Return INDETERMINATE when signer issuer is not in trusted list#13
Conversation
When a trustListProvider is configured and the signer's issuer is not found (or not trusted at signing time), downgrade overall status from VALID to INDETERMINATE with an ISSUER_NOT_TRUSTED limitation. Add test-environment-sig-sample.edoc fixture with tests for both public and sensitive sample dirs.
Greptile SummaryThis PR fixes a gap where trust-list results were not factored into the final Key changes:
Confidence Score: 4/5
Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[verifySignature called] --> B[Crypto validation\ncertResult + checksumResult\n+ signatureResult + timestamp]
B --> C{isValid?}
C -- No --> D[status = INVALID /\nINDETERMINATE /\nUNSUPPORTED\nbased on failure reason]
C -- Yes --> E[status = VALID]
E --> F{trustListProvider\nconfigured?}
F -- No --> G[Return VALID]
F -- Yes --> H{trustListMatch\navailable?}
H -- Yes --> I{found AND\ntrustedAtTime\n≠ false?}
I -- found=false OR\ntrustedAtTime=false --> J[status = INDETERMINATE\nlimitations += ISSUER_NOT_TRUSTED]
I -- found=true AND\ntrustedAtTime=true --> G
I -- found=true AND\ntrustedAtTime=undefined --> K[⚠️ status stays VALID\nbut checklist =\nindeterminate]
H -- No → trustListError set --> L[status = INDETERMINATE\nlimitations += TRUST_LIST_CHECK_FAILED]
H -- No, no error --> G
J --> M[Return INDETERMINATE]
L --> M
D --> N[Return non-VALID]
Last reviewed commit: aa40d1a |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 7b0877a6c9
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Increase test timeout for untrusted issuer tests (trust list loading is slow on CI). Also downgrade to INDETERMINATE when the trust list provider throws an error, rather than silently returning VALID.
Use trustedAtTime === false instead of !trustedAtTime to avoid
false-downgrading providers that return { found: true } without the
trustedAtTime field. Remove stray console.log from test.
|
@greptileai @codex please recheck fixes |
|
Codex Review: Didn't find any major issues. 👍 ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
Summary
trustListProvideris configured and the signer's issuer is not found (or not trusted at signing time), downgrade overall status fromVALIDtoINDETERMINATEwith anISSUER_NOT_TRUSTEDlimitationisValid/status, so a document signed with a test/demo certificate would show as VALID even when trustlist checking was enabledtest-environment-sig-sample.edocas a committed fixture (demo certificate, not in trusted list)Test plan