Skip to content

pkg/signature: expose Algorithm Details information #2001

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Mar 4, 2025
Merged

pkg/signature: expose Algorithm Details information #2001

merged 3 commits into from
Mar 4, 2025

Conversation

ret2libc
Copy link
Contributor

@ret2libc ret2libc commented Mar 3, 2025

Summary

As we make Sigstore ecosystem more crypto agile, we need various parts to know what they are dealing with. For example, one may want to get information about the hash function to be used with a public key of a given type. Clients may want to enforce some signing algorithms and need to know which hash/options to use for a particular key or for a specific signing algorithm.

For now, I see this being used in fulcio to associate a hash function to a given public key.

Release Note

  • Introduce the AlgorithmDetails interface and the GetAlgorithmDetails function to get information about an algorithm given a PublicKeyDetails value (defined in protobuf-specs).

Documentation

None

@ret2libc ret2libc requested a review from a team as a code owner March 3, 2025 14:15
@ret2libc
pkg/signature: expose Algorithm Details information
fbba040 
Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>
@ret2libc ret2libc force-pushed the algorithm-registry-expose-info2 branch from 0c6f95f to fbba040 Compare March 3, 2025 14:25
haydentherapper
haydentherapper reviewed Mar 3, 2025
View reviewed changes
@haydentherapper haydentherapper mentioned this pull request Mar 3, 2025
Merged
ret2libc added 2 commits March 4, 2025 16:11
@ret2libc
pkg/signature: remove AlgorithmDetails interface and just use struct
104a174 
Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>
@ret2libc
pkg/signature: add comments to exported functions
f93ce6a 
Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>
@ret2libc ret2libc requested a review from haydentherapper March 4, 2025 15:21
@haydentherapper haydentherapper merged commit a304698 into sigstore:main Mar 4, 2025
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haydentherapper haydentherapper haydentherapper approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ret2libc @haydentherapper