Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: fix minisign prehashed entries #639

Merged
merged 1 commit into from
Feb 1, 2022
Merged

bug: fix minisign prehashed entries #639

merged 1 commit into from
Feb 1, 2022

Conversation

asraa
Copy link
Contributor

@asraa asraa commented Feb 1, 2022

Signed-off-by: Asra Ali asraa@google.com

Summary

See https://github.com/jedisct1/minisign/releases/tag/0.10

Prehashing is now enabled by default, regardless of the input size. Support for non-prehashed signatures will eventually be removed

Ticket Link

Fixes #633

Release Note

* bug fix: fixes verification of minisign pre-hashed entries. this is a backwards compatible fix that now supports the default pre-hashed entries from minisign v0.10

@asraa
fix minisign prehashed entries
93ac3e6 
Signed-off-by: Asra Ali <asraa@google.com>
@dlorenc dlorenc merged commit 8386f1d into sigstore:main Feb 1, 2022
@github-actions github-actions bot added this to the v1.0.0 milestone Feb 1, 2022
@asraa asraa mentioned this pull request Feb 2, 2022
Merged
@hslatman hslatman mentioned this pull request Dec 13, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlorenc dlorenc dlorenc approved these changes

@bobcallaway bobcallaway Awaiting requested review from bobcallaway

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.5.0
Development

Successfully merging this pull request may close these issues.

Trying to upload a signature created with minisign returns: failed to verify signature
2 participants
@asraa @dlorenc