Skip to content

x5chain header handling, some fixes + version bump#17

Open
setrofim wants to merge 6 commits intomainfrom
setrofim/x5chain
Open

x5chain header handling, some fixes + version bump#17
setrofim wants to merge 6 commits intomainfrom
setrofim/x5chain

Conversation

@setrofim
Copy link
Copy Markdown
Contributor

@setrofim setrofim commented May 8, 2026

  • Add support for signature verification using the key extracted from x5chain COSE header.
  • Fix exact environment matching.
  • Fix key_triple_entries view alias.
  • Use fully-validating, profile-ware CoRIM unmarshalling methods.
  • Add debugger config file to .gitignore.

setrofim added 6 commits May 7, 2026 11:51
@setrofim
chore: add .nvim-dap.lua to .gitignore
2c7a504 
Add DAP (Debug Adapter Protocol) config file to .gitignore.

Signed-off-by: setrofim <setrofim@gmail.com>
@setrofim
feat(signing): add X5ChainKeyStore
efd313f 
Add a KeyStore implementation that builds a KeyEntry from the key
extracted form the certificates in the x5chain COSE header of the signed
CoRIM.

Signed-off-by: setrofim <setrofim@gmail.com>
@setrofim
fix(store): use profile-aware CoRIM unmarshalling
8631cb5 
Use profile-aware CoRIM unmarshalling methods inside AddBytes and
VerifyAndAddBytes. This will ensure the CoRIMs are fully validated
before they are added.

Signed-off-by: setrofim <setrofim@gmail.com>
@setrofim
fix(query): exact matching with entries or sub-queries
17428d2 
Fix exact environment matching when composite entries or class
sub-queries are used.

When exact matching is specified, EnvironmentQuery will add "<field> ==
NULL" for every environment field not set in the query. However, if a
class sub-query or a composite type/bytes ID entry exists, it will
specify a non-NULL values for at least one of the fields. This will
result in effective (<field> == NULL && <field> == <not NULL>) being in
the final query, ensuring it will never match.

To get around that, only handle exact matching for fields inside
EnvironmentQuery if there are no class sub-queries or composite entries
affecting that field.

Signed-off-by: setrofim <setrofim@gmail.com>
@setrofim
fix(model): correct key_triple_entries table alias
629d986 
Correct the alias vte --> kte. This was a copy-and-paste error from
value_triple_entry. (Note: since aliases are only used in select queries
and the two views are never joined, this clash would not actually cause
a problem, but it's mildly confusing while debugging.)

Signed-off-by: setrofim <setrofim@gmail.com>
@setrofim
chore: version bump to v0.1.0
177a9ab 
Signed-off-by: setrofim <setrofim@gmail.com>
yogeshbdeshpande
yogeshbdeshpande approved these changes May 8, 2026
View reviewed changes
Copy link
Copy Markdown

@yogeshbdeshpande yogeshbdeshpande left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yogeshbdeshpande yogeshbdeshpande yogeshbdeshpande approved these changes

@thomas-fossati thomas-fossati Awaiting requested review from thomas-fossati

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@setrofim @yogeshbdeshpande