mirror of
https://github.com/project-zot/zot.git
synced 2025-01-13 22:50:38 -05:00
41b05c60dd
In order to verify signatures, users could upload their certificates and public keys using these routes: -> for public keys: /v2/_zot/ext/mgmt?resource=signatures&tool=cosign -> for certificates: /v2/_zot/ext/mgmt?resource=signatures&tool=notation&truststoreType=ca&truststoreName=name Then the public keys will be stored under $rootdir/_cosign and the certificates will be stored under $rootdir/_notation/truststore/x509/$truststoreType/$truststoreName. Also, for notation case, the "truststores" field of $rootir/_notation/trustpolicy.json file will be updated with a new entry "$truststoreType:$truststoreName". Also based on the uploaded files, the information about the signatures validity will be updated periodically. Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com> |
||
|---|---|---|
| .. | ||
| config | ||
| constants | ||
| errors | ||
| authn.go | ||
| authz.go | ||
| controller.go | ||
| controller_test.go | ||
| ldap.go | ||
| routes.go | ||
| routes_test.go | ||
| session.go | ||