Use a default value for timestamp-digest?

[dlemstra]

I was wondering if a default value could be set for the timestamp-digest of the RFC3161 compliant timestamping service? This would require changes in the powershell script:

if ($TimestampRfc3161) {
    $result.Add("/tr")
    $result.Add($TimestampRfc3161)
    $result.Add("/td")
    if ($TimestampDigest) {
        $result.Add($TimestampDigest)
    } else {
        $result.Add("SHA256")
    }
}

But that can probably also be done in the action instead. If the latter is preferred I can open a pull request for this.

[sudara]

This would be great to reduce the amount of boilerplate needed for the action!

[japarson]

Hi @dlemstra @sudara,

There are default values for the timestamping options here: https://github.com/Azure/trusted-signing-action/blob/b0b40558520b25479414d349890d63bdaa8e399f/action.yml#L66-L73

Please let me know if this is what you're looking for or not.

[dlemstra]

That default value for SHA256 was added 26 minutes ago? 😉 Just saw that is was a PR to change this.

Wondering if I misread your comment but this is what I was expecting to be added. But I do wonder if this should be done in the powershell script instead?

[sudara]

This is great for me, I just wanted more concise config. I can also see why it would make sense to have the default in powershell..

[japarson]

~That default value for SHA256 was added 26 minutes ago? 😉~ Just saw that is was a PR to change this.

Wondering if I misread your comment but this is what I was expecting to be added. But I do wonder if this should be done in the powershell script instead?

@dlemstra I commented on my philosophy around defaults/required in action/powershell here. We can continue the conversation there.