build

package
v0.0.0-...-8b5d7a1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 26, 2018 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var BuildSignature_KeyType_name = map[int32]string{
	0: "KEY_TYPE_UNSPECIFIED",
	1: "PGP_ASCII_ARMORED",
	2: "PKIX_PEM",
}
View Source
var BuildSignature_KeyType_value = map[string]int32{
	"KEY_TYPE_UNSPECIFIED": 0,
	"PGP_ASCII_ARMORED":    1,
	"PKIX_PEM":             2,
}

Functions

This section is empty.

Types

type Build

type Build struct {
	// Version of the builder which produced this Note.
	BuilderVersion string `protobuf:"bytes,1,opt,name=builder_version,json=builderVersion,proto3" json:"builder_version,omitempty"`
	// Signature of the build in Occurrences pointing to the Note containing this
	// `BuilderDetails`.
	Signature            *BuildSignature `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"`
	XXX_NoUnkeyedLiteral struct{}        `json:"-"`
	XXX_unrecognized     []byte          `json:"-"`
	XXX_sizecache        int32           `json:"-"`
}

Note holding the version of the provider's builder and the signature of the provenance message in linked BuildDetails.

func (*Build) Descriptor

func (*Build) Descriptor() ([]byte, []int)

func (*Build) GetBuilderVersion

func (m *Build) GetBuilderVersion() string

func (*Build) GetSignature

func (m *Build) GetSignature() *BuildSignature

func (*Build) ProtoMessage

func (*Build) ProtoMessage()

func (*Build) Reset

func (m *Build) Reset()

func (*Build) String

func (m *Build) String() string

func (*Build) XXX_DiscardUnknown

func (m *Build) XXX_DiscardUnknown()

func (*Build) XXX_Marshal

func (m *Build) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Build) XXX_Merge

func (m *Build) XXX_Merge(src proto.Message)

func (*Build) XXX_Size

func (m *Build) XXX_Size() int

func (*Build) XXX_Unmarshal

func (m *Build) XXX_Unmarshal(b []byte) error

type BuildSignature

type BuildSignature struct {
	// Public key of the builder which can be used to verify that the related
	// findings are valid and unchanged. If `key_type` is empty, this defaults
	// to PEM encoded public keys.
	//
	// This field may be empty if `key_id` references an external key.
	//
	// For Cloud Container Builder based signatures, this is a PEM encoded public
	// key. To verify the Cloud Container Builder signature, place the contents of
	// this field into a file (public.pem). The signature field is base64-decoded
	// into its binary representation in signature.bin, and the provenance bytes
	// from `BuildDetails` are base64-decoded into a binary representation in
	// signed.bin. OpenSSL can then verify the signature:
	// `openssl sha256 -verify public.pem -signature signature.bin signed.bin`
	PublicKey string `protobuf:"bytes,1,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// Signature of the related `BuildProvenance`. In JSON, this is base-64
	// encoded.
	Signature []byte `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"`
	// An ID for the key used to sign. This could be either an Id for the key
	// stored in `public_key` (such as the Id or fingerprint for a PGP key, or the
	// CN for a cert), or a reference to an external key (such as a reference to a
	// key in Cloud Key Management Service).
	KeyId string `protobuf:"bytes,3,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// The type of the key, either stored in `public_key` or referenced in
	// `key_id`
	KeyType              BuildSignature_KeyType `` /* 133-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}               `json:"-"`
	XXX_unrecognized     []byte                 `json:"-"`
	XXX_sizecache        int32                  `json:"-"`
}

Message encapsulating the signature of the verified build.

func (*BuildSignature) Descriptor

func (*BuildSignature) Descriptor() ([]byte, []int)

func (*BuildSignature) GetKeyId

func (m *BuildSignature) GetKeyId() string

func (*BuildSignature) GetKeyType

func (m *BuildSignature) GetKeyType() BuildSignature_KeyType

func (*BuildSignature) GetPublicKey

func (m *BuildSignature) GetPublicKey() string

func (*BuildSignature) GetSignature

func (m *BuildSignature) GetSignature() []byte

func (*BuildSignature) ProtoMessage

func (*BuildSignature) ProtoMessage()

func (*BuildSignature) Reset

func (m *BuildSignature) Reset()

func (*BuildSignature) String

func (m *BuildSignature) String() string

func (*BuildSignature) XXX_DiscardUnknown

func (m *BuildSignature) XXX_DiscardUnknown()

func (*BuildSignature) XXX_Marshal

func (m *BuildSignature) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*BuildSignature) XXX_Merge

func (m *BuildSignature) XXX_Merge(src proto.Message)

func (*BuildSignature) XXX_Size

func (m *BuildSignature) XXX_Size() int

func (*BuildSignature) XXX_Unmarshal

func (m *BuildSignature) XXX_Unmarshal(b []byte) error

type BuildSignature_KeyType

type BuildSignature_KeyType int32

Public key formats

const (
	// `KeyType` is not set.
	BuildSignature_KEY_TYPE_UNSPECIFIED BuildSignature_KeyType = 0
	// `PGP ASCII Armored` public key.
	BuildSignature_PGP_ASCII_ARMORED BuildSignature_KeyType = 1
	// `PKIX PEM` public key.
	BuildSignature_PKIX_PEM BuildSignature_KeyType = 2
)

func (BuildSignature_KeyType) EnumDescriptor

func (BuildSignature_KeyType) EnumDescriptor() ([]byte, []int)

func (BuildSignature_KeyType) String

func (x BuildSignature_KeyType) String() string

type Details

type Details struct {
	// The actual provenance for the build.
	Provenance *provenance.BuildProvenance `protobuf:"bytes,1,opt,name=provenance,proto3" json:"provenance,omitempty"`
	// Serialized JSON representation of the provenance, used in generating the
	// `BuildSignature` in the corresponding Result. After verifying the
	// signature, `provenance_bytes` can be unmarshalled and compared to the
	// provenance to confirm that it is unchanged. A base64-encoded string
	// representation of the provenance bytes is used for the signature in order
	// to interoperate with openssl which expects this format for signature
	// verification.
	//
	// The serialized form is captured both to avoid ambiguity in how the
	// provenance is marshalled to json as well to prevent incompatibilities with
	// future changes.
	ProvenanceBytes      string   `protobuf:"bytes,2,opt,name=provenance_bytes,json=provenanceBytes,proto3" json:"provenance_bytes,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Details of a build occurrence.

func (*Details) Descriptor

func (*Details) Descriptor() ([]byte, []int)

func (*Details) GetProvenance

func (m *Details) GetProvenance() *provenance.BuildProvenance

func (*Details) GetProvenanceBytes

func (m *Details) GetProvenanceBytes() string

func (*Details) ProtoMessage

func (*Details) ProtoMessage()

func (*Details) Reset

func (m *Details) Reset()

func (*Details) String

func (m *Details) String() string

func (*Details) XXX_DiscardUnknown

func (m *Details) XXX_DiscardUnknown()

func (*Details) XXX_Marshal

func (m *Details) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Details) XXX_Merge

func (m *Details) XXX_Merge(src proto.Message)

func (*Details) XXX_Size

func (m *Details) XXX_Size() int

func (*Details) XXX_Unmarshal

func (m *Details) XXX_Unmarshal(b []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL