dab6bdb18e
Merge pull request #121 from wlynch/tsa-inclusive
...
Make TSA timestamp checks inclusive.
2024-09-17 11:12:27 -04:00
bb29cbee8d
Merge pull request #143 from craigdfrench/patch-1
...
Update README.md to fix #141 to instruct that building from source needs to have a gcc based c compiler to compile.
2024-09-17 11:09:54 -04:00
3d9275d0bd
Merge branch 'main' into tsa-inclusive
2024-09-17 11:04:37 -04:00
8a2071658e
Merge pull request #151 from github/bump-dependencies
...
Bump the Go version and dependencies
2024-09-17 11:01:12 -04:00
aa75c7f2ea
Bump the Go version and dependencies
2024-09-17 10:51:36 -04:00
ca8cc3610c
Merge pull request #149 from github/combine-pull-request
...
Combine pull request
2024-09-16 14:53:25 -04:00
f33c0a9e95
Add skip for failing tests for now
2024-09-16 14:47:56 -04:00
c7b8a4bb0a
Replace deprecated SecTrustEvaluate and SecTrustGetCertificateAtIndex usages
2024-09-16 14:26:51 -04:00
1010540edd
Fix certstore windows cmsg type error when building using go v1.18
...
Signed-off-by: El Mostafa IDRASSI <el-mostafa.idrassi@prestalab.net>
2024-09-16 14:26:30 -04:00
c8d763ae50
Merge pull request #148 from github/vcsjones-patch-1
...
Update upload-artifacts to v4.
2024-09-16 14:21:07 -04:00
eff5733275
Update upload-artifacts to v4.
2024-09-16 14:18:05 -04:00
33d71861c0
Merge pull request #145 from github/rzhade3/fix-workflows
...
Upgrade Actions workflows
2024-09-16 14:14:10 -04:00
253d010501
Upgrade Actions workflows
2024-09-05 23:27:59 -04:00
d016478114
Merge pull request #94 from mangalaman93/patch-1
...
Fix README for ietf-cms
2024-08-22 11:58:54 -04:00
96172ff7a6
Merge pull request #109 from renbaoshuo/remove-git-io
...
chore: remove git.io
2024-08-22 11:57:13 -04:00
d8919a3894
Update README.md
...
Add step to ensure that gcc compiler is setup for building from source.
2024-07-20 17:14:11 -04:00
d8b113ce4f
Make TSA timestamp checks inclusive.
...
time.Before/After checks are exclusive, but these checks should be
inclusive.
From https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5 :
> The validity period for a certificate is the period of time from
> notBefore through notAfter, inclusive.
Signed-off-by: Billy Lynch <billy@chainguard.dev>
2022-11-10 18:08:16 -05:00
3c28fa51b2
chore: remove git.io
...
All links on git.io will stop redirecting after April 29, 2022.
- https://github.blog/changelog/2022-04-25-git-io-deprecation/
2022-04-27 17:23:52 +08:00
b0f5bc4117
Fix README for ietf-cms
...
The verify function return error as its second return value
2021-10-10 14:01:27 +05:30
3564e86011
Merge pull request #92 from github/update-godoc-links
...
Update some documentation links.
2021-10-09 21:13:42 -07:00
d70815fbc6
Update README.md
2021-10-09 21:13:06 -07:00
92f77ec73b
Update README.md
2021-10-09 21:13:03 -07:00
1af1925431
Update some documentation links.
2021-10-09 21:12:46 -07:00
bca45de0b1
Merge pull request #90 from github/release-v0.2.0
...
v0.2.0
2021-10-04 14:37:50 -07:00
892dee3d82
v0.2.0
...
Release notes:
- Three dependencies have now been moved into `github.com/smimesign` directly:
- `github.com/smimesign/certstore`
- `github.com/smimesign/fakeca`
- `github.com/smimesign/ietf-cms`
There are no other changes. The minor version bump delineates the presence of the new packages inside `smimesign` itself.
2021-10-04 13:30:39 -07:00
e650daf6ea
Merge pull request #84 from github/monorepo
...
Consolidate `smimesign`-specific dependencies into a monorepo.
2021-10-04 12:54:16 -07:00
1a37be2f81
Update some `README` paths.
2021-10-04 12:35:54 -07:00
a63c2e85a4
Consolidate `smimesign`-specific dependencies into a monorepo.
...
github.com/github/fakeca → github.com/github/smimesign/fakeca
github.com/github/certstore → github.com/github/smimesign/certstore
github.com/github/ietf-cms → github.com/github/smimesign/ietf-cms
2021-10-04 12:35:32 -07:00
ed54d09fc4
v0.1.2
...
Release notes:
- Update `github.com/github/ietf-cms` to address https://github.com/github/smimesign/issues/74
2021-09-27 18:22:45 -07:00
92f769d7fe
`go get github.com/github/ietf-cms`
2021-09-27 18:22:30 -07:00
80395c4a7d
v0.1.1
...
- No code changes
- Releases are now built with GitHub Actions and signed for Windows again.
2021-09-24 13:14:28 -07:00
bb0e51c811
Merge pull request #82 from github/build-and-sign-releases
...
Build, sign, and publish release binaries
2021-09-24 13:06:47 -07:00
c6ad9bc79c
Build, sign, and publish release binaries
...
This PR adds a workflow to build releases:
- The builds are signed on Windows.
- The builds are organized into a `build` folder, to make things easier to understand and debug.
- The `build` folder is uploaded as artifacts on Actions, in one collective `build.zip`.
- If a tag was pushed, the build release files are individually uploaded as assets to the releases page:
- Compare [`smimesign-staging@v1.1.0-rc1`](https://github.com/github/smimesign-staging/releases/tag/v1.1.0-rc1 ) to [`smimesign@v0.0.13`](https://github.com/github/smimesign/releases/tag/v0.0.13 ) and note that I've managed to keep fairly similar names and formats (e.g. `.tgz` for macOS).
- Tags starting with `v` are automatically marked as releases, so the latest release will always show up on the side of https://github.com/github/smimesign (if your window is wide enough).
- The version string is consistently embedded using `-ldflags` for all builds. I've directly checked that this works, using `smimesign --version` on amd64, the installer, and macOS.
- We now build using Go 1.17.
This PR does not add code signing for macOS, and doesn't add a build for Apple Silicon. We [recommend using Homebrew](https://github.com/github/smimesign#macos ) to install `smimesign` on macOS, which works the same without signing and already builds for Apple Silicon.
2021-09-24 13:04:18 -07:00
e227155756
Merge pull request #81 from github/update-codesign-pfx
...
updated codesign.pfx
2021-09-22 19:04:15 -07:00
a17e987dfb
updated codesign.pfx
2021-09-21 11:44:38 -07:00
3e90229742
Merge pull request #76 from github/gh-actions
...
Use GitHub Actions for tests
2021-05-03 14:04:43 -04:00
61fb27ad11
Move files temporarily
2021-04-29 15:29:15 -04:00
de3eccf414
Test Windows
2021-04-23 10:58:49 -04:00
9736d169da
Get all commit history for tag describe
2021-04-23 10:47:47 -04:00
f9ad9450cc
Test MacOS on GitHub actions
2021-04-23 10:43:36 -04:00
3cd8e9330f
Update build status link.
2020-08-17 12:25:31 -07:00
adef1f6cce
Set Appveyor branch to `main`.
2020-08-13 13:17:37 -07:00
927032293b
v0.1.0
...
Release notes:
- Update dependencies to reflect new URLs.
- No code changes.
2020-08-11 18:21:55 -07:00
4223653417
Update dependencies and references for v0.1.0
2020-08-11 18:10:15 -07:00
6e940bc5e5
Change `BEGING_SIGNING` to `BEGIN_SIGNING`.
...
Per c068195384/status.go (L17)918792befd/doc/DETAILS (begin_signing)
2020-08-11 18:06:21 -07:00
d7c50b9b7a
Update tests to allow chains in any order. Fixes #68 .
...
The chain in question is defined in RFC5652 as a CertificateSet, which is a `SET OF` certs:
- https://tools.ietf.org/html/rfc5652#section-5.1
- https://tools.ietf.org/html/rfc5652#section-10.2.3
Go 1.15 introduced a change that sorts such sets: https://go.googlesource.com/go/+/f0cea848679b8f8cdc5f76e1b1e36ebb924a68f8
Our tests were implicitly relying on the sets to stay sorted, but the right thing to do at this point is update our tests.
2020-07-30 18:01:53 -07:00
7e96b8b53e
Merge pull request #56 from github/verify-output
...
Output for verify command
2019-05-07 10:29:42 -06:00
9656e678ac
output signature info to stderr
...
Otherwise, `git --show-log` doesn't show any information about the signature
and the user has no way of knowing that a commit was actually signed.
2019-05-07 10:11:51 -06:00
a1fe9f4df8
Merge pull request #55 from github/release-naming-ii
...
add back the v for the tag name
2019-05-02 16:27:23 -06:00
09a04f5c14
add back the v for the tag name
2019-05-02 15:32:28 -06:00
Kevin Jones
Rahul Zhade
Tom Cooper
El Mostafa IDRASSI
Craig Douglas French
Billy Lynch
Baoshuo Ren
Aman Mangal
Lucas Garron
grantbirki
Ben Toews
Ben Toews