Skip to content

Commit

Permalink
use bundle builder function in sigstore-utils (#643)
Browse files Browse the repository at this point in the history
Signed-off-by: Brian DeHamer <[email protected]>
  • Loading branch information
bdehamer authored Jul 27, 2023
1 parent 94bd313 commit e44f05c
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 22 deletions.
5 changes: 5 additions & 0 deletions .changeset/smooth-suits-drum.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'sigstore': minor
---

Use bundle construction helpers from `@sigstore/bundle` package
4 changes: 2 additions & 2 deletions packages/client/src/__tests__/sigstore-utils.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ describe('createRekorEntry', () => {
);

expect(
bundle.verificationMaterial.timestampVerificationData
).toBeUndefined();
bundle.verificationMaterial.timestampVerificationData?.rfc3161Timestamps
).toHaveLength(0);
});
});
32 changes: 12 additions & 20 deletions packages/client/src/sigstore-utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,14 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
import {
BUNDLE_V01_MEDIA_TYPE,
Bundle,
SerializedBundle,
SerializedEnvelope,
bundleToJSON,
envelopeFromJSON,
envelopeToJSON,
toDSSEBundle,
} from '@sigstore/bundle';
import { RekorWitness, SignatureBundle } from '@sigstore/sign';
import { RekorWitness } from '@sigstore/sign';
import {
DEFAULT_REKOR_URL,
DEFAULT_RETRY,
Expand Down Expand Up @@ -56,10 +55,12 @@ export async function createRekorEntry(
options: SignOptions = {}
): Promise<SerializedBundle> {
const envelope = envelopeFromJSON(dsseEnvelope);
const content: SignatureBundle = {
$case: 'dsseEnvelope',
dsseEnvelope: envelope,
};
const bundle = toDSSEBundle({
artifact: envelope.payload,
artifactType: envelope.payloadType,
signature: envelope.signatures[0].sig,
keyHint: envelope.signatures[0].keyid,
});

const tlog = new RekorWitness({
rekorBaseURL:
Expand All @@ -69,20 +70,11 @@ export async function createRekorEntry(
timeout: options.timeout ?? DEFAULT_TIMEOUT,
});

const vm = await tlog.testify(content, publicKey);
// Add entry to transparency log
const vm = await tlog.testify(bundle.content, publicKey);

const bundle: Bundle = {
mediaType: BUNDLE_V01_MEDIA_TYPE,
content,
verificationMaterial: {
content: {
$case: 'publicKey',
publicKey: { hint: dsseEnvelope.signatures[0].keyid },
},
timestampVerificationData: undefined,
tlogEntries: [...vm.tlogEntries],
},
};
// Add transparency log entries to bundle
bundle.verificationMaterial.tlogEntries = [...vm.tlogEntries];

return bundleToJSON(bundle);
}

0 comments on commit e44f05c

Please sign in to comment.