Return ValidatedRekorEntry from verify_rekor_body

Open rbehjati opened this issue 3 years ago • 0 comments

Another thought: perhaps, in the spirit of https://lexi-lambda.github.io/blog/2019/11/05/parse-don-t-validate/ , this function could actually return a struct containing the public key (validated against the signature and the content), and the hash of the data, something like ValidatedRekorEntry or similar. Though I'm not actually sure that's possible given that it looks like the verification of the signature requires the actual source data (not just the hash).

Originally posted by @tiziano88 in https://github.com/project-oak/oak/pull/2846#discussion_r872801269

May 16 '22 08:05 rbehjati