Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
wraithgar committed Feb 22, 2024
1 parent d0bcb76 commit dafa903
Show file tree
Hide file tree
Showing 37 changed files with 369 additions and 3,585 deletions.
5 changes: 0 additions & 5 deletions node_modules/.gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,6 @@
!/@sigstore/protobuf-specs
!/@sigstore/sign
!/@sigstore/tuf
!/@sigstore/tuf/node_modules/
/@sigstore/tuf/node_modules/*
!/@sigstore/tuf/node_modules/@sigstore/
/@sigstore/tuf/node_modules/@sigstore/*
!/@sigstore/tuf/node_modules/@sigstore/protobuf-specs
!/@sigstore/verify
!/@tufjs/
/@tufjs/*
Expand Down
3 changes: 2 additions & 1 deletion node_modules/@sigstore/bundle/dist/bundle.js
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.isBundleWithDsseEnvelope = exports.isBundleWithMessageSignature = exports.isBundleWithPublicKey = exports.isBundleWithCertificateChain = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = void 0;
exports.isBundleWithDsseEnvelope = exports.isBundleWithMessageSignature = exports.isBundleWithPublicKey = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = void 0;
exports.BUNDLE_V01_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.1';
exports.BUNDLE_V02_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.2';
exports.BUNDLE_V03_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.3';
// Type guards for bundle variants.
function isBundleWithCertificateChain(b) {
return b.verificationMaterial.content.$case === 'x509CertificateChain';
Expand Down
4 changes: 3 additions & 1 deletion node_modules/@sigstore/bundle/dist/index.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.isBundleV01 = exports.assertBundleV01 = exports.assertBundleLatest = exports.assertBundle = exports.envelopeToJSON = exports.envelopeFromJSON = exports.bundleToJSON = exports.bundleFromJSON = exports.ValidationError = exports.isBundleWithPublicKey = exports.isBundleWithMessageSignature = exports.isBundleWithDsseEnvelope = exports.isBundleWithCertificateChain = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = exports.toMessageSignatureBundle = exports.toDSSEBundle = void 0;
exports.isBundleV01 = exports.assertBundleV02 = exports.assertBundleV01 = exports.assertBundleLatest = exports.assertBundle = exports.envelopeToJSON = exports.envelopeFromJSON = exports.bundleToJSON = exports.bundleFromJSON = exports.ValidationError = exports.isBundleWithPublicKey = exports.isBundleWithMessageSignature = exports.isBundleWithDsseEnvelope = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = exports.toMessageSignatureBundle = exports.toDSSEBundle = void 0;
/*
Copyright 2023 The Sigstore Authors.
Expand All @@ -22,6 +22,7 @@ Object.defineProperty(exports, "toMessageSignatureBundle", { enumerable: true, g
var bundle_1 = require("./bundle");
Object.defineProperty(exports, "BUNDLE_V01_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V01_MEDIA_TYPE; } });
Object.defineProperty(exports, "BUNDLE_V02_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V02_MEDIA_TYPE; } });
Object.defineProperty(exports, "BUNDLE_V03_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V03_MEDIA_TYPE; } });
Object.defineProperty(exports, "isBundleWithCertificateChain", { enumerable: true, get: function () { return bundle_1.isBundleWithCertificateChain; } });
Object.defineProperty(exports, "isBundleWithDsseEnvelope", { enumerable: true, get: function () { return bundle_1.isBundleWithDsseEnvelope; } });
Object.defineProperty(exports, "isBundleWithMessageSignature", { enumerable: true, get: function () { return bundle_1.isBundleWithMessageSignature; } });
Expand All @@ -37,4 +38,5 @@ var validate_1 = require("./validate");
Object.defineProperty(exports, "assertBundle", { enumerable: true, get: function () { return validate_1.assertBundle; } });
Object.defineProperty(exports, "assertBundleLatest", { enumerable: true, get: function () { return validate_1.assertBundleLatest; } });
Object.defineProperty(exports, "assertBundleV01", { enumerable: true, get: function () { return validate_1.assertBundleV01; } });
Object.defineProperty(exports, "assertBundleV02", { enumerable: true, get: function () { return validate_1.assertBundleV02; } });
Object.defineProperty(exports, "isBundleV01", { enumerable: true, get: function () { return validate_1.isBundleV01; } });
16 changes: 10 additions & 6 deletions node_modules/@sigstore/bundle/dist/serialized.js
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,16 @@ const bundle_1 = require("./bundle");
const validate_1 = require("./validate");
const bundleFromJSON = (obj) => {
const bundle = protobuf_specs_1.Bundle.fromJSON(obj);
(0, validate_1.assertBundle)(bundle);
if (bundle.mediaType === bundle_1.BUNDLE_V01_MEDIA_TYPE) {
(0, validate_1.assertBundleV01)(bundle);
}
else {
(0, validate_1.assertBundleLatest)(bundle);
switch (bundle.mediaType) {
case bundle_1.BUNDLE_V01_MEDIA_TYPE:
(0, validate_1.assertBundleV01)(bundle);
break;
case bundle_1.BUNDLE_V02_MEDIA_TYPE:
(0, validate_1.assertBundleV02)(bundle);
break;
default:
(0, validate_1.assertBundleLatest)(bundle);
break;
}
return bundle;
};
Expand Down
100 changes: 69 additions & 31 deletions node_modules/@sigstore/bundle/dist/validate.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.assertBundleLatest = exports.isBundleV01 = exports.assertBundleV01 = exports.assertBundle = void 0;
exports.assertBundleLatest = exports.assertBundleV02 = exports.isBundleV01 = exports.assertBundleV01 = exports.assertBundle = void 0;
/*
Copyright 2023 The Sigstore Authors.
Expand All @@ -16,13 +16,61 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const bundle_1 = require("./bundle");
const error_1 = require("./error");
// Performs basic validation of a Sigstore bundle to ensure that all required
// fields are populated. This is not a complete validation of the bundle, but
// rather a check that the bundle is in a valid state to be processed by the
// rest of the code.
function assertBundle(b) {
const invalidValues = validateBundleBase(b);
if (invalidValues.length > 0) {
throw new error_1.ValidationError('invalid bundle', invalidValues);
}
}
exports.assertBundle = assertBundle;
// Asserts that the given bundle conforms to the v0.1 bundle format.
function assertBundleV01(b) {
const invalidValues = [];
invalidValues.push(...validateBundleBase(b));
invalidValues.push(...validateInclusionPromise(b));
if (invalidValues.length > 0) {
throw new error_1.ValidationError('invalid v0.1 bundle', invalidValues);
}
}
exports.assertBundleV01 = assertBundleV01;
// Type guard to determine if Bundle is a v0.1 bundle.
function isBundleV01(b) {
try {
assertBundleV01(b);
return true;
}
catch (e) {
return false;
}
}
exports.isBundleV01 = isBundleV01;
// Asserts that the given bundle conforms to the v0.2 bundle format.
function assertBundleV02(b) {
const invalidValues = [];
invalidValues.push(...validateBundleBase(b));
invalidValues.push(...validateInclusionProof(b));
if (invalidValues.length > 0) {
throw new error_1.ValidationError('invalid v0.2 bundle', invalidValues);
}
}
exports.assertBundleV02 = assertBundleV02;
// Asserts that the given bundle conforms to the newest (0.3) bundle format.
function assertBundleLatest(b) {
const invalidValues = [];
invalidValues.push(...validateBundleBase(b));
invalidValues.push(...validateInclusionProof(b));
invalidValues.push(...validateNoCertificateChain(b));
if (invalidValues.length > 0) {
throw new error_1.ValidationError('invalid bundle', invalidValues);
}
}
exports.assertBundleLatest = assertBundleLatest;
function validateBundleBase(b) {
const invalidValues = [];
// Media type validation
if (b.mediaType === undefined ||
Expand Down Expand Up @@ -84,6 +132,11 @@ function assertBundle(b) {
}
});
break;
case 'certificate':
if (b.verificationMaterial.content.certificate.rawBytes.length === 0) {
invalidValues.push('verificationMaterial.content.certificate.rawBytes');
}
break;
}
}
if (b.verificationMaterial.tlogEntries === undefined) {
Expand All @@ -102,17 +155,11 @@ function assertBundle(b) {
}
}
}
if (invalidValues.length > 0) {
throw new error_1.ValidationError('invalid bundle', invalidValues);
}
return invalidValues;
}
exports.assertBundle = assertBundle;
// Asserts that the given bundle conforms to the v0.1 bundle format.
function assertBundleV01(b) {
// Necessary for V01 bundles
function validateInclusionPromise(b) {
const invalidValues = [];
if (b.mediaType && b.mediaType !== bundle_1.BUNDLE_V01_MEDIA_TYPE) {
invalidValues.push('mediaType');
}
if (b.verificationMaterial &&
b.verificationMaterial.tlogEntries?.length > 0) {
b.verificationMaterial.tlogEntries.forEach((entry, i) => {
Expand All @@ -121,24 +168,10 @@ function assertBundleV01(b) {
}
});
}
if (invalidValues.length > 0) {
throw new error_1.ValidationError('invalid v0.1 bundle', invalidValues);
}
return invalidValues;
}
exports.assertBundleV01 = assertBundleV01;
// Type guard to determine if Bundle is a v0.1 bundle.
function isBundleV01(b) {
try {
assertBundleV01(b);
return true;
}
catch (e) {
return false;
}
}
exports.isBundleV01 = isBundleV01;
// Asserts that the given bundle conforms to the newest (0.2) bundle format.
function assertBundleLatest(b) {
// Necessary for V02 and later bundles
function validateInclusionProof(b) {
const invalidValues = [];
if (b.verificationMaterial &&
b.verificationMaterial.tlogEntries?.length > 0) {
Expand All @@ -153,8 +186,13 @@ function assertBundleLatest(b) {
}
});
}
if (invalidValues.length > 0) {
throw new error_1.ValidationError('invalid v0.2 bundle', invalidValues);
return invalidValues;
}
// Necessary for V03 and later bundles
function validateNoCertificateChain(b) {
const invalidValues = [];
if (b.verificationMaterial?.content?.$case === 'x509CertificateChain') {
invalidValues.push('verificationMaterial.content.$case');
}
return invalidValues;
}
exports.assertBundleLatest = assertBundleLatest;
4 changes: 2 additions & 2 deletions node_modules/@sigstore/bundle/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@sigstore/bundle",
"version": "2.1.1",
"version": "2.2.0",
"description": "Sigstore bundle type",
"main": "dist/index.js",
"types": "dist/index.d.ts",
Expand All @@ -27,7 +27,7 @@
"provenance": true
},
"dependencies": {
"@sigstore/protobuf-specs": "^0.2.1"
"@sigstore/protobuf-specs": "^0.3.0"
},
"engines": {
"node": "^16.14.0 || >=18.0.0"
Expand Down
97 changes: 0 additions & 97 deletions node_modules/@sigstore/core/dist/asn1/dump.js

This file was deleted.

18 changes: 9 additions & 9 deletions node_modules/@sigstore/core/dist/asn1/tag.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.ASN1Tag = exports.UNIVERSAL_TAG = void 0;
exports.ASN1Tag = void 0;
/*
Copyright 2023 The Sigstore Authors.
Expand All @@ -17,7 +17,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
const error_1 = require("./error");
exports.UNIVERSAL_TAG = {
const UNIVERSAL_TAG = {
BOOLEAN: 0x01,
INTEGER: 0x02,
BIT_STRING: 0x03,
Expand Down Expand Up @@ -59,25 +59,25 @@ class ASN1Tag {
return num !== undefined ? res && this.number === num : res;
}
isBoolean() {
return this.isUniversal() && this.number === exports.UNIVERSAL_TAG.BOOLEAN;
return this.isUniversal() && this.number === UNIVERSAL_TAG.BOOLEAN;
}
isInteger() {
return this.isUniversal() && this.number === exports.UNIVERSAL_TAG.INTEGER;
return this.isUniversal() && this.number === UNIVERSAL_TAG.INTEGER;
}
isBitString() {
return this.isUniversal() && this.number === exports.UNIVERSAL_TAG.BIT_STRING;
return this.isUniversal() && this.number === UNIVERSAL_TAG.BIT_STRING;
}
isOctetString() {
return this.isUniversal() && this.number === exports.UNIVERSAL_TAG.OCTET_STRING;
return this.isUniversal() && this.number === UNIVERSAL_TAG.OCTET_STRING;
}
isOID() {
return (this.isUniversal() && this.number === exports.UNIVERSAL_TAG.OBJECT_IDENTIFIER);
return (this.isUniversal() && this.number === UNIVERSAL_TAG.OBJECT_IDENTIFIER);
}
isUTCTime() {
return this.isUniversal() && this.number === exports.UNIVERSAL_TAG.UTC_TIME;
return this.isUniversal() && this.number === UNIVERSAL_TAG.UTC_TIME;
}
isGeneralizedTime() {
return this.isUniversal() && this.number === exports.UNIVERSAL_TAG.GENERALIZED_TIME;
return this.isUniversal() && this.number === UNIVERSAL_TAG.GENERALIZED_TIME;
}
toDER() {
return this.number | (this.constructed ? 0x20 : 0x00) | (this.class << 6);
Expand Down
3 changes: 1 addition & 2 deletions node_modules/@sigstore/core/dist/stream.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.ByteStream = exports.StreamError = void 0;
exports.ByteStream = void 0;
/*
Copyright 2023 The Sigstore Authors.
Expand All @@ -18,7 +18,6 @@ limitations under the License.
*/
class StreamError extends Error {
}
exports.StreamError = StreamError;
class ByteStream {
constructor(buffer) {
this.start = 0;
Expand Down
Loading

0 comments on commit dafa903

Please sign in to comment.