-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Fulcio support to signing #158
Commits on May 1, 2024
-
This involved a bit of a refactor to support MessageSignature and DSSE bundle content. Also, we should probably start adding tests soon. Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for 171eb77 - Browse repository at this point
Copy the full SHA 171eb77View commit details
Commits on May 2, 2024
-
Rename Content Prepare to PreAuthEncoding
Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for f62bb30 - Browse repository at this point
Copy the full SHA f62bb30View commit details
Commits on May 6, 2024
-
Support Fulcio signing with supplied key.
Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for f2d7e69 - Browse repository at this point
Copy the full SHA f2d7e69View commit details -
More cleanly delineate between
Content
andKeypair
`Content` now clearly owns generating and remembering the hash digest. `Keypair` communicates the hash algorithm to `Content`, and generates the signature. Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for 5c01baa - Browse repository at this point
Copy the full SHA 5c01baaView commit details -
Use sigstore/sigstore cryptoutils.MarshalPublicKeyToPEM
Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for de0abd6 - Browse repository at this point
Copy the full SHA de0abd6View commit details
Commits on May 10, 2024
-
Fix proof of possesion signature
Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for d63db0f - Browse repository at this point
Copy the full SHA d63db0fView commit details -
Move bundle logic out to be all in one place
Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for 862937e - Browse repository at this point
Copy the full SHA 862937eView commit details -
Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for 2410557 - Browse repository at this point
Copy the full SHA 2410557View commit details
Commits on May 13, 2024
-
Simplify EphemeralKeypair options and require explicit keypair for si…
…gning Signed-off-by: Zach Steindler <steiza@github.com>
Configuration menu - View commit details
-
Copy full SHA for 29150cb - Browse repository at this point
Copy the full SHA 29150cbView commit details