Updated the project.

2024-06-03 15:44:25 -04:00 · 2024-06-03 15:44:25 -04:00 · 7919556077
commit 7919556077
parent 5dfe9f128d
1550 changed files with 17063 additions and 40183 deletions
--- a/my-app/node_modules/@sigstore/verify/README.md
+++ b/my-app/node_modules/@sigstore/verify/README.md
--- a/my-app/node_modules/@sigstore/verify/dist/bundle/dsse.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/bundle/dsse.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/bundle/dsse.js
+++ b/my-app/node_modules/@sigstore/verify/dist/bundle/dsse.js
--- a/my-app/node_modules/@sigstore/verify/dist/bundle/index.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/bundle/index.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/bundle/index.js
+++ b/my-app/node_modules/@sigstore/verify/dist/bundle/index.js
@ -49,5 +49,10 @@ function key(bundle) {
                certificate: core_1.X509Certificate.parse(bundle.verificationMaterial.content.x509CertificateChain
                    .certificates[0].rawBytes),
            };
+        case 'certificate':
+            return {
+                $case: 'certificate',
+                certificate: core_1.X509Certificate.parse(bundle.verificationMaterial.content.certificate.rawBytes),
+            };
    }
 }
--- a/my-app/node_modules/@sigstore/verify/dist/bundle/message.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/bundle/message.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/bundle/message.js
+++ b/my-app/node_modules/@sigstore/verify/dist/bundle/message.js
--- a/my-app/node_modules/@sigstore/verify/dist/error.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/error.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/error.js
+++ b/my-app/node_modules/@sigstore/verify/dist/error.js
--- a/my-app/node_modules/@sigstore/verify/dist/index.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/index.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/index.js
+++ b/my-app/node_modules/@sigstore/verify/dist/index.js
--- a/my-app/node_modules/@sigstore/verify/dist/key/certificate.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/key/certificate.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/key/certificate.js
+++ b/my-app/node_modules/@sigstore/verify/dist/key/certificate.js
--- a/my-app/node_modules/@sigstore/verify/dist/key/index.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/key/index.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/key/index.js
+++ b/my-app/node_modules/@sigstore/verify/dist/key/index.js
--- a/my-app/node_modules/@sigstore/verify/dist/key/sct.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/key/sct.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/key/sct.js
+++ b/my-app/node_modules/@sigstore/verify/dist/key/sct.js
--- a/my-app/node_modules/@sigstore/verify/dist/policy.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/policy.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/policy.js
+++ b/my-app/node_modules/@sigstore/verify/dist/policy.js
--- a/my-app/node_modules/@sigstore/verify/dist/shared.types.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/shared.types.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/shared.types.js
+++ b/my-app/node_modules/@sigstore/verify/dist/shared.types.js
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/checkpoint.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/checkpoint.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/checkpoint.js
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/checkpoint.js
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/index.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/index.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/index.js
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/index.js
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/merkle.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/merkle.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/merkle.js
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/merkle.js
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/set.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/set.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/set.js
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/set.js
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/tsa.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/tsa.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/timestamp/tsa.js
+++ b/my-app/node_modules/@sigstore/verify/dist/timestamp/tsa.js
--- a/my-app/node_modules/@sigstore/verify/dist/tlog/dsse.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/tlog/dsse.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/tlog/dsse.js
+++ b/my-app/node_modules/@sigstore/verify/dist/tlog/dsse.js
--- a/my-app/node_modules/@sigstore/verify/dist/tlog/hashedrekord.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/tlog/hashedrekord.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/tlog/hashedrekord.js
+++ b/my-app/node_modules/@sigstore/verify/dist/tlog/hashedrekord.js
--- a/my-app/node_modules/@sigstore/verify/dist/tlog/index.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/tlog/index.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/tlog/index.js
+++ b/my-app/node_modules/@sigstore/verify/dist/tlog/index.js
--- a/my-app/node_modules/@sigstore/verify/dist/tlog/intoto.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/tlog/intoto.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/tlog/intoto.js
+++ b/my-app/node_modules/@sigstore/verify/dist/tlog/intoto.js
@ -42,11 +42,12 @@ function verifyIntoto002TLogBody(tlogEntry, content) {
    // Signature is double-base64-encoded in the tlog entry
    const tlogSig = base64Decode(tlogEntry.spec.content.envelope.signatures[0].sig);
    // Ensure that the signature in the bundle's DSSE matches tlog entry
-    if (!content.compareSignature(Buffer.from(tlogSig, 'base64')))
+    if (!content.compareSignature(Buffer.from(tlogSig, 'base64'))) {
        throw new error_1.VerificationError({
            code: 'TLOG_BODY_ERROR',
            message: 'tlog entry signature mismatch',
        });
+    }
    // Ensure the digest of the bundle's DSSE payload matches the digest in the
    // tlog entry
    const tlogHash = tlogEntry.spec.content.payloadHash?.value || '';
--- a/my-app/node_modules/@sigstore/verify/dist/trust/filter.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/trust/filter.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/trust/filter.js
+++ b/my-app/node_modules/@sigstore/verify/dist/trust/filter.js
--- a/my-app/node_modules/@sigstore/verify/dist/trust/index.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/trust/index.d.ts
@ -1,4 +1,4 @@
-import type { PublicKey, TrustedRoot } from '@sigstore/protobuf-specs';
+import { type PublicKey, type TrustedRoot } from '@sigstore/protobuf-specs';
 import type { KeyFinderFunc, TrustMaterial } from './trust.types';
 export { filterCertAuthorities, filterTLogAuthorities } from './filter';
 export type { CertAuthority, KeyFinderFunc, TLogAuthority, TrustMaterial, } from './trust.types';
--- a/my-app/node_modules/@sigstore/verify/dist/trust/index.js
+++ b/my-app/node_modules/@sigstore/verify/dist/trust/index.js
@ -17,6 +17,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 const core_1 = require("@sigstore/core");
+const protobuf_specs_1 = require("@sigstore/protobuf-specs");
 const error_1 = require("../error");
 const BEGINNING_OF_TIME = new Date(0);
 const END_OF_TIME = new Date(8640000000000000);
@ -35,9 +36,17 @@ function toTrustMaterial(root, keys) {
 }
 exports.toTrustMaterial = toTrustMaterial;
 function createTLogAuthority(tlogInstance) {
+    const keyDetails = tlogInstance.publicKey.keyDetails;
+    const keyType = keyDetails === protobuf_specs_1.PublicKeyDetails.PKCS1_RSA_PKCS1V5 ||
+        keyDetails === protobuf_specs_1.PublicKeyDetails.PKIX_RSA_PKCS1V5 ||
+        keyDetails === protobuf_specs_1.PublicKeyDetails.PKIX_RSA_PKCS1V15_2048_SHA256 ||
+        keyDetails === protobuf_specs_1.PublicKeyDetails.PKIX_RSA_PKCS1V15_3072_SHA256 ||
+        keyDetails === protobuf_specs_1.PublicKeyDetails.PKIX_RSA_PKCS1V15_4096_SHA256
+        ? 'pkcs1'
+        : 'spki';
    return {
        logID: tlogInstance.logId.keyId,
-        publicKey: core_1.crypto.createPublicKey(tlogInstance.publicKey.rawBytes),
+        publicKey: core_1.crypto.createPublicKey(tlogInstance.publicKey.rawBytes, keyType),
        validFor: {
            start: tlogInstance.publicKey.validFor?.start || BEGINNING_OF_TIME,
            end: tlogInstance.publicKey.validFor?.end || END_OF_TIME,
--- a/my-app/node_modules/@sigstore/verify/dist/trust/trust.types.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/trust/trust.types.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/trust/trust.types.js
+++ b/my-app/node_modules/@sigstore/verify/dist/trust/trust.types.js
--- a/my-app/node_modules/@sigstore/verify/dist/verifier.d.ts
+++ b/my-app/node_modules/@sigstore/verify/dist/verifier.d.ts
--- a/my-app/node_modules/@sigstore/verify/dist/verifier.js
+++ b/my-app/node_modules/@sigstore/verify/dist/verifier.js
--- a/my-app/node_modules/@sigstore/verify/package.json
+++ b/my-app/node_modules/@sigstore/verify/package.json
@ -1,6 +1,6 @@
 {
  "name": "@sigstore/verify",
-  "version": "1.0.0",
+  "version": "1.2.1",
  "description": "Verification of Sigstore signatures",
  "main": "dist/index.js",
  "types": "dist/index.d.ts",
@ -26,9 +26,9 @@
    "provenance": true
  },
  "dependencies": {
-    "@sigstore/protobuf-specs": "^0.2.1",
-    "@sigstore/bundle": "^2.1.1",
-    "@sigstore/core": "^1.0.0"
+    "@sigstore/protobuf-specs": "^0.3.2",
+    "@sigstore/bundle": "^2.3.2",
+    "@sigstore/core": "^1.1.0"
  },
  "engines": {
    "node": "^16.14.0 || >=18.0.0"