Skip to content

Commit d0dcbd8

Browse files
jkujku
authored
Merge pull request #634 from MVrachev/rewrite-readme
docs: rewrite README - continuation
2 parents 4bef900 + 2538c3e commit d0dcbd8

File tree

3 files changed

+50
-389
lines changed

3 files changed

+50
-389
lines changed

README.md

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,49 @@
1+
# securesystemslib
2+
3+
[![CI](https://github.com/secure-systems-lab/securesystemslib/workflows/Run%20Securesystemslib%20tests/badge.svg)](https://github.com/secure-systems-lab/securesystemslib/actions?query=workflow%3A%22Run+Securesystemslib+tests%22+branch%3Amain)
4+
5+
Securesystemslib is a cryptography interface for signing and verifying digital
6+
signatures. It is developed for the [TUF](https://theupdateframework.io) and
7+
[in-toto](https://in-toto.io) projects: the key and signature containers are
8+
compatible with metadata formats from those projects.
9+
10+
Under the hood, Securesystemslib can use various digital signing systems
11+
(e.g. [cryptography](https://pypi.org/project/cryptography/), PIV hardware keys
12+
and multiple cloud-based key management systems).
13+
14+
## Installation
15+
16+
The default installation supports [pure-Python `ed25519` signature
17+
verification](https://github.com/pyca/ed25519) only. To enable other schemes and
18+
signature creation, `securesystemslib` can be installed with *extras*. See
19+
[pyproject.toml](pyproject.toml) for available *optional dependencies*.
20+
21+
```bash
22+
# Install with ed25519, RSA, ECDSA sign and verify support
23+
pip install securesystemslib[crypto]
24+
```
25+
26+
```bash
27+
# ...or with HSM (e.g. Yubikey) support
28+
pip install securesystemslib[hsm]
29+
```
30+
31+
## Usage
32+
[python-securesystemslib.readthedocs.io](https://python-securesystemslib.readthedocs.io)
33+
34+
## Contact
35+
- Questions and discussions:
36+
[`#securesystemslib-python`](https://cloud-native.slack.com/archives/C05PF3GA7AL)
37+
on [CNCF Slack](https://communityinviter.com/apps/cloud-native/cncf)
38+
- Security issues: [*Report a vulnerability*](https://github.com/secure-systems-lab/securesystemslib/security/advisories/new)
39+
- Other issues and requests: [*Open a new
40+
issue*](https://github.com/secure-systems-lab/securesystemslib/issues/new)
41+
42+
## Testing
43+
`tox` is used for testing. It can be installed via
44+
[pip](https://tox.wiki/en/4.9.0/installation.html#via-pip) and executed from the
45+
command line in the root of the repository.
46+
47+
```bash
48+
tox
49+
```

0 commit comments

Comments
 (0)