• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1"use strict";
2var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3    if (k2 === undefined) k2 = k;
4    var desc = Object.getOwnPropertyDescriptor(m, k);
5    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6      desc = { enumerable: true, get: function() { return m[k]; } };
7    }
8    Object.defineProperty(o, k2, desc);
9}) : (function(o, m, k, k2) {
10    if (k2 === undefined) k2 = k;
11    o[k2] = m[k];
12}));
13var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14    Object.defineProperty(o, "default", { enumerable: true, value: v });
15}) : function(o, v) {
16    o["default"] = v;
17});
18var __importStar = (this && this.__importStar) || function (mod) {
19    if (mod && mod.__esModule) return mod;
20    var result = {};
21    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22    __setModuleDefault(result, mod);
23    return result;
24};
25Object.defineProperty(exports, "__esModule", { value: true });
26exports.createRekorEntry = exports.createDSSEEnvelope = void 0;
27/*
28Copyright 2022 The Sigstore Authors.
29
30Licensed under the Apache License, Version 2.0 (the "License");
31you may not use this file except in compliance with the License.
32You may obtain a copy of the License at
33
34    http://www.apache.org/licenses/LICENSE-2.0
35
36Unless required by applicable law or agreed to in writing, software
37distributed under the License is distributed on an "AS IS" BASIS,
38WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
39See the License for the specific language governing permissions and
40limitations under the License.
41*/
42const config_1 = require("./config");
43const signature_1 = require("./types/signature");
44const sigstore = __importStar(require("./types/sigstore"));
45const util_1 = require("./util");
46async function createDSSEEnvelope(payload, payloadType, options) {
47    // Pre-authentication encoding to be signed
48    const paeBuffer = util_1.dsse.preAuthEncoding(payloadType, payload);
49    // Get signature and verification material for pae
50    const sigMaterial = await options.signer(paeBuffer);
51    const envelope = {
52        payloadType,
53        payload,
54        signatures: [
55            {
56                keyid: sigMaterial.key?.id || '',
57                sig: sigMaterial.signature,
58            },
59        ],
60    };
61    return sigstore.Envelope.toJSON(envelope);
62}
63exports.createDSSEEnvelope = createDSSEEnvelope;
64// Accepts a signed DSSE envelope and a PEM-encoded public key to be added to the
65// transparency log. Returns a Sigstore bundle suitable for offline verification.
66async function createRekorEntry(dsseEnvelope, publicKey, options = {}) {
67    const envelope = sigstore.Envelope.fromJSON(dsseEnvelope);
68    const tlog = (0, config_1.createTLogClient)(options);
69    const sigMaterial = (0, signature_1.extractSignatureMaterial)(envelope, publicKey);
70    const entry = await tlog.createDSSEEntry(envelope, sigMaterial, {
71        fetchOnConflict: true,
72    });
73    const bundle = sigstore.toDSSEBundle({
74        envelope,
75        signature: sigMaterial,
76        tlogEntry: entry,
77    });
78    return sigstore.bundleToJSON(bundle);
79}
80exports.createRekorEntry = createRekorEntry;
81