1 مستودع
Signs eBPF modules stored in OCI registries and verifies their signatures to confirm integrity.
Distinct from Signed Binary Modules: Distinct from Signed Binary Modules: specifically targets eBPF modules in OCI registries, not general binary modules.
Explore 1 awesome GitHub repository matching operating systems & systems programming · eBPF Module Signing. Refine with filters or upvote what's useful.
Cosign is a tool for signing and verifying software artifacts, primarily those stored in OCI-compatible registries such as container images, Helm charts, SBOMs, and Tekton bundles. It supports keyless signing using ephemeral keys and short-lived certificates from the Sigstore public-good infrastructure, associating signatures with an OpenID Connect identity rather than a long-lived cryptographic key. The project provides multiple signing and verification methods, including private keys, key pairs stored in KMS providers like AWS KMS and Azure Key Vault, and hardware security keys. It can sign
Signs eBPF modules stored in OCI registries and verifies their signatures to confirm they have not been altered.