tailscale/release
Andrew Lytvynov d45af7c66f
release/dist/cli: add sign-key and verify-key-signature commands (#9041)
Now we have all the commands to generate the key hierarchy and verify
that signing keys were signed correctly:
```
$ ./tool/go run ./cmd/dist gen-key --priv-path root-priv.pem --pub-path root-pub.pem --root
wrote private key to root-priv.pem
wrote public key to root-pub.pem

$ ./tool/go run ./cmd/dist gen-key --priv-path signing-priv.pem --pub-path signing-pub.pem --signing
wrote private key to signing-priv.pem
wrote public key to signing-pub.pem

$ ./tool/go run ./cmd/dist sign-key --root-priv-path root-priv.pem --sign-pub-path signing-pub.pem
wrote signature to signature.bin

$ ./tool/go run ./cmd/dist verify-key-signature --root-pub-path root-pub.pem --sign-pub-path signing-pub.pem --sig-path signature.bin
signature ok
```

Updates #8760

Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
2023-08-24 10:54:42 -07:00
..
deb release: open-source release build logic for unix packages 2023-02-24 21:31:09 +00:00
dist release/dist/cli: add sign-key and verify-key-signature commands (#9041) 2023-08-24 10:54:42 -07:00
rpm release: open-source release build logic for unix packages 2023-02-24 21:31:09 +00:00
release.go release: add empty embed.FS for release files 2023-08-23 09:54:10 -07:00