sigstore-rs issues

Results 65 sigstore-rs issues

Sort by recently updated

JSON canonicalization uses multiple libraries.

**Description** Different parts of code use different libraries for JSON canonicalization. **Examples:** https://github.com/sigstore/sigstore-rs/blob/d5ba303182318495a081d1c4ad50d5c27be015cc/src/sign.rs#L327-L332 https://github.com/sigstore/sigstore-rs/blob/d5ba303182318495a081d1c4ad50d5c27be015cc/src/cosign/bundle.rs#L81-L88

vembacher

enhancement

Merkle tree proof implementation

#### Summary Related to: #283 This adds implementations for: - consistency proofs - inclusion proofs - checkpoint/STH related functionality The Merkle proofs are essentially ports of the [transparency-dev implementations](https://github.com/transparency-dev/merkle/tree/036047b5d2f7faf3b1ee643d391e60fe5b1defcf/proof), including...

vembacher

Support staging tests in conformance tests

sigstore-conformance 0.11 supports testing against staging infrastructure. This requires two things: * Support the optional `--staging` in all commands of the conformance client `tests/conformance/conformance.rs` , see [CLI protocol](https://github.com/sigstore/sigstore-conformance/blob/main/docs/cli_protocol.md) * Add...

jku

enhancement

verify: init

#### Summary Complementary half of #310, enable the verification of bundles: ```sh $ cargo run --manifest-path tests/conformance/Cargo.toml -- sign-bundle --bundle bundle.txt.sigstore --identity-token $(sigstore-python get-identity-token) bundle.txt # ... Operation succeeded! $...

jleightcap

Minimal dependency versions

**Description** Looking at sigstore-rs's Cargo.toml today, most of the dependencies use highly specific version numbers. As someone who uses sigstore-rs downstream, this leaves my application in a bit of a...

tannaurus

enhancement

Signed Certificate Timestamp verification

~~Blocked on #311.~~ #### Summary Adds Signed Certificate Timestamp verification and hooks it up to the bundle signing flow. SCT verification ensures that the signing certificate in a given operation...

tnytown

Support for inclusion/consistency proofs and checkpoint/STH verification.

## Summary I would like to see support for inclusion/consistency proofs and checkpoints/STH. Also related: #274 ## Reasoning - inclusion proofs: enable stricter bundle/log entry verification compared to only verifying...

vembacher

enhancement

Route away from experimental to 1.0

I would like us to consider what would it look like where we are no longer experimental and can cut a release a 1.0. Aspects to consider... Do we have...

lukehinds

bug

Refactor: switch to `ring` library

**Description** A long time ago we moved away from the `ring` crate to a constellation of pure-rust cryptographic libraries. We did the switch because the `ring` library did not build...

flavio

enhancement

test: bundles + conformance suite

#### Summary xref #310, #311 #### Release Note #### Documentation

jleightcap

sigstore-rs
sigstore-rs copied to clipboard

Metadata

JSON canonicalization uses multiple libraries.

Merkle tree proof implementation

Support staging tests in conformance tests

verify: init

Minimal dependency versions

Signed Certificate Timestamp verification

Support for inclusion/consistency proofs and checkpoint/STH verification.

Route away from experimental to 1.0

Refactor: switch to `ring` library

test: bundles + conformance suite

← Metadata

Owner

Metadata

sigstore-rs sigstore-rs copied to clipboard

Metadata

← Metadata

Owner

Metadata

sigstore-rs
sigstore-rs copied to clipboard