+488
-17313
lines changed Original file line number Diff line number Diff line change
@@ -38,19 +38,6 @@
38 38
!/@sigstore/core
39 39
!/@sigstore/protobuf-specs
40 40
!/@sigstore/sign
41 -
!/@sigstore/sign/node_modules/
42 -
/@sigstore/sign/node_modules/*
43 -
!/@sigstore/sign/node_modules/@npmcli/
44 -
/@sigstore/sign/node_modules/@npmcli/*
45 -
!/@sigstore/sign/node_modules/@npmcli/agent
46 -
!/@sigstore/sign/node_modules/@npmcli/fs
47 -
!/@sigstore/sign/node_modules/cacache
48 -
!/@sigstore/sign/node_modules/make-fetch-happen
49 -
!/@sigstore/sign/node_modules/minipass-fetch
50 -
!/@sigstore/sign/node_modules/proc-log
51 -
!/@sigstore/sign/node_modules/ssri
52 -
!/@sigstore/sign/node_modules/unique-filename
53 -
!/@sigstore/sign/node_modules/unique-slug
54 41
!/@sigstore/tuf
55 42
!/@sigstore/verify
56 43
!/@tufjs/
@@ -222,23 +209,6 @@
222 209
!/shebang-regex
223 210
!/signal-exit
224 211
!/sigstore
225 -
!/sigstore/node_modules/
226 -
/sigstore/node_modules/*
227 -
!/sigstore/node_modules/@npmcli/
228 -
/sigstore/node_modules/@npmcli/*
229 -
!/sigstore/node_modules/@npmcli/agent
230 -
!/sigstore/node_modules/@npmcli/fs
231 -
!/sigstore/node_modules/@sigstore/
232 -
/sigstore/node_modules/@sigstore/*
233 -
!/sigstore/node_modules/@sigstore/tuf
234 -
!/sigstore/node_modules/cacache
235 -
!/sigstore/node_modules/make-fetch-happen
236 -
!/sigstore/node_modules/minipass-fetch
237 -
!/sigstore/node_modules/proc-log
238 -
!/sigstore/node_modules/ssri
239 -
!/sigstore/node_modules/tuf-js
240 -
!/sigstore/node_modules/unique-filename
241 -
!/sigstore/node_modules/unique-slug
242 212
!/smart-buffer
243 213
!/socks-proxy-agent
244 214
!/socks
@@ -268,11 +238,6 @@
268 238
!/tiny-relative-date
269 239
!/treeverse
270 240
!/tuf-js
271 -
!/tuf-js/node_modules/
272 -
/tuf-js/node_modules/*
273 -
!/tuf-js/node_modules/@tufjs/
274 -
/tuf-js/node_modules/@tufjs/*
275 -
!/tuf-js/node_modules/@tufjs/models
276 241
!/unique-filename
277 242
!/unique-slug
278 243
!/util-deprecate
@@ -1,6 +1,7 @@
1 1
"use strict";
2 2
Object.defineProperty(exports, "__esModule", { value: true });
3 -
exports.toDSSEBundle = exports.toMessageSignatureBundle = void 0;
3 +
exports.toMessageSignatureBundle = toMessageSignatureBundle;
4 +
exports.toDSSEBundle = toDSSEBundle;
4 5
/*
5 6
Copyright 2023 The Sigstore Authors.
6 7
@@ -21,9 +22,9 @@ const bundle_1 = require("./bundle");
21 22
// Message signature bundle - $case: 'messageSignature'
22 23
function toMessageSignatureBundle(options) {
23 24
return {
24 -
mediaType: options.singleCertificate
25 -
? bundle_1.BUNDLE_V03_MEDIA_TYPE
26 -
: bundle_1.BUNDLE_V02_MEDIA_TYPE,
25 +
mediaType: options.certificateChain
26 +
? bundle_1.BUNDLE_V02_MEDIA_TYPE
27 +
: bundle_1.BUNDLE_V03_MEDIA_TYPE,
27 28
content: {
28 29
$case: 'messageSignature',
29 30
messageSignature: {
@@ -37,21 +38,19 @@ function toMessageSignatureBundle(options) {
37 38
verificationMaterial: toVerificationMaterial(options),
38 39
};
39 40
}
40 -
exports.toMessageSignatureBundle = toMessageSignatureBundle;
41 41
// DSSE envelope bundle - $case: 'dsseEnvelope'
42 42
function toDSSEBundle(options) {
43 43
return {
44 -
mediaType: options.singleCertificate
45 -
? bundle_1.BUNDLE_V03_MEDIA_TYPE
46 -
: bundle_1.BUNDLE_V02_MEDIA_TYPE,
44 +
mediaType: options.certificateChain
45 +
? bundle_1.BUNDLE_V02_MEDIA_TYPE
46 +
: bundle_1.BUNDLE_V03_MEDIA_TYPE,
47 47
content: {
48 48
$case: 'dsseEnvelope',
49 49
dsseEnvelope: toEnvelope(options),
50 50
},
51 51
verificationMaterial: toVerificationMaterial(options),
52 52
};
53 53
}
54 -
exports.toDSSEBundle = toDSSEBundle;
55 54
function toEnvelope(options) {
56 55
return {
57 56
payloadType: options.artifactType,
@@ -75,20 +74,20 @@ function toVerificationMaterial(options) {
75 74
}
76 75
function toKeyContent(options) {
77 76
if (options.certificate) {
78 -
if (options.singleCertificate) {
79 -
return {
80 -
$case: 'certificate',
81 -
certificate: { rawBytes: options.certificate },
82 -
};
83 -
}
84 -
else {
77 +
if (options.certificateChain) {
85 78
return {
86 79
$case: 'x509CertificateChain',
87 80
x509CertificateChain: {
88 81
certificates: [{ rawBytes: options.certificate }],
89 82
},
90 83
};
91 84
}
85 +
else {
86 +
return {
87 +
$case: 'certificate',
88 +
certificate: { rawBytes: options.certificate },
89 +
};
90 +
}
92 91
}
93 92
else {
94 93
return {
@@ -1,6 +1,10 @@
1 1
"use strict";
2 2
Object.defineProperty(exports, "__esModule", { value: true });
3 -
exports.isBundleWithDsseEnvelope = exports.isBundleWithMessageSignature = exports.isBundleWithPublicKey = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = void 0;
3 +
exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = void 0;
4 +
exports.isBundleWithCertificateChain = isBundleWithCertificateChain;
5 +
exports.isBundleWithPublicKey = isBundleWithPublicKey;
6 +
exports.isBundleWithMessageSignature = isBundleWithMessageSignature;
7 +
exports.isBundleWithDsseEnvelope = isBundleWithDsseEnvelope;
4 8
exports.BUNDLE_V01_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.1';
5 9
exports.BUNDLE_V02_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.2';
6 10
exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.3';
@@ -9,16 +13,12 @@ exports.BUNDLE_V03_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle.v0.3+json';
9 13
function isBundleWithCertificateChain(b) {
10 14
return b.verificationMaterial.content.$case === 'x509CertificateChain';
11 15
}
12 -
exports.isBundleWithCertificateChain = isBundleWithCertificateChain;
13 16
function isBundleWithPublicKey(b) {
14 17
return b.verificationMaterial.content.$case === 'publicKey';
15 18
}
16 -
exports.isBundleWithPublicKey = isBundleWithPublicKey;
17 19
function isBundleWithMessageSignature(b) {
18 20
return b.content.$case === 'messageSignature';
19 21
}
20 -
exports.isBundleWithMessageSignature = isBundleWithMessageSignature;
21 22
function isBundleWithDsseEnvelope(b) {
22 23
return b.content.$case === 'dsseEnvelope';
23 24
}
24 -
exports.isBundleWithDsseEnvelope = isBundleWithDsseEnvelope;
Original file line number Diff line number Diff line change
@@ -1,6 +1,10 @@
1 1
"use strict";
2 2
Object.defineProperty(exports, "__esModule", { value: true });
3 -
exports.assertBundleLatest = exports.assertBundleV02 = exports.isBundleV01 = exports.assertBundleV01 = exports.assertBundle = void 0;
3 +
exports.assertBundle = assertBundle;
4 +
exports.assertBundleV01 = assertBundleV01;
5 +
exports.isBundleV01 = isBundleV01;
6 +
exports.assertBundleV02 = assertBundleV02;
7 +
exports.assertBundleLatest = assertBundleLatest;
4 8
/*
5 9
Copyright 2023 The Sigstore Authors.
6 10
@@ -27,7 +31,6 @@ function assertBundle(b) {
27 31
throw new error_1.ValidationError('invalid bundle', invalidValues);
28 32
}
29 33
}
30 -
exports.assertBundle = assertBundle;
31 34
// Asserts that the given bundle conforms to the v0.1 bundle format.
32 35
function assertBundleV01(b) {
33 36
const invalidValues = [];
@@ -37,7 +40,6 @@ function assertBundleV01(b) {
37 40
throw new error_1.ValidationError('invalid v0.1 bundle', invalidValues);
38 41
}
39 42
}
40 -
exports.assertBundleV01 = assertBundleV01;
41 43
// Type guard to determine if Bundle is a v0.1 bundle.
42 44
function isBundleV01(b) {
43 45
try {
@@ -48,7 +50,6 @@ function isBundleV01(b) {
48 50
return false;
49 51
}
50 52
}
51 -
exports.isBundleV01 = isBundleV01;
52 53
// Asserts that the given bundle conforms to the v0.2 bundle format.
53 54
function assertBundleV02(b) {
54 55
const invalidValues = [];
@@ -58,7 +59,6 @@ function assertBundleV02(b) {
58 59
throw new error_1.ValidationError('invalid v0.2 bundle', invalidValues);
59 60
}
60 61
}
61 -
exports.assertBundleV02 = assertBundleV02;
62 62
// Asserts that the given bundle conforms to the newest (0.3) bundle format.
63 63
function assertBundleLatest(b) {
64 64
const invalidValues = [];
@@ -69,7 +69,6 @@ function assertBundleLatest(b) {
69 69
throw new error_1.ValidationError('invalid bundle', invalidValues);
70 70
}
71 71
}
72 -
exports.assertBundleLatest = assertBundleLatest;
73 72
function validateBundleBase(b) {
74 73
const invalidValues = [];
75 74
// Media type validation
@@ -192,6 +191,7 @@ function validateInclusionProof(b) {
192 191
// Necessary for V03 and later bundles
193 192
function validateNoCertificateChain(b) {
194 193
const invalidValues = [];
194 +
/* istanbul ignore next */
195 195
if (b.verificationMaterial?.content?.$case === 'x509CertificateChain') {
196 196
invalidValues.push('verificationMaterial.content.$case');
197 197
}
@@ -1,6 +1,6 @@
1 1
{
2 2
"name": "@sigstore/bundle",
3 -
"version": "2.3.2",
3 +
"version": "3.0.0",
4 4
"description": "Sigstore bundle type",
5 5
"main": "dist/index.js",
6 6
"types": "dist/index.d.ts",
@@ -30,6 +30,6 @@
30 30
"@sigstore/protobuf-specs": "^0.3.2"
31 31
},
32 32
"engines": {
33 -
"node": "^16.14.0 || >=18.0.0"
33 +
"node": "^18.17.0 || >=20.5.0"
34 34
}
35 35
}
Original file line number Diff line number Diff line change
@@ -15,7 +15,8 @@ See the License for the specific language governing permissions and
15 15
limitations under the License.
16 16
*/
17 17
Object.defineProperty(exports, "__esModule", { value: true });
18 -
exports.encodeLength = exports.decodeLength = void 0;
18 +
exports.decodeLength = decodeLength;
19 +
exports.encodeLength = encodeLength;
19 20
const error_1 = require("./error");
20 21
// Decodes the length of a DER-encoded ANS.1 element from the supplied stream.
21 22
// https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-encoded-length-and-value-bytes
@@ -44,7 +45,6 @@ function decodeLength(stream) {
44 45
}
45 46
return len;
46 47
}
47 -
exports.decodeLength = decodeLength;
48 48
// Translates the supplied value to a DER-encoded length.
49 49
function encodeLength(len) {
50 50
if (len < 128) {
@@ -60,4 +60,3 @@ function encodeLength(len) {
60 60
}
61 61
return Buffer.from([0x80 | bytes.length, ...bytes]);
62 62
}
63 -
exports.encodeLength = encodeLength;
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
1 1
"use strict";
2 2
Object.defineProperty(exports, "__esModule", { value: true });
3 -
exports.parseBitString = exports.parseBoolean = exports.parseOID = exports.parseTime = exports.parseStringASCII = exports.parseInteger = void 0;
3 +
exports.parseInteger = parseInteger;
4 +
exports.parseStringASCII = parseStringASCII;
5 +
exports.parseTime = parseTime;
6 +
exports.parseOID = parseOID;
7 +
exports.parseBoolean = parseBoolean;
8 +
exports.parseBitString = parseBitString;
4 9
/*
5 10
Copyright 2023 The Sigstore Authors.
6 11
@@ -43,13 +48,11 @@ function parseInteger(buf) {
43 48
}
44 49
return n;
45 50
}
46 -
exports.parseInteger = parseInteger;
47 51
// Parse an ASCII string from the DER-encoded buffer
48 52
// https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-basic-types#boolean
49 53
function parseStringASCII(buf) {
50 54
return buf.toString('ascii');
51 55
}
52 -
exports.parseStringASCII = parseStringASCII;
53 56
// Parse a Date from the DER-encoded buffer
54 57
// https://www.rfc-editor.org/rfc/rfc5280#section-4.1.2.5.1
55 58
function parseTime(buf, shortYear) {
@@ -70,7 +73,6 @@ function parseTime(buf, shortYear) {
70 73
// Translate to ISO8601 format and parse
71 74
return new Date(`${m[1]}-${m[2]}-${m[3]}T${m[4]}:${m[5]}:${m[6]}Z`);
72 75
}
73 -
exports.parseTime = parseTime;
74 76
// Parse an OID from the DER-encoded buffer
75 77
// https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-object-identifier
76 78
function parseOID(buf) {
@@ -95,13 +97,11 @@ function parseOID(buf) {
95 97
}
96 98
return oid;
97 99
}
98 -
exports.parseOID = parseOID;
99 100
// Parse a boolean from the DER-encoded buffer
100 101
// https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-basic-types#boolean
101 102
function parseBoolean(buf) {
102 103
return buf[0] !== 0;
103 104
}
104 -
exports.parseBoolean = parseBoolean;
105 105
// Parse a bit string from the DER-encoded buffer
106 106
// https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-bit-string
107 107
function parseBitString(buf) {
@@ -122,4 +122,3 @@ function parseBitString(buf) {
122 122
}
123 123
return bits;
124 124
}
125 -
exports.parseBitString = parseBitString;
Original file line number Diff line number Diff line change
@@ -3,7 +3,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
3 3
return (mod && mod.__esModule) ? mod : { "default": mod };
4 4
};
5 5
Object.defineProperty(exports, "__esModule", { value: true });
6 -
exports.bufferEqual = exports.verify = exports.hash = exports.digest = exports.createPublicKey = void 0;
6 +
exports.createPublicKey = createPublicKey;
7 +
exports.digest = digest;
8 +
exports.verify = verify;
9 +
exports.bufferEqual = bufferEqual;
7 10
/*
8 11
Copyright 2023 The Sigstore Authors.
9 12
@@ -20,7 +23,6 @@ See the License for the specific language governing permissions and
20 23
limitations under the License.
21 24
*/
22 25
const crypto_1 = __importDefault(require("crypto"));
23 -
const SHA256_ALGORITHM = 'sha256';
24 26
function createPublicKey(key, type = 'spki') {
25 27
if (typeof key === 'string') {
26 28
return crypto_1.default.createPublicKey(key);
@@ -29,24 +31,13 @@ function createPublicKey(key, type = 'spki') {
29 31
return crypto_1.default.createPublicKey({ key, format: 'der', type: type });
30 32
}
31 33
}
32 -
exports.createPublicKey = createPublicKey;
33 34
function digest(algorithm, ...data) {
34 35
const hash = crypto_1.default.createHash(algorithm);
35 36
for (const d of data) {
36 37
hash.update(d);
37 38
}
38 39
return hash.digest();
39 40
}
40 -
exports.digest = digest;
41 -
// TODO: deprecate this in favor of digest()
42 -
function hash(...data) {
43 -
const hash = crypto_1.default.createHash(SHA256_ALGORITHM);
44 -
for (const d of data) {
45 -
hash.update(d);
46 -
}
47 -
return hash.digest();
48 -
}
49 -
exports.hash = hash;
50 41
function verify(data, key, signature, algorithm) {
51 42
// The try/catch is to work around an issue in Node 14.x where verify throws
52 43
// an error in some scenarios if the signature is invalid.
@@ -58,7 +49,6 @@ function verify(data, key, signature, algorithm) {
58 49
return false;
59 50
}
60 51
}
61 -
exports.verify = verify;
62 52
function bufferEqual(a, b) {
63 53
try {
64 54
return crypto_1.default.timingSafeEqual(a, b);
@@ -68,4 +58,3 @@ function bufferEqual(a, b) {
68 58
return false;
69 59
}
70 60
}
71 -
exports.bufferEqual = bufferEqual;
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
1 1
"use strict";
2 2
Object.defineProperty(exports, "__esModule", { value: true });
3 -
exports.preAuthEncoding = void 0;
3 +
exports.preAuthEncoding = preAuthEncoding;
4 4
/*
5 5
Copyright 2023 The Sigstore Authors.
6 6
@@ -28,4 +28,3 @@ function preAuthEncoding(payloadType, payload) {
28 28
].join(' ');
29 29
return Buffer.concat([Buffer.from(prefix, 'ascii'), payload]);
30 30
}
31 -
exports.preAuthEncoding = preAuthEncoding;
You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4