sigstore-rs
sigstore-rs copied to clipboard
An experimental Rust crate for sigstore
Security CI runs are failing due to RUSTSEC-2021-0139 RUSTSEC-2021-0139 is flagged from ansi_term, which is a transient dependency on tracing-subscriber. As tracing-subscriber is a dev-dependency, I think we can safely...
Much like the go counterpart in sigstore/sigstore, implement key generation and a signer interface. This should provide the following: 1. Generate of a key pair using a provided alg (rsa,...
To keep things more tidy, each example is moved under its core function , for example `rekor` or `cosign`. A mapping is then made within `Cargo.toml`. This will make the...
Has a soft dependency on https://github.com/sigstore/sigstore-rs/pull/111 Signed-off-by: Luke Hinds #### Summary #### Release Note #### Documentation
Remove or change [parsing of Rekor response](https://github.com/sigstore/sigstore-rs/blob/main/src/rekor/apis/entries_api.rs#L61-L66) in `src/rekor/apis/entries_api.rs` once the [upstream issue](https://github.com/sigstore/rekor/issues/808) is fixed. Once upstream has a fix, we will be able to read this data in directly...
The original Rekor uses tree sizes equivalent to Rust's `i64`. Rekor-rs mixes `i32` and `i64`. Instead it should use only `i64` unless there is a good reason to do otherwise....
The current get log info example [reports that it may return an error](https://github.com/sigstore/sigstore-rs/blob/main/examples/rekor/get_log_info/main.rs#L29-L30). We should fix this bug so that it no longer returns an error. We can look to...
They are outdated. https://github.com/sigstore/sigstore-rs/blob/371b22af9d3ae49a5bcf7fd0bca963c75e39d8f5/src/rekor/lib.rs#L82-L83 https://github.com/sigstore/sigstore-rs/blob/371b22af9d3ae49a5bcf7fd0bca963c75e39d8f5/src/lib.rs#L203-L204
Here is the [reference](https://github.com/sigstore/sigstore-rs/blob/371b22af9d3ae49a5bcf7fd0bca963c75e39d8f5/src/rekor/apis/configuration.rs#L22).
The [formatting](https://github.com/sigstore/sigstore-rs/blob/371b22af9d3ae49a5bcf7fd0bca963c75e39d8f5/examples/get_public_key/main.rs#L37) could be improved, and also it would be reasonable to have an option to output this to a file at a path chosen by the user.