Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CertExtensions func to extract all extensions #1515

Merged
merged 2 commits into from
Feb 26, 2022
Merged

Add CertExtensions func to extract all extensions #1515

merged 2 commits into from
Feb 26, 2022

Conversation

ckotzbauer
Copy link
Contributor

Signed-off-by: Christian Kotzbauer git@ckotzbauer.de

Summary

This adds a CertExtensions function to the signature package to extract all extensions from a cert and return them as map. The map-key is either a human-readable name or the extensionID (if no name is specified in the mapping).
I did not remove the CertIssuerExtension func for backward compatibility.

Ticket Link

close #1456

Release Note

Add CertExtensions func to extract all extensions

/cc @JimBugwadia

@ckotzbauer
Add CertExtensions func to extract all extensions
3654a92 
Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>
asraa
asraa reviewed Feb 25, 2022
View reviewed changes
Copy link
Contributor

@asraa asraa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey just curious! Do you actually see extensions for trigger and sha on fulcio issued certs in the last few weeks?

(see sigstore/fulcio#437)

@ckotzbauer
Copy link
Contributor Author

@asraa Yes, I signed some stuff earlier this day with GH and all extensions added with sigstore/fulcio#306 where there.

haydentherapper
haydentherapper reviewed Feb 25, 2022
View reviewed changes
pkg/signature/keys.go Outdated Show resolved Hide resolved
pkg/signature/keys.go Outdated Show resolved Hide resolved
@ckotzbauer
Renamed issuer to oidcIssuer
cb497a8 
Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>
@dlorenc dlorenc merged commit c8e152a into sigstore:main Feb 26, 2022
@github-actions github-actions bot added this to the v1.6.0 milestone Feb 26, 2022
@ckotzbauer ckotzbauer deleted the feature/cert-extensions branch February 27, 2022 08:13
coyote240 pushed a commit to coyote240/cosign that referenced this pull request Mar 1, 2022
@ckotzbauer
Add CertExtensions func to extract all extensions (sigstore#1515)
b259e80 
* Add CertExtensions func to extract all extensions

Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>

* Renamed issuer to oidcIssuer

Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>
mlieberman85 pushed a commit to mlieberman85/cosign that referenced this pull request May 6, 2022
@ckotzbauer @mlieberman85
Add CertExtensions func to extract all extensions (sigstore#1515)
2679bf6 
* Add CertExtensions func to extract all extensions

Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>

* Renamed issuer to oidcIssuer

Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@asraa asraa asraa left review comments

@haydentherapper haydentherapper haydentherapper left review comments

@dlorenc dlorenc dlorenc approved these changes

@JimBugwadia JimBugwadia JimBugwadia approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.6.0
Development

Successfully merging this pull request may close these issues.

Extract more certificate-extensions for validation
5 participants
@ckotzbauer @dlorenc @asraa @JimBugwadia @haydentherapper