forked from sigstore/cosign
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add certificate chain flag for signing (sigstore#1656)
* Add certificate chain flag for signing This allows users to pass their own certificate chain to include in the OCI signature. The chain is checked for validity using the provided certificate. Also refactored the check for matching public keys using a method from sigstore/sigstore, comparing the certificate's key with the provided key. Also added this check when extracting the PKCS11 certificate. Certificate chains must be PEM-encoded. I changed the text of the certificate flag to also specify a preference for PEM encoding, but didn't remove the code that handles DER encoding for backwards compatibility. Signed-off-by: Hayden Blauzvern <hblauzvern@google.com> * Adding 3rd party licenses Signed-off-by: Hayden Blauzvern <hblauzvern@google.com> * Added check for empty chain Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
- Loading branch information
1 parent
4fb8950
commit db90d13
Showing
22 changed files
with
498 additions
and
99 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.