Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEAT]: Add support for Public Keys API #2944

Open
1 task done
colbylwilliams opened this issue Jun 27, 2024 · 0 comments · May be fixed by #2945
Open
1 task done

[FEAT]: Add support for Public Keys API #2944

colbylwilliams opened this issue Jun 27, 2024 · 0 comments · May be fixed by #2945
Labels
Type: Feature New feature or request

Comments

@colbylwilliams
Copy link
Collaborator

Describe the need

Add support for /meta/public_keys/<keyType>.

Secret Scanning and Copilot Extensions enable signature verification using public keys from the meta/public_keys API.

From secret scanning docs:

The HTTP request to your service will also contain headers that we strongly recommend using to validate the messages you receive are genuinely from GitHub, and are not malicious.

The two HTTP headers to look for are:

Github-Public-Key-Identifier: Which key_identifier to use from our API
Github-Public-Key-Signature: Signature of the payload
You can retrieve the GitHub secret scanning public key from https://api.github.com/meta/public_keys/secret_scanning and validate the message using the ECDSA-NIST-P256V1-SHA256 algorithm. The endpoint will provide several key_identifier and public keys. You can determine which public key to use based on the value of Github-Public-Key-Identifier.

SDK Version

No response

API Version

No response

Relevant log output

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct
@colbylwilliams colbylwilliams added Status: Triage This is being looked at and prioritized Type: Feature New feature or request labels Jun 27, 2024
@colbylwilliams colbylwilliams linked a pull request Jun 27, 2024 that will close this issue
Open
4 tasks
@kfcampbell kfcampbell removed the Status: Triage This is being looked at and prioritized label Jun 28, 2024
@kfcampbell kfcampbell moved this from 🆕 Triage to 🏗 In progress in 🧰 Octokit Active Jun 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Feature New feature or request
Projects
🧰 Octokit Active
Status: 🏗 In progress
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[FEAT]: Add support for Public Keys API colbylwilliams/octokit.net
2 participants
@colbylwilliams @kfcampbell