types

package
v1.3.7-yckms.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 26, 2024 License: Apache-2.0 Imports: 15 Imported by: 3

README

Pluggable Types

Description

Rekor supports pluggable types (aka different schemas) for entries stored in the transparency log.

Currently supported types
  • Alpine Packages schema
    • Versions: 0.0.1
  • COSE Envelopes schema
    • Versions: 0.0.1
  • DSSE Envelopes schema
    • Versions: 0.0.1
  • HashedRekord schema
    • Versions: 0.0.1
  • Helm Provenance Files schema
    • Versions: 0.0.1
  • In-Toto Attestations schema
    • Versions: 0.0.1, 0.0.2
  • Java Archives (JAR Files) schema
    • Versions: 0.0.1
  • Rekord (default type) schema
    • Versions: 0.0.1
  • RFC3161 Timestamps schema
    • Versions: 0.0.1
  • RPM Packages schema
    • Versions: 0.0.1
  • TUF Metadata schema
    • Versions: 0.0.1

Refer to Rekor docs for adding support for new types.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var TypeMap sync.Map

TypeMap stores mapping between type strings and entry constructors entries are written once at process initialization and read for each transaction, so we use sync.Map which is optimized for this case

Functions

func CanonicalizeEntry 

func CanonicalizeEntry(ctx context.Context, entry EntryImpl) ([]byte, error)

CanonicalizeEntry returns the entry marshalled in JSON according to the canonicalization rules of RFC8785 to protect against any changes in golang's JSON marshalling logic that may reorder elements

func DecodeEntry 

func DecodeEntry(input, output interface{}) error

DecodeEntry maps the (abstract) input structure into the specific entry implementation class; while doing so, it detects the case where we need to convert from string to []byte and does the base64 decoding required to make that happen. This also detects converting from string to strfmt.DateTime

func ListImplementedTypes 

func ListImplementedTypes() []string

ListImplementedTypes returns a list of all type strings currently known to be implemented

func NewProposedEntry 

func NewProposedEntry(ctx context.Context, kind, version string, props ArtifactProperties) (models.ProposedEntry, error)

func PipeCloser 

func PipeCloser(errClosers ...errCloser) func(err error) error

Types

type ArtifactProperties 

type ArtifactProperties struct {
	AdditionalAuthenticatedData []byte
	ArtifactPath                *url.URL
	ArtifactHash                string
	ArtifactBytes               []byte
	SignaturePath               *url.URL
	SignatureBytes              []byte
	PublicKeyPaths              []*url.URL
	PublicKeyBytes              [][]byte
	PKIFormat                   string
}

ArtifactProperties provide a consistent struct for passing values from CLI flags to the type+version specific CreateProposeEntry() methods

type BaseProposedEntryTester 

type BaseProposedEntryTester struct{}

func (BaseProposedEntryTester) ContextValidate 

func (b BaseProposedEntryTester) ContextValidate(_ context.Context, _ strfmt.Registry) error

func (BaseProposedEntryTester) Kind 

func (b BaseProposedEntryTester) Kind() string

func (BaseProposedEntryTester) SetKind 

func (b BaseProposedEntryTester) SetKind(_ string)

func (BaseProposedEntryTester) Validate 

func (b BaseProposedEntryTester) Validate(_ strfmt.Registry) error

type BaseUnmarshalTester 

type BaseUnmarshalTester struct{}

func (BaseUnmarshalTester) APIVersion 

func (u BaseUnmarshalTester) APIVersion() string

func (BaseUnmarshalTester) ArtifactHash 

func (u BaseUnmarshalTester) ArtifactHash() (string, error)

func (BaseUnmarshalTester) AttestationKey 

func (u BaseUnmarshalTester) AttestationKey() string

func (BaseUnmarshalTester) AttestationKeyValue 

func (u BaseUnmarshalTester) AttestationKeyValue() (string, []byte)

func (BaseUnmarshalTester) Canonicalize 

func (u BaseUnmarshalTester) Canonicalize(_ context.Context) ([]byte, error)

func (BaseUnmarshalTester) CreateFromArtifactProperties 

func (u BaseUnmarshalTester) CreateFromArtifactProperties(_ context.Context, _ ArtifactProperties) (models.ProposedEntry, error)

func (BaseUnmarshalTester) IndexKeys 

func (u BaseUnmarshalTester) IndexKeys() ([]string, error)

func (BaseUnmarshalTester) Insertable 

func (u BaseUnmarshalTester) Insertable() (bool, error)

func (BaseUnmarshalTester) NewEntry 

func (u BaseUnmarshalTester) NewEntry() EntryImpl

func (BaseUnmarshalTester) Unmarshal 

func (u BaseUnmarshalTester) Unmarshal(_ models.ProposedEntry) error

func (BaseUnmarshalTester) Validate 

func (u BaseUnmarshalTester) Validate() error

func (BaseUnmarshalTester) Verifiers 

func (u BaseUnmarshalTester) Verifiers() ([]pki.PublicKey, error)

type EntryFactory 

type EntryFactory func() EntryImpl

EntryFactory describes a factory function that can generate structs for a specific versioned type

type EntryImpl 

type EntryImpl interface {
	APIVersion() string                               // the supported versions for this implementation
	IndexKeys() ([]string, error)                     // the keys that should be added to the external index for this entry
	Canonicalize(ctx context.Context) ([]byte, error) // marshal the canonical entry to be put into the tlog
	Unmarshal(e models.ProposedEntry) error           // unmarshal the abstract entry into the specific struct for this versioned type
	CreateFromArtifactProperties(context.Context, ArtifactProperties) (models.ProposedEntry, error)
	Verifiers() ([]pki.PublicKey, error) // list of keys or certificates that can verify an entry's signature
	ArtifactHash() (string, error)       // hex-encoded artifact hash prefixed with hash name, e.g. sha256:abcdef
	Insertable() (bool, error)           // denotes whether the entry that was unmarshalled has the writeOnly fields required to validate and insert into the log
}

EntryImpl specifies the behavior of a versioned type

func CreateVersionedEntry 

func CreateVersionedEntry(pe models.ProposedEntry) (EntryImpl, error)

CreateVersionedEntry returns the specific instance for the type and version specified in the doc This method should be used on the insertion flow, which validates that the specific version proposed is permitted to be entered into the log.

func UnmarshalEntry 

func UnmarshalEntry(pe models.ProposedEntry) (EntryImpl, error)

UnmarshalEntry returns the specific instance for the type and version specified in the doc This method does not check for whether the version of the entry could be currently inserted into the log, and is useful when dealing with entries that have been persisted to the log.

type EntryWithAttestationImpl 

type EntryWithAttestationImpl interface {
	EntryImpl
	AttestationKey() string                // returns the key used to look up the attestation from storage (should be sha256:digest)
	AttestationKeyValue() (string, []byte) // returns the key to be used when storing the attestation as well as the attestation itself
}

EntryWithAttestationImpl specifies the behavior of a versioned type that also stores attestations

type InputValidationError 

type InputValidationError struct {
	Err error
}

InputValidationError indicates that there is an issue with the content in the HTTP Request that should result in an HTTP 400 Bad Request error being returned to the client

func (*InputValidationError) Error 

func (v *InputValidationError) Error() string

func (*InputValidationError) Unwrap 

func (v *InputValidationError) Unwrap() error

type ProposedEntryIterator 

type ProposedEntryIterator interface {
	models.ProposedEntry
	HasNext() bool
	Get() models.ProposedEntry
	GetNext() models.ProposedEntry
}

ProposedEntryIterator is an iterator over a list of proposed entries

type RekorType 

type RekorType struct {
	Kind       string                 // this is the unique string that identifies the type
	VersionMap VersionEntryFactoryMap // this maps the supported versions to implementation
}

RekorType is the base struct that is embedded in all type implementations

func (*RekorType) IsSupportedVersion 

func (rt *RekorType) IsSupportedVersion(proposedVersion string) bool

IsSupportedVersion returns true if the version can be inserted into the log, and false if not

func (*RekorType) SupportedVersions 

func (rt *RekorType) SupportedVersions() []string

SupportedVersions returns a list of versions of this type that can be currently entered into the log

func (*RekorType) VersionedUnmarshal 

func (rt *RekorType) VersionedUnmarshal(pe models.ProposedEntry, version string) (EntryImpl, error)

VersionedUnmarshal extracts the correct implementing factory function from the type's version map, creates an entry of that versioned type and then calls that versioned type's unmarshal method

type SemVerEntryFactoryMap 

type SemVerEntryFactoryMap struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

SemVerEntryFactoryMap implements a map that allows implementations to specify their supported versions using semver-compliant strings

func (*SemVerEntryFactoryMap) Count 

func (s *SemVerEntryFactoryMap) Count() int

func (*SemVerEntryFactoryMap) GetEntryFactory 

func (s *SemVerEntryFactoryMap) GetEntryFactory(version string) (EntryFactory, error)

func (*SemVerEntryFactoryMap) SetEntryFactory 

func (s *SemVerEntryFactoryMap) SetEntryFactory(constraint string, ef EntryFactory) error

func (*SemVerEntryFactoryMap) SupportedVersions 

func (s *SemVerEntryFactoryMap) SupportedVersions() []string

type TypeImpl 

type TypeImpl interface {
	CreateProposedEntry(context.Context, string, ArtifactProperties) (models.ProposedEntry, error)
	DefaultVersion() string
	SupportedVersions() []string
	IsSupportedVersion(string) bool
	UnmarshalEntry(pe models.ProposedEntry) (EntryImpl, error)
}

TypeImpl is implemented by all types to support the polymorphic conversion of abstract proposed entry to a working implementation for the versioned type requested, if supported

type ValidationError deprecated 

type ValidationError error

ValidationError indicates that there is an issue with the content in the HTTP Request that should result in an HTTP 400 Bad Request error being returned to the client

Deprecated: use InputValidationError instead to take advantage of Go's error wrapping

type VersionEntryFactoryMap 

type VersionEntryFactoryMap interface {
	GetEntryFactory(string) (EntryFactory, error) // return the entry factory for the specified version
	SetEntryFactory(string, EntryFactory) error   // set the entry factory for the specified version
	Count() int                                   // return the count of entry factories currently in the map
	SupportedVersions() []string                  // return a list of versions currently stored in the map
}

VersionEntryFactoryMap defines a map-like interface to find the correct implementation for a version string This could be a simple map[string]EntryFactory, or something more elegant (e.g. semver)

func NewSemVerEntryFactoryMap 

func NewSemVerEntryFactoryMap() VersionEntryFactoryMap

Source Files

View all Source files

Directories

Path Synopsis
v0.0.1
v0.0.1
v0.0.1
v0.0.1
v0.0.1
v0.0.1
v0.0.2
jar
v0.0.1
v0.0.1
v0.0.1
rpm
v0.0.1
tuf
v0.0.1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.