From e4a181694ce183bb5544b9796330663827c437c2 Mon Sep 17 00:00:00 2001
From: Jack Leightcap <jack.leightcap@trailofbits.com>
Date: Fri, 28 Jul 2023 17:30:45 -0400
Subject: [PATCH] conformance: validated verify subcommand

Signed-off-by: Jack Leightcap <jack.leightcap@trailofbits.com>
---
 tests/conformance/Cargo.toml     | 1 +
 tests/conformance/conformance.rs | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/tests/conformance/Cargo.toml b/tests/conformance/Cargo.toml
index 3bb3fd5a14..b865246c2e 100644
--- a/tests/conformance/Cargo.toml
+++ b/tests/conformance/Cargo.toml
@@ -8,6 +8,7 @@ license = "Apache-2.0"
 
 [dependencies]
 anyhow = { version = "1.0", features = ["backtrace"] }
+base64 = "0.21.0"
 clap = { version = "4.0.8", features = ["derive"] }
 sigstore = { path = "../../" }
 tokio = { version = "1.17.0", features = ["rt"] }
diff --git a/tests/conformance/conformance.rs b/tests/conformance/conformance.rs
index 66cced2980..fe2000e6fb 100644
--- a/tests/conformance/conformance.rs
+++ b/tests/conformance/conformance.rs
@@ -17,6 +17,7 @@
 // https://github.com/sigstore/sigstore-conformance/blob/main/docs/cli_protocol.md
 
 extern crate tracing_subscriber;
+use base64::{engine::general_purpose::STANDARD as BASE64_STD_ENGINE, Engine as _};
 use clap::{Parser, Subcommand};
 use std::fs;
 use tracing_subscriber::prelude::*;
@@ -144,7 +145,9 @@ pub async fn main() -> anyhow::Result<()> {
             artifact,
         }) => {
             let certificate = fs::read_to_string(certificate)?;
+            let certificate = BASE64_STD_ENGINE.encode(certificate);
             let signature = fs::read_to_string(signature)?;
+            let signature = signature.trim(); // https://github.com/sigstore/sigstore-rs/issues/288
             let artifact = fs::read(artifact)?;
 
             Client::verify_blob(&certificate, &signature, &artifact)?;