diff --git a/README.model_signing.md b/README.model_signing.md index 561cfc04..86f4bac2 100644 --- a/README.model_signing.md +++ b/README.model_signing.md @@ -69,13 +69,13 @@ $ source .venv/bin/activate ## Sign ```bash -(.venv) $ python3 sign.py --model_path ${MODEL_PATH} --sig_out ${SIG_PATH} --method {private-key, pki, sigstore} {additional parameters depending on method} +(.venv) $ python3 sign.py --model_path ${MODEL_PATH} --sig_out ${SIG_PATH} {private-key, pki, sigstore} {additional parameters depending on method} ``` ## Verify ```bash -(.venv) $ python3 verify.py --model_path ${MODEL_PATH} --sig_path ${SIG_PATH} --method {private-key, pki, sigstore} {additional parameters depending on method} +(.venv) $ python3 verify.py --model_path ${MODEL_PATH} --sig_path ${SIG_PATH} {private-key, pki, sigstore} {additional parameters depending on method} ``` ### Examples @@ -89,10 +89,10 @@ $ openssl ecparam -name secp256k1 -genkey -noout -out ec-secp256k1-priv-key.pem $ openssl ec -in ec-secp256k1-priv-key.pem -pubout > ec-secp256k1-pub-key.pem $ source .venv/bin/activate # SIGN -(.venv) $ python3 sign.py --model_path ${MODEL_PATH} --sig_out ${SIG_PATH} --method private-key --private-key ec-secp256k1-priv-key.pem +(.venv) $ python3 sign.py --model_path ${MODEL_PATH} --sig_out ${SIG_PATH} private-key --private-key ec-secp256k1-priv-key.pem ... #VERIFY -(.venv) $ python3 verify.py --model_path ${MODEL_PATH} --sig_path ${SIG_PATH} --method private-key --public-key ec-secp256k1-pub-key.pem +(.venv) $ python3 verify.py --model_path ${MODEL_PATH} --sig_path ${SIG_PATH} private-key --public-key ec-secp256k1-pub-key.pem ... ``` @@ -113,7 +113,7 @@ $ PRIVATE_KEY='/path/to/private_key' # SIGN (.venv) $ python3 sign.py --model_path ${MODEL_PATH} \ --sig_path ${SIG_PATH} \ - --method pki \ + pki \ --private-key ${PRIVATE_KEY} \ --signing_cert ${SIGNING_CERT} \ [--cert_chain ${CERT_CHAIN}] @@ -122,7 +122,7 @@ $ PRIVATE_KEY='/path/to/private_key' $ ROOT_CERTS='/path/to/root/certs' (.venv) $ python3 verify.py --model_path ${MODEL_PATH} \ --sig_path ${SIG_PATH} \ - --method pki \ + pki \ --root_certs ${ROOT_CERTS} ... ``` @@ -132,10 +132,10 @@ $ ROOT_CERTS='/path/to/root/certs' ```bash $ MODEL_PATH='/path/to/your/model' # SIGN -(.venv) $ python3 sign.py --model_path ${MODEL_PATH} --method sigstore +(.venv) $ python3 sign.py --model_path ${MODEL_PATH} sigstore ... #VERIFY -(.venv) $ python3 verify.py --model_path ${MODEL_PATH} --sig_path ./model.sig --method sigstore --identity name@example.com --identity-provider https://accounts.example.com +(.venv) $ python3 verify.py --model_path ${MODEL_PATH} --sig_path ./model.sig sigstore --identity name@example.com --identity-provider https://accounts.example.com ... ``` @@ -172,9 +172,9 @@ sig_path=model.sig wget "https://tfhub.dev/google/bertseq2seq/bert24_en_de/1?tf-hub-format=compressed" -O "${model_path}".tgz mkdir -p "${model_path}" cd "${model_path}" && tar xvzf ../"${model_path}".tgz && rm ../"${model_path}".tgz && cd - -python3 sign.py --model_path "${model_path}" --method sigstore +python3 sign.py --model_path "${model_path}" sigstore python3 verify.py --model_path "${model_path}" --sig_path ${sig_path} \ - --method sigstore \ + sigstore \ --identity-provider https://accounts.google.com \ --identity myemail@gmail.com ``` @@ -196,7 +196,7 @@ sig_path=model.sig git clone --depth=1 "https://huggingface.co/${model_name}" && rm -rf "${model_name}"/.git python3 sign.py --model_path "${model_path}" python3 verify.py --model_path "${model_path}" --sig_path ${sig_path} \ - --method sigstore \ + sigstore \ --identity-provider https://accounts.google.com \ --identity myemail@gmail.com ``` @@ -210,7 +210,7 @@ sig_path=model.sig git clone --depth=1 "https://huggingface.co/${model_name}" && rm -rf "${model_name}"/.git python3 sign.py --model_path "${model_path}" python3 verify.py --model_path "${model_path}" --sig_path ${sig_path} \ - --method sigstore \ + sigstore \ --identity-provider https://accounts.google.com \ --identity myemail@gmail.com ``` @@ -226,7 +226,7 @@ mkdir -p "${model_path}" cd "${model_path}" && unzip ../"${model_path}".zip && rm ../"${model_path}".zip && shopt -s dotglob && mv YOLOP-main/* . && shopt -u dotglob && rmdir YOLOP-main/ && cd - python3 sign.py --model_path "${model_path}" python3 verify.py --model_path "${model_path}" --sig_path ${sig_path} \ - --method sigstore \ + sigstore \ --identity-provider https://accounts.google.com \ --identity myemail@gmail.com ``` @@ -240,7 +240,7 @@ sig_path=model.sig wget "https://github.com/onnx/models/raw/main/text/machine_comprehension/roberta/model/${model_name}.onnx" python3 sign.py --model_path "${model_path}" python3 verify.py --model_path "${model_path}" --sig_path ${sig_path} \ - --method sigstore \ + sigstore \ --identity-provider https://accounts.google.com \ --identity myemail@gmail.com ```