You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We'd update logs to include the input and output hashes of each file, and monitoring would ignore the multifile responses (like the apk2 signer; pending #622).
Alternative options:
require clients to pack the files beforehand (e.g. as a tarball) then unpack them on the server side and repack them
see also: https://mozilla-hub.atlassian.net/browse/ITSEC-105 about the possibility of switching to one signing request per http request (simplifies including http response codes in the application layer for #318 too)
The text was updated successfully, but these errors were encountered:
g-k
changed the title
support signing multiple files in a signing request
support signing and returning multiple files in a signing request
Sep 3, 2021
I'm happy with the proposed /sign/files interface. Implementing support for it in signingscript is probably a bit more work due to one-file-per-request being assumed in a few places there, but I don't think it's a ton of work to change that.
Blocks #742 #744
Possible implementation:
POST /sign/files
endpoint with request format accepting an array of base64 encoded files (like /sign/file):.SignFiles()
that accepts a slice of input files and returns a slice of signed files (instead of single values):We'd update logs to include the input and output hashes of each file, and monitoring would ignore the multifile responses (like the apk2 signer; pending #622).
Alternative options:
see also: https://mozilla-hub.atlassian.net/browse/ITSEC-105 about the possibility of switching to one signing request per http request (simplifies including http response codes in the application layer for #318 too)
The text was updated successfully, but these errors were encountered: