avancement planning

2026-05-26 11:58:39 +02:00
parent 619a2b240a
commit 150b97cd2e
4892 changed files with 99214 additions and 429382 deletions
@@ -1,8 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.toProposedEntry = toProposedEntry;
+exports.toCreateEntryRequest = toCreateEntryRequest;
 /*
-Copyright 2023 The Sigstore Authors.
+Copyright 2025 The Sigstore Authors.

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -17,6 +18,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 const bundle_1 = require("@sigstore/bundle");
+const protobuf_specs_1 = require("@sigstore/protobuf-specs");
 const util_1 = require("../../util");
 const SHA256_ALGORITHM = 'sha256';
 function toProposedEntry(content, publicKey, 
@@ -138,3 +140,58 @@ function calculateDSSEHash(envelope, publicKey) {
        .digest(SHA256_ALGORITHM, util_1.json.canonicalize(dsse))
        .toString('hex');
 }
+function toCreateEntryRequest(content, publicKey) {
+    switch (content.$case) {
+        case 'dsseEnvelope':
+            return toCreateEntryRequestDSSE(content.dsseEnvelope, publicKey);
+        case 'messageSignature':
+            return toCreateEntryRequestMessageSignature(content.messageSignature, publicKey);
+    }
+}
+function toCreateEntryRequestDSSE(envelope, publicKey) {
+    return {
+        spec: {
+            $case: 'dsseRequestV002',
+            dsseRequestV002: {
+                envelope: envelope,
+                verifiers: [
+                    {
+                        // TODO: We need to add support of passing the key details in the
+                        // signature bundle. For now we're hardcoding the key details here.
+                        keyDetails: protobuf_specs_1.PublicKeyDetails.PKIX_ECDSA_P256_SHA_256,
+                        verifier: {
+                            $case: 'x509Certificate',
+                            x509Certificate: {
+                                rawBytes: util_1.pem.toDER(publicKey),
+                            },
+                        },
+                    },
+                ],
+            },
+        },
+    };
+}
+function toCreateEntryRequestMessageSignature(messageSignature, publicKey) {
+    return {
+        spec: {
+            $case: 'hashedRekordRequestV002',
+            hashedRekordRequestV002: {
+                digest: messageSignature.messageDigest.digest,
+                signature: {
+                    content: messageSignature.signature,
+                    verifier: {
+                        // TODO: We need to add support of passing the key details in the
+                        // signature bundle. For now we're hardcoding the key details here.
+                        keyDetails: protobuf_specs_1.PublicKeyDetails.PKIX_ECDSA_P256_SHA_256,
+                        verifier: {
+                            $case: 'x509Certificate',
+                            x509Certificate: {
+                                rawBytes: util_1.pem.toDER(publicKey),
+                            },
+                        },
+                    },
+                },
+            },
+        },
+    };
+}