mirror of
https://github.com/moby/moby.git
synced 2026-01-11 18:51:37 +00:00
3874ca5984
Currently requires replace rule for swarmkit etcd. BuildKit itself doesn't use etcd but version gets bumped via unused dependency. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
sshsig
This Go library implements the SSHSIG wire protocol, and
can be used to sign and verify messages using SSH keys.
Compared to other implementations, this library does all the following:
- Accepts an
io.Readeras input for signing and verifying messages. - Performs simple public key fingerprint and namespace mismatch checks in
Verify. Malicious input will still fail signature verification, but this provides more useful error messages. - Properly uses
ssh-sha2-512as signature algorithm when signing with an RSA private key, as described in the protocol. - Does not accept a
Signoperation without anamespaceas specified in the protocol. - Allows
Verifyoperations to be performed without anamespace, ensuring compatibility with loose implementations. - Provides
ArmorandUnarmorfunctions to encode/decode the signature to/from an (armored) PEM format.
For more information about the use of this library, see the Go Reference.
Acknowledgements
There are several other implementations of the SSHSIG protocol in Go, from
which this library has borrowed ideas:
- go-sshsig by Paul Tagliamonte
- Sigstore Rekor from the Sigstore project