-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
in-toto-run implementation #56
in-toto-run implementation #56
Commits on Jun 23, 2020
-
LoadPublicKey() and VerifySignature() were too generic. Let's rename them to be more precise in what they are achieving.
Configuration menu - View commit details
-
Copy full SHA for 14a8de0 - Browse repository at this point
Copy the full SHA 14a8de0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4969540 - Browse repository at this point
Copy the full SHA 4969540View commit details -
In this commit we add a LoadEd25519PublicKey func for loading ed25519 keys in PrivateJSON format from a ed25519 public key file
Configuration menu - View commit details
-
Copy full SHA for 45a8e93 - Browse repository at this point
Copy the full SHA 45a8e93View commit details -
add ParseEd25519FromPublicJSON func
The format of a public key is different to the private key JSON format for ed25519 in-toto pubkeys. Therefore we need another function for parsing ed25519 pub keys.
Configuration menu - View commit details
-
Copy full SHA for 76f9f94 - Browse repository at this point
Copy the full SHA 76f9f94View commit details -
Configuration menu - View commit details
-
Copy full SHA for c6cb9c0 - Browse repository at this point
Copy the full SHA c6cb9c0View commit details
Commits on Jun 26, 2020
-
add LoadPrivateKey func for ed25519 and more tests
This commit adds more test material such like symmetric encrypted private keys.
Configuration menu - View commit details
-
Copy full SHA for ae5e82d - Browse repository at this point
Copy the full SHA ae5e82dView commit details -
mention encrypted private keys in comments
This commit also changes the example keys in the documentation. We use the keypair of "carol" (see test/data/carol{.pub}) now.
Configuration menu - View commit details
-
Copy full SHA for d868be7 - Browse repository at this point
Copy the full SHA d868be7View commit details -
implement Parse/Load RSA private key
We use PKCS1 for parsing/loading RSA private keys. This means we do not support ECDSA yet.
Configuration menu - View commit details
-
Copy full SHA for f54d2e5 - Browse repository at this point
Copy the full SHA f54d2e5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9b5413f - Browse repository at this point
Copy the full SHA 9b5413fView commit details -
This adds support for signing byte data with rsassa-pss. TODO: We need to verify if rsa.SignPSS(rand=nil,...) is secure!
Configuration menu - View commit details
-
Copy full SHA for 66e49b8 - Browse repository at this point
Copy the full SHA 66e49b8View commit details -
Configuration menu - View commit details
-
Copy full SHA for fe86f29 - Browse repository at this point
Copy the full SHA fe86f29View commit details -
Configuration menu - View commit details
-
Copy full SHA for c8ced5b - Browse repository at this point
Copy the full SHA c8ced5bView commit details
Commits on Jul 3, 2020
-
add a first draft for signing links in InTotoRun
We use the model.Sign() func for signing keys. This commit also removes unrelated code in TestMetablockSignWithEd25519 because we **indeed** support RSA now. This adds support for signing links in InTotoRun via a specific key
Configuration menu - View commit details
-
Copy full SHA for 8253556 - Browse repository at this point
Copy the full SHA 8253556View commit details
Commits on Jul 5, 2020
-
add new validatePrivateKey function + add key id to pub key
In the past in-toto-keygen generated pubkeys did not have a public key ID in their JSON structure. This is going to change in the securesystemslib: secure-systems-lab/securesystemslib#250 This commit adds the key ID to all our public key tests + and the carol.pub key.
Configuration menu - View commit details
-
Copy full SHA for ed01d7b - Browse repository at this point
Copy the full SHA ed01d7bView commit details -
add more test case + table tests to TestInTotoRun
Table tests are easier to maintain, also we are testing invalid paths and invalid keys now.
Configuration menu - View commit details
-
Copy full SHA for 17c679b - Browse repository at this point
Copy the full SHA 17c679bView commit details -
We need to cover signing with invalid keys and validating private keys
Configuration menu - View commit details
-
Copy full SHA for 7413391 - Browse repository at this point
Copy the full SHA 7413391View commit details -
make sure to sign the link data + tests
In the past we always signed an empty Link{} artifact. Now we are really signing something + testing for a valid signature after signing real data.
Configuration menu - View commit details
-
Copy full SHA for d5b38f7 - Browse repository at this point
Copy the full SHA d5b38f7View commit details
Commits on Jul 6, 2020
-
implement GenerateKeyId + remove keyId from pubkeys
In this commit we remove the keyId from the ed25519 pubkeys again, because we decided to not support keyIds in key material. Instead we are generating a keyId if the keyId is empty.
Configuration menu - View commit details
-
Copy full SHA for 17dc020 - Browse repository at this point
Copy the full SHA 17dc020View commit details -
use generateKeyId in LoadRSA functions
This commit integrates our new GenerateKeyId func into the LoadRSA* functions. More importantly it fixes a major security issue(!). Before this commit we have calculated the the keyID of the private key with the private key **included**. The private key should never be used for calculating the keyID.
Configuration menu - View commit details
-
Copy full SHA for 07ef081 - Browse repository at this point
Copy the full SHA 07ef081View commit details
Commits on Jul 7, 2020
-
Infer RSA Public Key from Private Key
We need to infer the RSA Public Key from the RSA Private Key, otherwise we can't a calculate a unique keyID for a RSA Private Key.
Configuration menu - View commit details
-
Copy full SHA for 5f46880 - Browse repository at this point
Copy the full SHA 5f46880View commit details -
trim spaces and newlines around PEM block
We need to make sure to trim spaces and newlines around the PEM blocks
Configuration menu - View commit details
-
Copy full SHA for 7c1074a - Browse repository at this point
Copy the full SHA 7c1074aView commit details -
mention that we follow the securesystemslib regarding key generation for keeping interoperability.
Configuration menu - View commit details
-
Copy full SHA for dd2bd38 - Browse repository at this point
Copy the full SHA dd2bd38View commit details
Commits on Jul 8, 2020
-
With a generic LoadKey function we have several advantages. First we can reduce our code surface, because we just need to take care about one function for loading keys. Second the LoadKey function will automatically infer the right pem and key type. This makes the function very easy to use.
Configuration menu - View commit details
-
Copy full SHA for 2633831 - Browse repository at this point
Copy the full SHA 2633831View commit details -
Make sure to use the new generic LoadKey function for all our test cases
Configuration menu - View commit details
-
Copy full SHA for b8a5023 - Browse repository at this point
Copy the full SHA b8a5023View commit details
Commits on Jul 9, 2020
-
enhance documentation + more readable pem parser section
Make sure to always add a return value description + make the PEM parser section more readable. We could move this block into an own function in the future and maybe make a dispatch table out of it.
Configuration menu - View commit details
-
Copy full SHA for fa002a2 - Browse repository at this point
Copy the full SHA fa002a2View commit details -
move parsing to ParseKey function + enhance error handling
We are introducing two new error types "ErrFailedPEMParsing", "errNoPEMBlock" and "ErrUnsupportedKeyType". We also use error wrapping as stated in: https://blog.golang.org/go1.13-errors Furthermore the parsing has its own function now.
Configuration menu - View commit details
-
Copy full SHA for e924233 - Browse repository at this point
Copy the full SHA e924233View commit details -
add more generic GenerateSignature function
The generic GeneratureSignature function will automatically detect the right key, return an error if we have an invalid key and sign the signable data. Also it utilizes our new error types. TODO: implementing ed25519 signature. I am not sure yet, if we can store ed25519 PEM blocks in our in-memory key data. If yes, the part will be a little bit different to the current GenerateEd25519Signature function
Configuration menu - View commit details
-
Copy full SHA for 1c2415e - Browse repository at this point
Copy the full SHA 1c2415eView commit details -
Use the new LoadKey function for loading keys, this is not yet implemented for ed25519 keys, because our test keys are still in custom JSON format. This will be changed
Configuration menu - View commit details
-
Copy full SHA for 65a734f - Browse repository at this point
Copy the full SHA 65a734fView commit details
Commits on Jul 13, 2020
-
implement generic VerifySignature
We now have a generic VerifySignature that automatically retrieves the key type based on the passed key. With this function we are now able to drop all tests that did RSA or ed25519 specific key operations
Configuration menu - View commit details
-
Copy full SHA for 5ee4dca - Browse repository at this point
Copy the full SHA 5ee4dcaView commit details -
add valid ed25519 PEM key testdata
This fixes a few ed25519 tests by adding valid ed25519 keys encoded as PEM (ASN.1 DER) Blocks.
Configuration menu - View commit details
-
Copy full SHA for 7b2d7fa - Browse repository at this point
Copy the full SHA 7b2d7faView commit details -
fix InTotoRun + fix test with new signature
Our generic ParseKey function returns an interface on ed25519.PrivateKey *not* on *ed25519.PrivateKey, therefore we have to use the right one. I've also modified the test data, because we have generated a new ed25519 key. Therefore our ID and signature didn't match anymore
Configuration menu - View commit details
-
Copy full SHA for 885c743 - Browse repository at this point
Copy the full SHA 885c743View commit details -
We have changed our on-disk key format. So the bob test data is no longer necessary
Configuration menu - View commit details
-
Copy full SHA for ec46fd0 - Browse repository at this point
Copy the full SHA ec46fd0View commit details -
store ed25519 keys as hex encoded strings
For interoperability with the securesystemslib and the in-toto python implementation we are defining an exception for the ed25519 key and loading it hex encoded as string directly into memory. For this we need to read the ed25519 key from the PEM on-disk format and operate directly on the ed25519 key object
Configuration menu - View commit details
-
Copy full SHA for 81f0894 - Browse repository at this point
Copy the full SHA 81f0894View commit details
Commits on Jul 21, 2020
-
Add comment for dropping rest of PEM block parsing
We need to mention, that we drop the rest of the pam.Decode() call, because it does not represent a valid PEM block. Additionally we do not care about other data, than the actual key
Configuration menu - View commit details
-
Copy full SHA for cc2a58e - Browse repository at this point
Copy the full SHA cc2a58eView commit details -
Configuration menu - View commit details
-
Copy full SHA for c31d709 - Browse repository at this point
Copy the full SHA c31d709View commit details -
The TestMetaBlockSignWithEd25519 used our custom JSON format and different loading functions, that do not exist anymore. Therefore we can remove it.
Configuration menu - View commit details
-
Copy full SHA for 1ac76f0 - Browse repository at this point
Copy the full SHA 1ac76f0View commit details -
remove outdated keylib test cases
We dropped support for the non generic key parsing functions.
Configuration menu - View commit details
-
Copy full SHA for a2825c5 - Browse repository at this point
Copy the full SHA a2825c5View commit details -
Add new test data + description
This commit adds new PKCS8 and EC private/public key pairs for testing. Furthermore it adds a new README.md file in test/data that lists all of our test artifacts + a description for them
Configuration menu - View commit details
-
Copy full SHA for 0a28c13 - Browse repository at this point
Copy the full SHA 0a28c13View commit details -
Add tests for new generic functions
Our new generic functions needed testing. This adds testing for all generic functions, especially ed25519 and ecdsa unsupported key checking. TODO: In the future we want to support ecdsa keys
Configuration menu - View commit details
-
Copy full SHA for 0acd97f - Browse repository at this point
Copy the full SHA 0acd97fView commit details
Commits on Jul 22, 2020
-
This adds more test coverage for the Generate/Verify functions
Configuration menu - View commit details
-
Copy full SHA for e601861 - Browse repository at this point
Copy the full SHA e601861View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4379ac5 - Browse repository at this point
Copy the full SHA 4379ac5View commit details -
We just remove the slashes and make this test windows compatible. Full paths should be covered. For the future we should use path() for paths, for being consistent through different OS.
Configuration menu - View commit details
-
Copy full SHA for ad07bd6 - Browse repository at this point
Copy the full SHA ad07bd6View commit details
Commits on Jul 23, 2020
-
Configuration menu - View commit details
-
Copy full SHA for d71ce00 - Browse repository at this point
Copy the full SHA d71ce00View commit details -
add test for dumping and loading a signed metablock
This adds a small test section for dumping and loading signed links. It will dump a link to a file and load it. Looks like we have an issue with our dump function, because the dumped file wrong.
Configuration menu - View commit details
-
Copy full SHA for 01da883 - Browse repository at this point
Copy the full SHA 01da883View commit details
Commits on Jul 24, 2020
-
try to fix unmarshalling type errors
This commit adds a new Byproducts struct as representation for our byproducts. This is necessary, because Go unmarshalls number interfaces values to float.
Configuration menu - View commit details
-
Copy full SHA for e43522d - Browse repository at this point
Copy the full SHA e43522dView commit details
Commits on Jul 25, 2020
-
Revert "try to fix unmarshalling type errors"
This reverts commit e43522d.
Configuration menu - View commit details
-
Copy full SHA for adfdd99 - Browse repository at this point
Copy the full SHA adfdd99View commit details -
Fix inconsistent link dumping/loading
Before this commit we used []byte64 and int in our in-memory link representation. This lead to numerous issues: 1. Using []byte64 for stderr/stdout meant, that we dump them as base64 in our JSON file. This was inconsistent to our in-toto python implementation, that stores output as strings in JSON files. 2. Go unmarshalls a number as float64, therefore we can't easily store the return-value as integer, although an integer would be a better choice. Storing it as a integer, would cost rewrites of the complete model and model testing.
Configuration menu - View commit details
-
Copy full SHA for 455f141 - Browse repository at this point
Copy the full SHA 455f141View commit details
Commits on Jul 27, 2020
-
This commit adds more documentation to our test functions and keylib functions
Configuration menu - View commit details
-
Copy full SHA for a4a40ae - Browse repository at this point
Copy the full SHA a4a40aeView commit details
Commits on Jul 28, 2020
-
This commit adds support for the ecdsa key scheme. We should support all FIPS 186-3 curves out of the box. However, we must note, that if we ever upgrade our hashing algorithm from SHA256, the code will get more complex, because the hash size must satisfy the curve size, otherwise the hash may get truncated. The latter could result in a security vulnerability (forming a hash, which truncated part is equal to the truncated part of the to verified bytes). Furthermore, we do no curve detection here and just save the signature parts r and s into a byte slice without a fixed length. Also it's still unclear if r and s are always the same of the size
Configuration menu - View commit details
-
Copy full SHA for 84c9874 - Browse repository at this point
Copy the full SHA 84c9874View commit details -
Remove unnecessary byte transformations
We can directly cast key.KeyVal.(Public|Private) to a byte slice. No need, for the string reader.
Configuration menu - View commit details
-
Copy full SHA for 1b7c8f5 - Browse repository at this point
Copy the full SHA 1b7c8f5View commit details
Commits on Jul 29, 2020
-
add missing case for ecdsa public key
This adds a missing case for ecdsa public key. The RSA and ecdsa key cases can be merged, maybe.
Configuration menu - View commit details
-
Copy full SHA for 5b8743d - Browse repository at this point
Copy the full SHA 5b8743dView commit details -
Before this commit we used two times r instead of r and s. Of course ecdsa validation failed, because of this.
Configuration menu - View commit details
-
Copy full SHA for a275a25 - Browse repository at this point
Copy the full SHA a275a25View commit details -
Complete Rewrite of keylib_test.go
This commit rewrites the keylib tests completely from scratch. I have replaced all tests against table based testing methods The LOC shrinked from over 500 to under 100.
Configuration menu - View commit details
-
Copy full SHA for 4910972 - Browse repository at this point
Copy the full SHA 4910972View commit details
Commits on Jul 30, 2020
-
implement proper ecdsa signature encoding
We now use ASN1.DER for encoding the ecdsa signature parameters r and s. This fixes our problems with different r and s lengths. Furthermore it is the same way to deal with the signature as in our securesystemslib and it is therefore the interoperable way to handle an ecdsa signature. With Go 1.15 we might can switch to new ecdsa ASN1Sign methods, if necessary.
Configuration menu - View commit details
-
Copy full SHA for 79383c9 - Browse repository at this point
Copy the full SHA 79383c9View commit details
Commits on Jul 31, 2020
-
this commit adds various new test cases for increasing the test coverage. Sadly, we still need to use the legacy error string comparing for a few. Maybe we can wrap them in an our own errors in the future?
Configuration menu - View commit details
-
Copy full SHA for af0cf4c - Browse repository at this point
Copy the full SHA af0cf4cView commit details
Commits on Aug 2, 2020
-
add ecdsa support for Metablock.Sign()
Adds the "ecdsa" case to our Metablock.Sign function. Also adds a test case for an invalid ed25519 key.
Configuration menu - View commit details
-
Copy full SHA for bd1a6b6 - Browse repository at this point
Copy the full SHA bd1a6b6View commit details -
Our old key validation functions were not valid anymore. For example, we do compute the public key from a private key now. So every key object should have a public key. Furthermore this commit introduces our own error types for better error handling.
Configuration menu - View commit details
-
Copy full SHA for 2d7b3d2 - Browse repository at this point
Copy the full SHA 2d7b3d2View commit details -
cover new key object validation + more key lib tests
This commit adds more tests for key object validation, also we *really* use the key object validation functions now, during generating a keyID
Configuration menu - View commit details
-
Copy full SHA for 3a3d274 - Browse repository at this point
Copy the full SHA 3a3d274View commit details
Commits on Aug 6, 2020
-
frank.ec was only necessary for generating the ECDSA PEM keys. Therefore we can delete it.
Configuration menu - View commit details
-
Copy full SHA for 089dd4c - Browse repository at this point
Copy the full SHA 089dd4cView commit details -
remove switch block in Metablock.Sign
The switch block logic moved inside of the GenerateSignature function, thus we can drop this extra switch block inside of Metablock.Sign. This fixes also the long-time FIXME in it :)
Configuration menu - View commit details
-
Copy full SHA for e22b3cd - Browse repository at this point
Copy the full SHA e22b3cdView commit details -
The carol-invalid key is not necessary anymore, thus we can remove it.
Configuration menu - View commit details
-
Copy full SHA for 2db25b7 - Browse repository at this point
Copy the full SHA 2db25b7View commit details -
Here we fix a small spelling issue and add more documentation for a few functions, that were missing documentation
Configuration menu - View commit details
-
Copy full SHA for f4ee8ae - Browse repository at this point
Copy the full SHA f4ee8aeView commit details -
use Go 1.13's IsZero() for checking for an uninitialized Key
The keyID may be empty, so we check for an unitialized Key object instead. For this we prefer using reflect.ValueOf(key).IsZero() over reflect.DeepEqual(), because DeepEqual is more resource intensive.
Configuration menu - View commit details
-
Copy full SHA for f9e328a - Browse repository at this point
Copy the full SHA f9e328aView commit details -
We can drop the legacy error string comparing via using Go 1.13 errors.Is() function for comparing the unwrapped errors.
Configuration menu - View commit details
-
Copy full SHA for 2a7e225 - Browse repository at this point
Copy the full SHA 2a7e225View commit details
Commits on Aug 7, 2020
-
In this commit we fix various spelling errors, deliver more detailed documentation and change the default error message of ErrInvalidKeyType.
Configuration menu - View commit details
-
Copy full SHA for 5bce89f - Browse repository at this point
Copy the full SHA 5bce89fView commit details -
use constant strings for keytypes
This commit introduces three new constants called: rsaKeytype, ecdsaKeytype and ed25519KeyType. With these constants we are able to easily change the keytype if necessary, without finding/replacing strings.
Configuration menu - View commit details
-
Copy full SHA for 16a79ec - Browse repository at this point
Copy the full SHA 16a79ecView commit details -
implement scheme and keytype checking
This bigger commit introduces new errors for key and scheme type checking. We also have another helper function in utils.go for checking for subsets in a superset of string slices. Furthermore it adds various tests for the new functions
Configuration menu - View commit details
-
Copy full SHA for b3da496 - Browse repository at this point
Copy the full SHA b3da496View commit details -
Configuration menu - View commit details
-
Copy full SHA for c426bcb - Browse repository at this point
Copy the full SHA c426bcbView commit details -
implement a decodeAndParse function to minimize copy-paste code
The decodeAndParse function decodes the given pemBytes and parses a key.
Configuration menu - View commit details
-
Copy full SHA for 6cb021a - Browse repository at this point
Copy the full SHA 6cb021aView commit details
Commits on Aug 8, 2020
-
call validateKey before signing signable data and validating signatures
This commit adds a call to validateKey to the GenerateSignature and ValidateSignature functions. This way we can ensure, that we are always dealing with a good key. This commit also provides modified tests and more test cases
Configuration menu - View commit details
-
Copy full SHA for 86d191d - Browse repository at this point
Copy the full SHA 86d191dView commit details
Commits on Aug 12, 2020
-
use type assertion in GenerateSignature/ValidateSignature
This commit untangles validateKey and validateKeyVal. We do not parse keys twice in GenerateSignature/ValidateSignature now. Instead we call validateKey for validating the key container and then using type assertions for checking for the right key type.
Configuration menu - View commit details
-
Copy full SHA for 52fe163 - Browse repository at this point
Copy the full SHA 52fe163View commit details -
introduce constants for the schemes
We now use constants for the supported Key schemes.
Configuration menu - View commit details
-
Copy full SHA for 4ce8e4c - Browse repository at this point
Copy the full SHA 4ce8e4cView commit details -
use panic for the default switch cases
We can call a panic if we run into code, where we never should get.
Configuration menu - View commit details
-
Copy full SHA for 49ee808 - Browse repository at this point
Copy the full SHA 49ee808View commit details -
add Scheme checking in Sign + Verify
This commit adds a key.Scheme switch in the GeneratureSignature and VerifySignature functions. This only applies to ecdsa and rsa, because ed25519 is SHA512 only, due to following the edDSA spec.
Configuration menu - View commit details
-
Copy full SHA for e338568 - Browse repository at this point
Copy the full SHA e338568View commit details -
unexport all functions in Keylib except Load,Sign,Verify
We should hide most of the functions in keylib.go. Devs using our API should only use our exported functions LoadKey, GenerateSignature and VerifySignature.
Configuration menu - View commit details
-
Copy full SHA for 3c4832c - Browse repository at this point
Copy the full SHA 3c4832cView commit details
Commits on Aug 13, 2020
-
We set the correct ecdsa schemes as constants. Right now we don't really differ between curves, because Go's crypto/(ecdsa|x509) are fully transparent with curves. If we want to differ between curves we might need to add addition logic, right now it's up to the developer, to choose the right scheme for the right curve.
Configuration menu - View commit details
-
Copy full SHA for 3dddc66 - Browse repository at this point
Copy the full SHA 3dddc66View commit details
Commits on Aug 14, 2020
-
call panic for never reached default cases
We have a few default cases, that were never reached due to validateKey() at the beginning of the function. Let's call a panic, if we run into such a situation.
Configuration menu - View commit details
-
Copy full SHA for 075e168 - Browse repository at this point
Copy the full SHA 075e168View commit details -
Fix various strings and documentation
This commit addresses various spelling issues, substantial mistakes or adds more documentation.
Configuration menu - View commit details
-
Copy full SHA for 236acb8 - Browse repository at this point
Copy the full SHA 236acb8View commit details -
add todo for subsetCheck function
This adds a short comment/todo to our subsetCheck function. In the future we might want to use Sets for our constant getters.
Configuration menu - View commit details
-
Copy full SHA for 111dd2f - Browse repository at this point
Copy the full SHA 111dd2fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5d51843 - Browse repository at this point
Copy the full SHA 5d51843View commit details
Commits on Aug 15, 2020
-
remove misleading support for ecdsa-sha2-nistp384
This commits removes the misleading support for ecdsa-sha2-nistp384.
Configuration menu - View commit details
-
Copy full SHA for d1bf3c1 - Browse repository at this point
Copy the full SHA d1bf3c1View commit details
Commits on Aug 16, 2020
-
implement validatePublicKey + tests
with this commit implements the validatePublicKey function, for checking if we deal with a public key. If the private key value field is not empty, it will fail with the error ErrNoPublicKey. We also call this method in validateLayout from now on.
Configuration menu - View commit details
-
Copy full SHA for 64b5325 - Browse repository at this point
Copy the full SHA 64b5325View commit details
Commits on Aug 17, 2020
-
keyIdHashAlgorithms is now optional + fix tests
In this commit, we make Key.KeyIdHashAlgorithms optional. We only check the field now, if the field has been initialized. Furthermore this commit fixes a few tests and removes tests, that are not needed anymore.
Configuration menu - View commit details
-
Copy full SHA for fa94594 - Browse repository at this point
Copy the full SHA fa94594View commit details -
add comment about ecdsa interoperability
in-toto-golang behaves a little bit different to the securesystemslib. We should mention, that we use ecdsa/ecdsa-sha2-nistp256 pairs instead of ecdsa-sha2-nistp256 for key type and key scheme.
Configuration menu - View commit details
-
Copy full SHA for 1ac47be - Browse repository at this point
Copy the full SHA 1ac47beView commit details -
This adds the missing 'd' to the deadbeef test. We now check for a missing keyfield there.
Configuration menu - View commit details
-
Copy full SHA for c25b937 - Browse repository at this point
Copy the full SHA c25b937View commit details
Commits on Aug 20, 2020
-
Remove done items from README todo
in-toto-golang now supports all signing methods from the reference implementation and has a fully-fledged runlib, to generate signed link metadata. Big kudos to @shibumi! Signed-off-by: Lukas Puehringer <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 70fdec2 - Browse repository at this point
Copy the full SHA 70fdec2View commit details