Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[master] Support general asymmetric signature verification #66526

Merged
merged 2 commits into from
May 27, 2024
Merged

[master] Support general asymmetric signature verification #66526

merged 2 commits into from
May 27, 2024

Conversation

lkubb
Copy link
Contributor

@lkubb lkubb commented May 16, 2024
edited

What does this PR do?

  • Makes the file.managed/archive.extracted signature verification support variable backends
  • Adds an execution module that allows to sign and verify data using basic asymmetric algorithms

This allows low-level verification without having to rely on GPG or any other external dependency.

If the new execution module is not deemed to fit into core, just introducing the sig_backend changes would still allow custom modules to provide the functionality.

What issues does this PR fix or reference?

Fixes: #66527
Fixes: #66528

Previous Behavior

  • File/archive signature verification is only possible using GPG.

New Behavior

  • File/archive signature verification supports variable, user-selectable backends.
  • A new backend without reliance on GPG supports more low-level verification of asymmetric signatures.

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests.

Commits signed with GPG?

Yes

@lkubb lkubb requested a review from a team as a code owner May 16, 2024 09:52
@lkubb lkubb requested review from twangboy and removed request for a team May 16, 2024 09:52
@salt-project-bot-prod-environment salt-project-bot-prod-environment bot changed the title Support general asymmetric signature verification [master] Support general asymmetric signature verification May 16, 2024
@lkubb lkubb force-pushed the asymmetric branch 3 times, most recently from c28b21d to 8a00eb6 Compare May 16, 2024 10:42
@dwoz dwoz added the test:full Run the full test suite label May 22, 2024
@dwoz dwoz merged commit aaad0d2 into saltstack:master May 27, 2024
279 of 364 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@twangboy twangboy twangboy approved these changes

Assignees
No one assigned
Labels
test:full Run the full test suite
Projects
None yet
Milestone
No milestone
3 participants
@lkubb @twangboy @dwoz