- Jul 28, 2021
-
-
Hector Fernandez authored* fix: port flag override Signed-off-by:
Hector Fernandez <hectorj@gmail.com>
* chore: update rekor_server.port old references
Signed-off-by: Hector Fernandez <hectorj@gmail.com>
-
- Jul 20, 2021
-
-
asraa authored
* generalize signed checkpoint Signed-off-by:
Asra Ali <asraa@google.com>
* store note as text representation
Signed-off-by: Asra Ali <asraa@google.com>
* cleanup diff
Signed-off-by: Asra Ali <asraa@google.com>
* simplify
Signed-off-by: Asra Ali <asraa@google.com>
* use signer/verifier
Signed-off-by: Asra Ali <asraa@google.com>
* address dan comments
Signed-off-by: Asra Ali <asraa@google.com>
-
- Jul 01, 2021
-
-
Bob Callaway authored
* Move GetRekorClient into util directory Since other sigstore projects are using GetRekorClient, this moves it into the pkg/util directory so that the number of dependencies this brings with it can be minimized. Signed-off-by:
Bob Callaway <bob.callaway@gmail.com>
* move to pkg/client
Signed-off-by: Bob Callaway <bob.callaway@gmail.com>
-
- Jun 07, 2021
-
-
Bob Callaway authored
* Convert STH to checkpoint format This switches away from sending the (now deprecated) Trillian LogRootV1 format over to the checkpoint format documented at https://github.com/google/trillian-examples/tree/master/formats/log Fixes: #313 Signed-off-by:
Bob Callaway <bob.callaway@gmail.com>
-
- Apr 16, 2021
-
-
priyawadhwa authored
* Update trillian dependency to master This removes calls to the trillian verifier and replaces them with calls to a new rekor verify package! The `verify` package currently only verifies the signed log root. Signed-off-by:
Priya Wadhwa <priyawadhwa@google.com>
* Fix lint
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Add verifier back in and update trillian images
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Make verify private
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Address code review comments
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Roll back to trillian v1.3.13
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Pin trillian to latest commit
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
-
- Apr 15, 2021
-
-
priyawadhwa authored
* Add signing package for signing within rekor Signed-off-by:
Priya Wadhwa <priyawadhwa@google.com>
* Remove public key from trillian and add in TODO for getting public key from Signer
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Create signer flag and store signer in api struct
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Remove public key from tlog in API, replace with a new pubkey tag
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Make sure we can get the public key locally
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Fix build error
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Reuse cosign implementation of signing interface
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* fix lint
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Add in-memory signer, store unmarshaled public key in api
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Temporarily skip the log_info test, since we are now getting the public key from rekor and not trillian
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Replace cosign import with sigstore
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Add unit test for memory signer
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Remove unnecessary code
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* skip test
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Sign the signature for the signed log root ourselves
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com>
* Include memory as a signer option for signer flag, make memory default
Signed-off-by: Priya Wadhwa <priyawadhwa@google.com> -
Carlos Tadeu Panato Junior authored
* update boilerplate header and apply go fmt Signed-off-by:
Carlos Panato <ctadeu@gmail.com>
* lints: fix golangci-lint issues
Signed-off-by: Carlos Panato <ctadeu@gmail.com>
* updated based on feedback
Signed-off-by: Carlos Panato <ctadeu@gmail.com>
-
- Apr 12, 2021
-
-
Dan Lorenc authored
This is changing as part of the general trillian signature changes. The trust model is still client -> database, our server trusts our database so we can pass signed messages on directly to users without double verification. Signed-off-by:Dan Lorenc <dlorenc@google.com>
-
- Mar 26, 2021
-
-
Dan Lorenc authored
This makes the binaries "go installable" by their canonical names. Signed-off-by:Dan Lorenc <dlorenc@google.com>
-
- Mar 18, 2021
-
-
axel simon authored
Signed-off-by:axelsimon <github@axelsimon.net>
-
- Mar 16, 2021
-
-
Dan Lorenc authored
them to GCS. We don't always have a new one, and under load there might be "batches" of entries all integrated into the same STH. This means there is no guaranteed frequency of updates or even a guarantee that every index will exist. The values (and timestamps) should be monotonically increasing though. Signed-off-by:Dan Lorenc <dlorenc@google.com>
-