-
Notifications
You must be signed in to change notification settings - Fork 56
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create advertisements offline #96
Comments
Sorry, I don't understand what you mean by a "valid advertisement payload". The files that are generated by tang are done in the way you specified. Apart from that, tang uses a SHA mechanism to get the file names used by tang. This is done by using "jose jwk thp" But the content is generated similarly to the way you specified. If you check the file
As you can see, "jose jwk gen --input" is used (similar to what you posted), and the file name is calculated passing that output to "jose jwk thp --input=- -a S256" Hope this helps |
@sarroutbi Thank you for your reply!
Sorry, my explanation was probably not detailed enough. I am trying to generate the keys offline as well as what is returned by "http://<TANG_URL>/adv" with jose so that I would be able to use clevis with the tang pin even before the tang server was created.
Thanks for that pointer about the file names! |
I've figured it out. The advertisement seems to be a payload of the form |
Hi, is there a way to create the keys (under
/var/db/tang
) and advertisements offline without having tang installed by just using the jose cli?The key generation is mentioned in the docs:
but I'm not sure which command will output me a valid advertisement payload.
The text was updated successfully, but these errors were encountered: