From 270d37f1025c4f53e55eb3deb2857ad103999aa2 Mon Sep 17 00:00:00 2001 From: Lily Sturmann Date: Mon, 1 Apr 2024 16:54:56 -0400 Subject: [PATCH] Add RekorBundle message Signed-off-by: Lily Sturmann --- gen/pb-go/rekor/v1/sigstore_rekor.pb.go | 121 ++++++++++++++++-- .../dev/sigstore/rekor/v1/__init__.py | 13 ++ gen/pb-ruby/lib/sigstore_rekor_pb.rb | 7 + .../src/generated/dev.sigstore.rekor.v1.rs | 21 +++ .../src/generated/file_descriptor_set.bin | Bin 114261 -> 114945 bytes .../src/__generated__/sigstore_rekor.ts | 36 ++++++ protos/sigstore_rekor.proto | 9 ++ 7 files changed, 194 insertions(+), 13 deletions(-) diff --git a/gen/pb-go/rekor/v1/sigstore_rekor.pb.go b/gen/pb-go/rekor/v1/sigstore_rekor.pb.go index a385e9fd..88bcc2a0 100644 --- a/gen/pb-go/rekor/v1/sigstore_rekor.pb.go +++ b/gen/pb-go/rekor/v1/sigstore_rekor.pb.go @@ -432,6 +432,79 @@ func (x *TransparencyLogEntry) GetCanonicalizedBody() []byte { return nil } +// The RekorBundle is the signed material used to produce the Signed Entry +// Timestamp signature. See notes on the InclusionPromise above. +type RekorBundle struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Body []byte `protobuf:"bytes,1,opt,name=body,proto3" json:"body,omitempty"` + IntegratedTime int64 `protobuf:"varint,2,opt,name=integrated_time,json=integratedTime,proto3" json:"integrated_time,omitempty"` + LogId string `protobuf:"bytes,3,opt,name=log_id,json=logId,proto3" json:"log_id,omitempty"` + LogIndex int64 `protobuf:"varint,4,opt,name=log_index,json=logIndex,proto3" json:"log_index,omitempty"` +} + +func (x *RekorBundle) Reset() { + *x = RekorBundle{} + if protoimpl.UnsafeEnabled { + mi := &file_sigstore_rekor_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RekorBundle) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RekorBundle) ProtoMessage() {} + +func (x *RekorBundle) ProtoReflect() protoreflect.Message { + mi := &file_sigstore_rekor_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RekorBundle.ProtoReflect.Descriptor instead. +func (*RekorBundle) Descriptor() ([]byte, []int) { + return file_sigstore_rekor_proto_rawDescGZIP(), []int{5} +} + +func (x *RekorBundle) GetBody() []byte { + if x != nil { + return x.Body + } + return nil +} + +func (x *RekorBundle) GetIntegratedTime() int64 { + if x != nil { + return x.IntegratedTime + } + return 0 +} + +func (x *RekorBundle) GetLogId() string { + if x != nil { + return x.LogId + } + return "" +} + +func (x *RekorBundle) GetLogIndex() int64 { + if x != nil { + return x.LogIndex + } + return 0 +} + var File_sigstore_rekor_proto protoreflect.FileDescriptor var file_sigstore_rekor_proto_rawDesc = []byte{ @@ -496,15 +569,24 @@ var file_sigstore_rekor_proto_rawDesc = []byte{ 0x6f, 0x6f, 0x66, 0x12, 0x2d, 0x0a, 0x12, 0x63, 0x61, 0x6e, 0x6f, 0x6e, 0x69, 0x63, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x64, 0x5f, 0x62, 0x6f, 0x64, 0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x11, 0x63, 0x61, 0x6e, 0x6f, 0x6e, 0x69, 0x63, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x64, 0x42, 0x6f, - 0x64, 0x79, 0x42, 0x78, 0x0a, 0x1b, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, - 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x72, 0x65, 0x6b, 0x6f, 0x72, 0x2e, 0x76, - 0x31, 0x42, 0x0a, 0x52, 0x65, 0x6b, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, - 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, - 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, - 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x72, 0x65, - 0x6b, 0x6f, 0x72, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x13, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, - 0x65, 0x3a, 0x3a, 0x52, 0x65, 0x6b, 0x6f, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x33, + 0x64, 0x79, 0x22, 0x92, 0x01, 0x0a, 0x0b, 0x52, 0x65, 0x6b, 0x6f, 0x72, 0x42, 0x75, 0x6e, 0x64, + 0x6c, 0x65, 0x12, 0x17, 0x0a, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, + 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x12, 0x2c, 0x0a, 0x0f, 0x69, + 0x6e, 0x74, 0x65, 0x67, 0x72, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x03, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0e, 0x69, 0x6e, 0x74, 0x65, 0x67, + 0x72, 0x61, 0x74, 0x65, 0x64, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x06, 0x6c, 0x6f, 0x67, + 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x05, + 0x6c, 0x6f, 0x67, 0x49, 0x64, 0x12, 0x20, 0x0a, 0x09, 0x6c, 0x6f, 0x67, 0x5f, 0x69, 0x6e, 0x64, + 0x65, 0x78, 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x08, 0x6c, + 0x6f, 0x67, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x42, 0x78, 0x0a, 0x1b, 0x64, 0x65, 0x76, 0x2e, 0x73, + 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x72, 0x65, + 0x6b, 0x6f, 0x72, 0x2e, 0x76, 0x31, 0x42, 0x0a, 0x52, 0x65, 0x6b, 0x6f, 0x72, 0x50, 0x72, 0x6f, + 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, + 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, + 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, + 0x67, 0x6f, 0x2f, 0x72, 0x65, 0x6b, 0x6f, 0x72, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x13, 0x53, 0x69, + 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x52, 0x65, 0x6b, 0x6f, 0x72, 0x3a, 0x3a, 0x56, + 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -519,18 +601,19 @@ func file_sigstore_rekor_proto_rawDescGZIP() []byte { return file_sigstore_rekor_proto_rawDescData } -var file_sigstore_rekor_proto_msgTypes = make([]protoimpl.MessageInfo, 5) +var file_sigstore_rekor_proto_msgTypes = make([]protoimpl.MessageInfo, 6) var file_sigstore_rekor_proto_goTypes = []interface{}{ (*KindVersion)(nil), // 0: dev.sigstore.rekor.v1.KindVersion (*Checkpoint)(nil), // 1: dev.sigstore.rekor.v1.Checkpoint (*InclusionProof)(nil), // 2: dev.sigstore.rekor.v1.InclusionProof (*InclusionPromise)(nil), // 3: dev.sigstore.rekor.v1.InclusionPromise (*TransparencyLogEntry)(nil), // 4: dev.sigstore.rekor.v1.TransparencyLogEntry - (*v1.LogId)(nil), // 5: dev.sigstore.common.v1.LogId + (*RekorBundle)(nil), // 5: dev.sigstore.rekor.v1.RekorBundle + (*v1.LogId)(nil), // 6: dev.sigstore.common.v1.LogId } var file_sigstore_rekor_proto_depIdxs = []int32{ 1, // 0: dev.sigstore.rekor.v1.InclusionProof.checkpoint:type_name -> dev.sigstore.rekor.v1.Checkpoint - 5, // 1: dev.sigstore.rekor.v1.TransparencyLogEntry.log_id:type_name -> dev.sigstore.common.v1.LogId + 6, // 1: dev.sigstore.rekor.v1.TransparencyLogEntry.log_id:type_name -> dev.sigstore.common.v1.LogId 0, // 2: dev.sigstore.rekor.v1.TransparencyLogEntry.kind_version:type_name -> dev.sigstore.rekor.v1.KindVersion 3, // 3: dev.sigstore.rekor.v1.TransparencyLogEntry.inclusion_promise:type_name -> dev.sigstore.rekor.v1.InclusionPromise 2, // 4: dev.sigstore.rekor.v1.TransparencyLogEntry.inclusion_proof:type_name -> dev.sigstore.rekor.v1.InclusionProof @@ -607,6 +690,18 @@ func file_sigstore_rekor_proto_init() { return nil } } + file_sigstore_rekor_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RekorBundle); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } } type x struct{} out := protoimpl.TypeBuilder{ @@ -614,7 +709,7 @@ func file_sigstore_rekor_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_sigstore_rekor_proto_rawDesc, NumEnums: 0, - NumMessages: 5, + NumMessages: 6, NumExtensions: 0, NumServices: 0, }, diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/rekor/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/rekor/v1/__init__.py index 81f2c522..da9ef971 100644 --- a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/rekor/v1/__init__.py +++ b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/rekor/v1/__init__.py @@ -150,3 +150,16 @@ class TransparencyLogEntry(betterproto.Message): the `Bundle.content`. If not set, clients are responsible for constructing an equivalent payload from other sources to verify the signature. """ + + +@dataclass(eq=False, repr=False) +class RekorBundle(betterproto.Message): + """ + The RekorBundle is the signed material used to produce the Signed Entry + Timestamp signature. See notes on the InclusionPromise above. + """ + + body: bytes = betterproto.bytes_field(1) + integrated_time: int = betterproto.int64_field(2) + log_id: str = betterproto.string_field(3) + log_index: int = betterproto.int64_field(4) diff --git a/gen/pb-ruby/lib/sigstore_rekor_pb.rb b/gen/pb-ruby/lib/sigstore_rekor_pb.rb index 73a343a3..9a5ddbca 100644 --- a/gen/pb-ruby/lib/sigstore_rekor_pb.rb +++ b/gen/pb-ruby/lib/sigstore_rekor_pb.rb @@ -34,6 +34,12 @@ optional :inclusion_proof, :message, 6, "dev.sigstore.rekor.v1.InclusionProof" optional :canonicalized_body, :bytes, 7 end + add_message "dev.sigstore.rekor.v1.RekorBundle" do + optional :body, :bytes, 1 + optional :integrated_time, :int64, 2 + optional :log_id, :string, 3 + optional :log_index, :int64, 4 + end end end @@ -45,6 +51,7 @@ module V1 InclusionProof = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("dev.sigstore.rekor.v1.InclusionProof").msgclass InclusionPromise = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("dev.sigstore.rekor.v1.InclusionPromise").msgclass TransparencyLogEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("dev.sigstore.rekor.v1.TransparencyLogEntry").msgclass + RekorBundle = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("dev.sigstore.rekor.v1.RekorBundle").msgclass end end end diff --git a/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.rekor.v1.rs b/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.rekor.v1.rs index 6147a67a..9f020f26 100644 --- a/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.rekor.v1.rs +++ b/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.rekor.v1.rs @@ -158,3 +158,24 @@ pub struct TransparencyLogEntry { #[prost(bytes = "vec", tag = "7")] pub canonicalized_body: ::prost::alloc::vec::Vec, } +/// The RekorBundle is the signed material used to produce the Signed Entry +/// Timestamp signature. See notes on the InclusionPromise above. +#[derive( + sigstore_protobuf_specs_derive::Deserialize_proto, + sigstore_protobuf_specs_derive::Serialize_proto +)] +#[derive(::prost_reflect::ReflectMessage)] +#[prost_reflect(message_name = "dev.sigstore.rekor.v1.RekorBundle")] +#[prost_reflect(file_descriptor_set_bytes = "crate::FILE_DESCRIPTOR_SET_BYTES")] +#[allow(clippy::derive_partial_eq_without_eq)] +#[derive(Clone, PartialEq, ::prost::Message)] +pub struct RekorBundle { + #[prost(bytes = "vec", tag = "1")] + pub body: ::prost::alloc::vec::Vec, + #[prost(int64, tag = "2")] + pub integrated_time: i64, + #[prost(string, tag = "3")] + pub log_id: ::prost::alloc::string::String, + #[prost(int64, tag = "4")] + pub log_index: i64, +} diff --git a/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin b/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin index e767640e63f6eb0b32f27fd394f31d32df150608..853178901ce93dff7a82219767af1efd527eef7d 100644 GIT binary patch delta 753 zcmYk1y>1gh6oq|fcAfPk*`SGnmo<@w&`_YXbbuX4!lXe-sE~;4?8vOJcf$T4r&>Tb zUZUrF)bF~W~Tj8Wtd1L=t|{yg;iBauW%u@YyY z@{&_oY>vv!eh`P}OyoC2aesVPyzR$HD0jt?lp;{EjD!kAoT9iFoQ{&nSHZJTjr~Z9 z{y@EzyNsoHqrW=>{->l$%;0XEl2bKJVA(aN#;h}~dT z{?@v(YCOfrd05Hu`3$UsY7Zz!)N&|Vdt0|CpMkie5#=-3d0NS#kYjSUSGfr{GO+fl zIYBp~&C>D^g7OSDwsej144hjUQJ#U@spO=TXV7X_a-7e>+OOsm<%s&@6y0;Mo4PH= bZmYx=p(vlj?QSKfrF;(Cd&^$~2w(gIU=))8 delta 53 zcmZo{V!!%_tziq}Mi-_XHrqG5FkWJwF6GHs&H2!ni(QD7kD+mUp#ozl)ArBajIH9^ J`%@Wh5_