Documentation
¶
Overview ¶
Package git provides higher level funcs for signing and verifying Git commits. Functions here generally tie together low level signature writing and Sigstore components together into useful abstractions for working with Git objects.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func LegacySHASign ¶ added in v0.7.0
func LegacySHASign(ctx context.Context, rekor rekor.Writer, ident *fulcio.Identity, data []byte, opts signature.SignOptions) (*signature.SignResponse, error)
LegacySHASign is the old-style signing that signs the commit content, but uploads a signed SHA to Rekor. Verification for this style of signing relies on the Rekor Search API to match the signed SHA + commit content certs, and cannot be done offline. This may be removed in the future.
func Sign ¶
func Sign(ctx context.Context, rekor rekor.Writer, ident *fulcio.Identity, data []byte, opts signature.SignOptions) (*signature.SignResponse, error)
Sign signs the commit, uploading a HashedRekord of the commit content to Rekor and embedding the Rekor log entry in the signature. This is suitable for offline verification.