Skip to content

Commit

Permalink
SigstoreKey: Handle import errors like Signer
Browse files Browse the repository at this point in the history 
Note that this still raises VerificationError just like before
(and not UnsupportedLibraryError like Signers do).
  • Loading branch information
@jku
jku committed May 17, 2024
1 parent a7f3c09 commit 6fae4c8
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions securesystemslib/signer/_sigstore_signer.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,10 @@ def verify_signature(self, signature: Signature, data: bytes) -> None:
from sigstore.models import Bundle
from sigstore.verify import Verifier
from sigstore.verify.policy import Identity
except ImportError as e:
raise VerificationError(IMPORT_ERROR) from e

try:
verifier = Verifier.production()
identity = Identity(
identity=self.keyval["identity"], issuer=self.keyval["issuer"]
Expand Down

0 comments on commit 6fae4c8

Please sign in to comment.