# sigstore framework [](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:sigstore) [](https://bestpractices.coreinfrastructure.org/projects/5716) sigstore/sigstore contains common [Sigstore](https://www.sigstore.dev/) code: that is, code shared by infrastructure (e.g., [Fulcio](https://github.com/sigstore/fulcio) and [Rekor](https://github.com/sigstore/rekor)) and Go language clients (e.g., [Cosign](https://github.com/sigstore/cosign) and [Gitsign](https://github.com/sigstore/gitsign)). This library currently provides: * A signing interface (support for ecdsa, ed25519, rsa, DSSE (in-toto)) * OpenID Connect fulcio client code The following KMS systems are available: * AWS Key Management Service * Azure Key Vault * HashiCorp Vault * Google Cloud Platform Key Management Service * OpenBao For example code, loo ...