Man page - oci-image-verification(1)

Packages contains this manual

Package: sigstore-go
apt-get install sigstore-go

Manuals in package:

Documentations in package:

oci-image-verification - Sigstore OCI image verification

-artifact string

Path to artifact to verify

-artifact-digest string

Hex-encoded digest of artifact to verify

-artifact-digest-algorithm string

Digest algorithm (default "sha256")

-expectedIssuer string

The expected OIDC issuer for the signing certificate

-expectedIssuerRegex string

The expected OIDC issuer for the signing certificate

-expectedSAN string

The expected identity in the signing certificate’s SAN extension

-expectedSANRegex string

The expected identity in the signing certificate’s SAN extension

-ignore-sct

Ignore SCT verification - do not check that a certificate contains an embedded SCT, a proof of inclusion in a certificate transparency log

-minBundleVersion string

Minimum acceptable bundle version (e.g. ’0.1’)

-ociImage string

OCI image to verify

-publicKey string

Path to trusted public key

-requireTimestamp

Require either an RFC3161 signed timestamp or log entry integrated timestamp (default true)

-requireTlog

Require Artifact Transparency log entry (Rekor) (default true)

-trustedrootJSONpath string

Path to trustedroot JSON file (default "examples/trusted-root-public-good.json")

-tufDirectory string

Directory to store TUF metadata (default "tufdata")

-tufRootURL string

URL of TUF root containing trusted root JSON file