@sigstore/protobuf-specs
Advanced tools
Comparing version 0.1.0 to 0.2.0
@@ -16,5 +16,5 @@ /// <reference types="node" /> | ||
* Signature over: | ||
* PAE(type, body) | ||
* PAE(type, payload) | ||
* Where PAE is defined as: | ||
* PAE(type, body) = "DSSEv1" + SP + LEN(type) + SP + type + SP + LEN(body) + SP + body | ||
* PAE(type, payload) = "DSSEv1" + SP + LEN(type) + SP + type + SP + LEN(payload) + SP + payload | ||
* + = concatenation | ||
@@ -21,0 +21,0 @@ * SP = ASCII space [0x20] |
@@ -32,4 +32,10 @@ import { Envelope } from "./envelope"; | ||
/** | ||
* This is the inclusion promise and/or proof, where | ||
* the timestamp is coming from the transparency log. | ||
* This is the inclusion proof, where the timestamp is coming from | ||
* the transparency log. | ||
* Client verification libraries MAY provide an option to support v0.1 | ||
* bundles for backwards compatibility, which may contain an inclusion | ||
* promise and not an inclusion proof. In this case, the client MUST | ||
* validate the promise. | ||
* Verifiers SHOULD NOT allow v0.1 bundles if they're used in an | ||
* ecosystem which never produced them. | ||
*/ | ||
@@ -43,2 +49,3 @@ tlogEntries: TransparencyLogEntry[]; | ||
* MUST be application/vnd.dev.sigstore.bundle+json;version=0.1 | ||
* or application/vnd.dev.sigstore.bundle+json;version=0.2 | ||
* when encoded as JSON. | ||
@@ -45,0 +52,0 @@ */ |
@@ -87,4 +87,5 @@ /// <reference types="node" /> | ||
* The unique id of the log, represented as the SHA-256 hash | ||
* of the log's public key, computed over the DER encoding. | ||
* <https://www.rfc-editor.org/rfc/rfc6962#section-3.2> | ||
* of the log's public key, calculated over the DER encoding | ||
* of the key represented as SubjectPublicKeyInfo. | ||
* See https://www.rfc-editor.org/rfc/rfc6962#section-3.2 | ||
*/ | ||
@@ -109,3 +110,3 @@ keyId: Buffer; | ||
keyDetails: PublicKeyDetails; | ||
/** Optional validity period for this key. */ | ||
/** Optional validity period for this key, *inclusive* of the endpoints. */ | ||
validFor?: TimeRange | undefined; | ||
@@ -163,5 +164,17 @@ } | ||
* The first certificate in the array must be the leaf | ||
* certificate used for signing. Any intermediate certificates | ||
* must be stored as offset 1 to n-1, and the root certificate at | ||
* position n. | ||
* certificate used for signing. | ||
* | ||
* Signers MUST NOT include their root CA certificates in their embedded | ||
* certificate chains, and SHOULD NOT include intermediate CA | ||
* certificates that appear in independent roots of trust. | ||
* | ||
* Verifiers MUST validate the chain carefully to ensure that it chains | ||
* up to a root CA certificate that they trust, regardless of whether | ||
* the chain includes additional intermediate/root CA certificates. | ||
* Verifiers MAY enforce additional constraints, such as requiring that | ||
* all intermediate CA certificates appear in an independent root of | ||
* trust. | ||
* | ||
* Verifiers SHOULD handle old or non-complying bundles that have | ||
* additional intermediate/root CA certificates. | ||
*/ | ||
@@ -171,4 +184,4 @@ certificates: X509Certificate[]; | ||
/** | ||
* The time range is half-open and does not include the end timestamp, | ||
* i.e [start, end). | ||
* The time range is closed and includes both the start and end times, | ||
* (i.e., [start, end]). | ||
* End is optional to be able to capture a period that has started but | ||
@@ -175,0 +188,0 @@ * has no known end. |
@@ -28,3 +28,3 @@ /// <reference types="node" /> | ||
* InclusionProof is the proof returned from the transparency log. Can | ||
* be used for on line verification against the log. | ||
* be used for offline or online verification against the log. | ||
*/ | ||
@@ -78,3 +78,3 @@ export interface InclusionProof { | ||
* the response from Rekor) is similar to a Signed Certificate Timestamp | ||
* as described here https://www.rfc-editor.org/rfc/rfc9162#name-signed-certificate-timestam. | ||
* as described here https://www.rfc-editor.org/rfc/rfc6962.html#section-3.2. | ||
*/ | ||
@@ -94,7 +94,11 @@ export interface TransparencyLogEntry { | ||
integratedTime: string; | ||
/** The inclusion promise/signed entry timestamp from the log. */ | ||
/** | ||
* The inclusion promise/signed entry timestamp from the log. | ||
* Required for v0.1 bundles, and MUST be verified. | ||
* Optional for >= v0.2 bundles, and SHOULD be verified when present. | ||
*/ | ||
inclusionPromise: InclusionPromise | undefined; | ||
/** | ||
* The inclusion proof can be used for online verification that the | ||
* entry was appended to the log, and that the log has not been | ||
* The inclusion proof can be used for offline or online verification | ||
* that the entry was appended to the log, and that the log has not been | ||
* altered. | ||
@@ -104,4 +108,4 @@ */ | ||
/** | ||
* The canonicalized transparency log entry, used to reconstruct | ||
* the Signed Entry Timestamp (SET) during verification. | ||
* Optional. The canonicalized transparency log entry, used to | ||
* reconstruct the Signed Entry Timestamp (SET) during verification. | ||
* The contents of this field are the same as the `body` field in | ||
@@ -114,6 +118,11 @@ * a Rekor response, meaning that it does **not** include the "full" | ||
* is generated over. | ||
* This field is intended to be used in cases where the SET cannot be | ||
* produced determinisitically (e.g. inconsistent JSON field ordering, | ||
* differing whitespace, etc). | ||
* | ||
* Clients MUST verify that the signatured referenced in the | ||
* If set, clients MUST verify that the signature referenced in the | ||
* `canonicalized_body` matches the signature provided in the | ||
* `Bundle.content`. | ||
* If not set, clients are responsible for constructing an equivalent | ||
* payload from other sources to verify the signature. | ||
*/ | ||
@@ -120,0 +129,0 @@ canonicalizedBody: Buffer; |
@@ -7,4 +7,4 @@ import { DistinguishedName, HashAlgorithm, LogId, PublicKey, TimeRange, X509CertificateChain } from "./sigstore_common"; | ||
* for more details. | ||
* The incluced parameters are the minimal set required to identify a log, | ||
* and verify an inclusion promise. | ||
* The included parameters are the minimal set required to identify a log, | ||
* and verify an inclusion proof/promise. | ||
*/ | ||
@@ -41,3 +41,7 @@ export interface TransparencyLogInstance { | ||
* longest interval when *all* certificates in the chain were valid, | ||
* but it MAY be shorter. | ||
* but it MAY be shorter. Clients MUST check timestamps against *both* | ||
* the `valid_for` time range *and* the entire certificate chain. | ||
* | ||
* The TimeRange should be considered valid *inclusive* of the | ||
* endpoints. | ||
*/ | ||
@@ -55,5 +59,13 @@ validFor: TimeRange | undefined; | ||
* of keys/authorities are expected to be extracted and provided to the | ||
* verification function. This way the set of keys/authorities kan be kept to | ||
* verification function. This way the set of keys/authorities can be kept to | ||
* a minimal set by the policy to gain better control over what signatures | ||
* that are allowed. | ||
* | ||
* The embedded transparency logs, CT logs, CAs and TSAs MUST include any | ||
* previously used instance -- otherwise signatures made in the past cannot | ||
* be verified. | ||
* The currently used instances MUST NOT have their 'end' timestamp set in | ||
* their 'valid_for' attribute for easy identification. | ||
* All the listed instances SHOULD be sorted by the 'valid_for' in ascending | ||
* order, that is, the oldest instance first and the current instance last. | ||
*/ | ||
@@ -66,3 +78,3 @@ export interface TrustedRoot { | ||
/** | ||
* A set of trusted certificate authorites (e.g Fulcio), and any | ||
* A set of trusted certificate authorities (e.g Fulcio), and any | ||
* intermediate certificates they provide. | ||
@@ -69,0 +81,0 @@ * If a CA is issuing multiple intermediate certificate, each |
{ | ||
"name": "@sigstore/protobuf-specs", | ||
"version": "0.1.0", | ||
"version": "0.2.0", | ||
"description": "code-signing for npm packages", | ||
@@ -5,0 +5,0 @@ "main": "dist/index.js", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
199974
4563