Checking if signer has cert in cosign sign

tommyd450 · tommyd450 · commit 94b8be52328d · 2025-07-24T10:07:47.000+01:00
diff --git a/cmd/cosign/cli/sign/sign.go b/cmd/cosign/cli/sign/sign.go
@@ -294,7 +294,7 @@ func signDigest(ctx context.Context, digest name.Digest, payload []byte, ko opti
 	}
 
 	if signOpts.OutputCertificate != "" {
-		rekorBytes, err := sv.Bytes(ctx)
+		rekorBytes, err := extractCertificate(ctx,sv)
 		if err != nil {
 			return fmt.Errorf("create certificate file: %w", err)
 		}
diff --git a/cmd/cosign/cli/sign/sign_blob.go b/cmd/cosign/cli/sign/sign_blob.go
@@ -241,17 +241,7 @@ func SignBlobCmd(ro *options.RootOptions, ko options.KeyOpts, payloadPath string
 				return nil, fmt.Errorf("create certificate file: %w", err)
 			}
 			ui.Infof(ctx, "Wrote certificate to file %s", outputCertificate)
-		} else {
-			pemBytes, err := sigs.PublicKeyPem(sv, signatureoptions.WithContext(ctx))
-			if err != nil {
-				return nil, err
-			}
-			if err := os.WriteFile(outputCertificate, pemBytes, 0600); err != nil {
-				return nil, err
-			}
-			return pemBytes, nil
-		}
-
+		} 
 	}
 
 	return sig, nil

Original file line number	Diff line number	Diff line change
`@@ -294,7 +294,7 @@ func signDigest(ctx context.Context, digest name.Digest, payload []byte, ko opti`
`294`	`294`	`}`
`295`	`295`
`296`	`296`	`if signOpts.OutputCertificate != "" {`
`297`		`- rekorBytes, err := sv.Bytes(ctx)`
	`297`	`+ rekorBytes, err := extractCertificate(ctx,sv)`
`298`	`298`	`if err != nil {`
`299`	`299`	`return fmt.Errorf("create certificate file: %w", err)`
`300`	`300`	`}`