batuhan-basoglu/Kargi-Sitesi
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Deployed the page to Github Pages.

Browse source
This commit is contained in:
Batuhan Berk Başoğlu 2024-11-03 21:30:09 -05:00
parent 1d79754e93
commit 2c89899458
Signed by: batuhan-basoglu
SSH key fingerprint: SHA256:kEsnuHX+qbwhxSAXPUQ4ox535wFHu/hIRaa53FzxRpo
62797 changed files with 6551425 additions and 15279 deletions
Download patch file Download diff file Expand all files Collapse all files

3
node_modules/@sigstore/sign/dist/witness/index.d.ts generated vendored Normal file
View file

@ -0,0 +1,3 @@
export { DEFAULT_REKOR_URL, RekorWitness, RekorWitnessOptions } from './tlog';
export { TSAWitness, TSAWitnessOptions } from './tsa';
export type { SignatureBundle, VerificationMaterial, Witness } from './witness';

24
node_modules/@sigstore/sign/dist/witness/index.js generated vendored Normal file
View file

@ -0,0 +1,24 @@
"use strict";
/* istanbul ignore file */
Object.defineProperty(exports, "__esModule", { value: true });
exports.TSAWitness = exports.RekorWitness = exports.DEFAULT_REKOR_URL = void 0;
/*
Copyright 2023 The Sigstore Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
var tlog_1 = require("./tlog");
Object.defineProperty(exports, "DEFAULT_REKOR_URL", { enumerable: true, get: function () { return tlog_1.DEFAULT_REKOR_URL; } });
Object.defineProperty(exports, "RekorWitness", { enumerable: true, get: function () { return tlog_1.RekorWitness; } });
var tsa_1 = require("./tsa");
Object.defineProperty(exports, "TSAWitness", { enumerable: true, get: function () { return tsa_1.TSAWitness; } });

16
node_modules/@sigstore/sign/dist/witness/tlog/client.d.ts generated vendored Normal file
View file

@ -0,0 +1,16 @@
import type { Entry, ProposedEntry } from '../../external/rekor';
import type { FetchOptions } from '../../types/fetch';
export type { Entry, ProposedEntry };
export interface TLog {
createEntry: (proposedEntry: ProposedEntry) => Promise<Entry>;
}
export type TLogClientOptions = {
rekorBaseURL: string;
fetchOnConflict?: boolean;
} & FetchOptions;
export declare class TLogClient implements TLog {
private rekor;
private fetchOnConflict;
constructor(options: TLogClientOptions);
createEntry(proposedEntry: ProposedEntry): Promise<Entry>;
}

61
node_modules/@sigstore/sign/dist/witness/tlog/client.js generated vendored Normal file
View file

@ -0,0 +1,61 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.TLogClient = void 0;
/*
Copyright 2023 The Sigstore Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const error_1 = require("../../error");
const error_2 = require("../../external/error");
const rekor_1 = require("../../external/rekor");
class TLogClient {
constructor(options) {
this.fetchOnConflict = options.fetchOnConflict ?? false;
this.rekor = new rekor_1.Rekor({
baseURL: options.rekorBaseURL,
retry: options.retry,
timeout: options.timeout,
});
}
async createEntry(proposedEntry) {
let entry;
try {
entry = await this.rekor.createEntry(proposedEntry);
}
catch (err) {
// If the entry already exists, fetch it (if enabled)
if (entryExistsError(err) && this.fetchOnConflict) {
// Grab the UUID of the existing entry from the location header
/* istanbul ignore next */
const uuid = err.location.split('/').pop() || '';
try {
entry = await this.rekor.getEntry(uuid);
}
catch (err) {
(0, error_1.internalError)(err, 'TLOG_FETCH_ENTRY_ERROR', 'error fetching tlog entry');
}
}
else {
(0, error_1.internalError)(err, 'TLOG_CREATE_ENTRY_ERROR', 'error creating tlog entry');
}
}
return entry;
}
}
exports.TLogClient = TLogClient;
function entryExistsError(value) {
return (value instanceof error_2.HTTPError &&
value.statusCode === 409 &&
value.location !== undefined);
}

3
node_modules/@sigstore/sign/dist/witness/tlog/entry.d.ts generated vendored Normal file
View file

@ -0,0 +1,3 @@
import type { ProposedEntry } from '../../external/rekor';
import type { SignatureBundle } from '../witness';
export declare function toProposedEntry(content: SignatureBundle, publicKey: string, entryType?: 'dsse' | 'intoto'): ProposedEntry;

136
node_modules/@sigstore/sign/dist/witness/tlog/entry.js generated vendored Normal file
View file

@ -0,0 +1,136 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.toProposedEntry = void 0;
/*
Copyright 2023 The Sigstore Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const bundle_1 = require("@sigstore/bundle");
const util_1 = require("../../util");
function toProposedEntry(content, publicKey,
// TODO: Remove this parameter once have completely switched to 'dsse' entries
entryType = 'intoto') {
switch (content.$case) {
case 'dsseEnvelope':
// TODO: Remove this conditional once have completely switched to 'dsse' entries
if (entryType === 'dsse') {
return toProposedDSSEEntry(content.dsseEnvelope, publicKey);
}
return toProposedIntotoEntry(content.dsseEnvelope, publicKey);
case 'messageSignature':
return toProposedHashedRekordEntry(content.messageSignature, publicKey);
}
}
exports.toProposedEntry = toProposedEntry;
// Returns a properly formatted Rekor "hashedrekord" entry for the given digest
// and signature
function toProposedHashedRekordEntry(messageSignature, publicKey) {
const hexDigest = messageSignature.messageDigest.digest.toString('hex');
const b64Signature = messageSignature.signature.toString('base64');
const b64Key = util_1.encoding.base64Encode(publicKey);
return {
apiVersion: '0.0.1',
kind: 'hashedrekord',
spec: {
data: {
hash: {
algorithm: 'sha256',
value: hexDigest,
},
},
signature: {
content: b64Signature,
publicKey: {
content: b64Key,
},
},
},
};
}
// Returns a properly formatted Rekor "dsse" entry for the given DSSE envelope
// and signature
function toProposedDSSEEntry(envelope, publicKey) {
const envelopeJSON = JSON.stringify((0, bundle_1.envelopeToJSON)(envelope));
const encodedKey = util_1.encoding.base64Encode(publicKey);
return {
apiVersion: '0.0.1',
kind: 'dsse',
spec: {
proposedContent: {
envelope: envelopeJSON,
verifiers: [encodedKey],
},
},
};
}
// Returns a properly formatted Rekor "intoto" entry for the given DSSE
// envelope and signature
function toProposedIntotoEntry(envelope, publicKey) {
// Calculate the value for the payloadHash field in the Rekor entry
const payloadHash = util_1.crypto.hash(envelope.payload).toString('hex');
// Calculate the value for the hash field in the Rekor entry
const envelopeHash = calculateDSSEHash(envelope, publicKey);
// Collect values for re-creating the DSSE envelope.
// Double-encode payload and signature cause that's what Rekor expects
const payload = util_1.encoding.base64Encode(envelope.payload.toString('base64'));
const sig = util_1.encoding.base64Encode(envelope.signatures[0].sig.toString('base64'));
const keyid = envelope.signatures[0].keyid;
const encodedKey = util_1.encoding.base64Encode(publicKey);
// Create the envelope portion of the entry. Note the inclusion of the
// publicKey in the signature struct is not a standard part of a DSSE
// envelope, but is required by Rekor.
const dsse = {
payloadType: envelope.payloadType,
payload: payload,
signatures: [{ sig, publicKey: encodedKey }],
};
// If the keyid is an empty string, Rekor seems to remove it altogether. We
// need to do the same here so that we can properly recreate the entry for
// verification.
if (keyid.length > 0) {
dsse.signatures[0].keyid = keyid;
}
return {
apiVersion: '0.0.2',
kind: 'intoto',
spec: {
content: {
envelope: dsse,
hash: { algorithm: 'sha256', value: envelopeHash },
payloadHash: { algorithm: 'sha256', value: payloadHash },
},
},
};
}
// Calculates the hash of a DSSE envelope for inclusion in a Rekor entry.
// There is no standard way to do this, so the scheme we're using as as
// follows:
// * payload is base64 encoded
// * signature is base64 encoded (only the first signature is used)
// * keyid is included ONLY if it is NOT an empty string
// * The resulting JSON is canonicalized and hashed to a hex string
function calculateDSSEHash(envelope, publicKey) {
const dsse = {
payloadType: envelope.payloadType,
payload: envelope.payload.toString('base64'),
signatures: [
{ sig: envelope.signatures[0].sig.toString('base64'), publicKey },
],
};
// If the keyid is an empty string, Rekor seems to remove it altogether.
if (envelope.signatures[0].keyid.length > 0) {
dsse.signatures[0].keyid = envelope.signatures[0].keyid;
}
return util_1.crypto.hash(util_1.json.canonicalize(dsse)).toString('hex');
}

17
node_modules/@sigstore/sign/dist/witness/tlog/index.d.ts generated vendored Normal file
View file

@ -0,0 +1,17 @@
import { TLogClientOptions } from './client';
import type { TransparencyLogEntry } from '@sigstore/bundle';
import type { SignatureBundle, Witness } from '../witness';
export declare const DEFAULT_REKOR_URL = "https://rekor.sigstore.dev";
type TransparencyLogEntries = {
tlogEntries: TransparencyLogEntry[];
};
export type RekorWitnessOptions = Partial<TLogClientOptions> & {
entryType?: 'dsse' | 'intoto';
};
export declare class RekorWitness implements Witness {
private tlog;
private entryType?;
constructor(options: RekorWitnessOptions);
testify(content: SignatureBundle, publicKey: string): Promise<TransparencyLogEntries>;
}
export {};

82
node_modules/@sigstore/sign/dist/witness/tlog/index.js generated vendored Normal file
View file

@ -0,0 +1,82 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.RekorWitness = exports.DEFAULT_REKOR_URL = void 0;
/*
Copyright 2023 The Sigstore Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const util_1 = require("../../util");
const client_1 = require("./client");
const entry_1 = require("./entry");
exports.DEFAULT_REKOR_URL = 'https://rekor.sigstore.dev';
class RekorWitness {
constructor(options) {
this.entryType = options.entryType;
this.tlog = new client_1.TLogClient({
...options,
rekorBaseURL: options.rekorBaseURL || /* istanbul ignore next */ exports.DEFAULT_REKOR_URL,
});
}
async testify(content, publicKey) {
const proposedEntry = (0, entry_1.toProposedEntry)(content, publicKey, this.entryType);
const entry = await this.tlog.createEntry(proposedEntry);
return toTransparencyLogEntry(entry);
}
}
exports.RekorWitness = RekorWitness;
function toTransparencyLogEntry(entry) {
const logID = Buffer.from(entry.logID, 'hex');
// Parse entry body so we can extract the kind and version.
const bodyJSON = util_1.encoding.base64Decode(entry.body);
const entryBody = JSON.parse(bodyJSON);
const promise = entry?.verification?.signedEntryTimestamp
? inclusionPromise(entry.verification.signedEntryTimestamp)
: undefined;
const proof = entry?.verification?.inclusionProof
? inclusionProof(entry.verification.inclusionProof)
: undefined;
const tlogEntry = {
logIndex: entry.logIndex.toString(),
logId: {
keyId: logID,
},
integratedTime: entry.integratedTime.toString(),
kindVersion: {
kind: entryBody.kind,
version: entryBody.apiVersion,
},
inclusionPromise: promise,
inclusionProof: proof,
canonicalizedBody: Buffer.from(entry.body, 'base64'),
};
return {
tlogEntries: [tlogEntry],
};
}
function inclusionPromise(promise) {
return {
signedEntryTimestamp: Buffer.from(promise, 'base64'),
};
}
function inclusionProof(proof) {
return {
logIndex: proof.logIndex.toString(),
treeSize: proof.treeSize.toString(),
rootHash: Buffer.from(proof.rootHash, 'hex'),
hashes: proof.hashes.map((h) => Buffer.from(h, 'hex')),
checkpoint: {
envelope: proof.checkpoint,
},
};
}

13
node_modules/@sigstore/sign/dist/witness/tsa/client.d.ts generated vendored Normal file
View file

@ -0,0 +1,13 @@
/// <reference types="node" />
import type { FetchOptions } from '../../types/fetch';
export interface TSA {
createTimestamp: (signature: Buffer) => Promise<Buffer>;
}
export type TSAClientOptions = {
tsaBaseURL: string;
} & FetchOptions;
export declare class TSAClient implements TSA {
private tsa;
constructor(options: TSAClientOptions);
createTimestamp(signature: Buffer): Promise<Buffer>;
}

43
node_modules/@sigstore/sign/dist/witness/tsa/client.js generated vendored Normal file
View file

@ -0,0 +1,43 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.TSAClient = void 0;
/*
Copyright 2023 The Sigstore Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const error_1 = require("../../error");
const tsa_1 = require("../../external/tsa");
const util_1 = require("../../util");
class TSAClient {
constructor(options) {
this.tsa = new tsa_1.TimestampAuthority({
baseURL: options.tsaBaseURL,
retry: options.retry,
timeout: options.timeout,
});
}
async createTimestamp(signature) {
const request = {
artifactHash: util_1.crypto.hash(signature).toString('base64'),
hashAlgorithm: 'sha256',
};
try {
return await this.tsa.createTimestamp(request);
}
catch (err) {
(0, error_1.internalError)(err, 'TSA_CREATE_TIMESTAMP_ERROR', 'error creating timestamp');
}
}
}
exports.TSAClient = TSAClient;

13
node_modules/@sigstore/sign/dist/witness/tsa/index.d.ts generated vendored Normal file
View file

@ -0,0 +1,13 @@
import { TSAClientOptions } from './client';
import type { RFC3161SignedTimestamp } from '@sigstore/bundle';
import type { SignatureBundle, Witness } from '../witness';
type RFC3161SignedTimestamps = {
rfc3161Timestamps: RFC3161SignedTimestamp[];
};
export type TSAWitnessOptions = TSAClientOptions;
export declare class TSAWitness implements Witness {
private tsa;
constructor(options: TSAWitnessOptions);
testify(content: SignatureBundle): Promise<RFC3161SignedTimestamps>;
}
export {};

44
node_modules/@sigstore/sign/dist/witness/tsa/index.js generated vendored Normal file
View file

@ -0,0 +1,44 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.TSAWitness = void 0;
/*
Copyright 2023 The Sigstore Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const client_1 = require("./client");
class TSAWitness {
constructor(options) {
this.tsa = new client_1.TSAClient({
tsaBaseURL: options.tsaBaseURL,
retry: options.retry,
timeout: options.timeout,
});
}
async testify(content) {
const signature = extractSignature(content);
const timestamp = await this.tsa.createTimestamp(signature);
return {
rfc3161Timestamps: [{ signedTimestamp: timestamp }],
};
}
}
exports.TSAWitness = TSAWitness;
function extractSignature(content) {
switch (content.$case) {
case 'dsseEnvelope':
return content.dsseEnvelope.signatures[0].sig;
case 'messageSignature':
return content.messageSignature.signature;
}
}

9
node_modules/@sigstore/sign/dist/witness/witness.d.ts generated vendored Normal file
View file

@ -0,0 +1,9 @@
import type { Bundle, RFC3161SignedTimestamp, TransparencyLogEntry } from '@sigstore/bundle';
export type SignatureBundle = Bundle['content'];
export type VerificationMaterial = {
tlogEntries?: TransparencyLogEntry[];
rfc3161Timestamps?: RFC3161SignedTimestamp[];
};
export interface Witness {
testify: (signature: SignatureBundle, publicKey: string) => Promise<VerificationMaterial>;
}

2
node_modules/@sigstore/sign/dist/witness/witness.js generated vendored Normal file
View file

@ -0,0 +1,2 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });