Skip to content

feat(updater): require authenticated signed metadata, ref #433#435

Open
lucasfernog-crabnebula wants to merge 3 commits into
mainfrom
feat/updater-signed-metadata
Open

feat(updater): require authenticated signed metadata, ref #433#435
lucasfernog-crabnebula wants to merge 3 commits into
mainfrom
feat/updater-signed-metadata

Conversation

@lucasfernog-crabnebula

Copy link
Copy Markdown
Member

Embed the release version (and timestamp) into the signed minisign trusted comment when packaging, and require the updater to verify that the manifest's advertised version matches the signed one. Updates whose signatures lack this authenticated metadata are rejected, defeating downgrade/freeze/replay attacks. Adds signature_expiration to reject stale signatures, and version-aware signer entry points. Update the cargo-packager CLI in your release pipeline so the metadata is signed.

Embed the release version (and timestamp) into the signed minisign trusted
comment when packaging, and require the updater to verify that the manifest's
advertised version matches the signed one. Updates whose signatures lack this
authenticated metadata are rejected, defeating downgrade/freeze/replay attacks.
Adds `signature_expiration` to reject stale signatures, and version-aware signer
entry points. Update the cargo-packager CLI in your release pipeline so the
metadata is signed.
@lucasfernog-crabnebula

Copy link
Copy Markdown
Member Author

ref #433

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant