aboutsummaryrefslogtreecommitdiff
path: root/patatt
AgeCommit message (Collapse)Author
2021-06-09Update patatt to 0.4.6Konstantin Ryabitsev
This fixes the problem that was supposed to be fixed in 0.4.5. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-06-03Update patatt to 0.4.5Konstantin Ryabitsev
Fixes wrong error message for keys coming from default keyring. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-28Update to version 0.4.4 of patattKonstantin Ryabitsev
Fixes public key lookups for uncommmitted keys. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-26Check uids on the key when using default keyringKonstantin Ryabitsev
When the signature is validated using the default keyring, run an additional check on the UIDs and show the discrepancy if the identity used in the X-Developer-Signature header is different from the UIDs we have on the key. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-25Bump patatt to 0.4.2Konstantin Ryabitsev
This version returns a failure early when body modification is recognized. This is especially useful if we have to shell out to gnupg for validation. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-21Update patatt to 0.4.1Konstantin Ryabitsev
Minor bugfix release with better error messages for installs without any keys and unconfigured git. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-21Update patatt submodule to version 0.4.0Konstantin Ryabitsev
Not really necessary, but let's keep them synced across major versions. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-13Update patatt submodule to 0.3.0Konstantin Ryabitsev
Nothing really different in 0.3.0, just a few cleanups. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-11Reimplement attestation code one more timeKonstantin Ryabitsev
Move end-to-end attestation code into its own library: patatt. See https://git.kernel.org/pub/scm/utils/patatt/patatt.git/about/ It is included into b4 as a submodule, but you will need to init it first: git submodule update --init This change significantly simplifies our attestation code, dropping thousands of lines of rather hairy code. Notably, patatt-style attestation is incompatible with previous attestation implementations done directly in b4, but that's just as well -- we've always marked it as "experimental" and the lack of adoption was proving that we weren't on the right path. Next to come is keyring management and documentation. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Generated by cgit. Colors based on the Modus themes.