate’s resources and that the EE certificate is has not been revoked by asking for the CRL.
For ROAs, this method seems to be called process rather than validate. Maybe we should do the same here for consistency.
src/repository/rsc.rs
Outdated
|
|
||
| //--- Deref and AsRef | ||
|
|
||
| impl ops::Deref for Rsc { |
There was a problem hiding this comment.
The recommendation is to not impl Deref for these kinds of types – the deref impls we have on similar types should all go. ’twas my mistake …
|
|
||
| digest_algorithm: DigestAlgorithm, | ||
|
|
||
| check_list: Captured, |
There was a problem hiding this comment.
Longer term we are planning to move away from using Captured and instead have the actual decoded content here – i.e., a Vec<FileNameAndHash> (which then should move away from using Bytes). Maybe move this one to that already?
2 participants
No description provided.