Skip to content

Commit

Permalink
Added an option for a more generic observer time, and aligned with v0.2
Browse files Browse the repository at this point in the history 
in v0.2 inclusion proofs are preferred over SETs, and so it's now optional
to extract the timestamp from the SET.

Signed-off-by: Fredrik Skogman <[email protected]>
  • Loading branch information
@kommendorkapten
kommendorkapten committed Dec 15, 2023
1 parent fe15eec commit 123c093
Show file tree
Hide file tree
Showing 13 changed files with 400 additions and 57 deletions.
31 changes: 30 additions & 1 deletion gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"tlogOptions": {
"$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.TlogOptions",
"additionalProperties": false,
"description": "Optional options for artifact transparency log verification. If none is provided, the default verification options are: Threshold: 1 Online verification: false Disable: false"
"description": "Optional options for artifact transparency log verification. If none is provided, the default verification options are: Threshold: 1 Online verification: false Disable: false Verify SET Timestamps: true"
},
"ctlogOptions": {
"$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.CtlogOptions",
Expand All @@ -27,6 +27,11 @@
"$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.TimestampAuthorityOptions",
"additionalProperties": false,
"description": "Optional options for certificate signed timestamp verification. If none is provided, the default verification options are: Threshold: 1 Disable: false"
},
"observerOptions": {
"$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.ObserverTimestampOptions",
"additionalProperties": false,
"description": "Optional options for timestamp verification. If none is provided, the default verification options are: Threshold 1 Disable: false"
}
},
"additionalProperties": false,
Expand Down Expand Up @@ -56,6 +61,11 @@
"required": [
"tsa_options"
]
},
{
"required": [
"observer_options"
]
}
],
"title": "Artifact Verification Options",
Expand Down Expand Up @@ -216,6 +226,21 @@
"type": "object",
"title": "Ctlog Options"
},
"dev.sigstore.verification.v1.ArtifactVerificationOptions.ObserverTimestampOptions": {
"properties": {
"threshold": {
"type": "integer",
"description": "The number of external ovservers of the timestamp, this is a union of RFC3161 signed timestamps, and SETs from a transparency log"
},
"disable": {
"type": "boolean",
"description": "Disable signed timestamp verification."
}
},
"additionalProperties": false,
"type": "object",
"title": "Observer Timestamp Options"
},
"dev.sigstore.verification.v1.ArtifactVerificationOptions.TimestampAuthorityOptions": {
"properties": {
"threshold": {
Expand Down Expand Up @@ -244,6 +269,10 @@
"disable": {
"type": "boolean",
"description": "Disable verification for transparency logs."
},
"verifySetTimestamp": {
"type": "boolean",
"description": "Verify SET timestamps indicates that the timestamp from the SET should be used when verifying the X.509 certifiacte chain"
}
},
"additionalProperties": false,
Expand Down
2 changes: 1 addition & 1 deletion gen/jsonschema/schemas/CloudEvent.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
"properties": {
"typeUrl": {
"type": "string",
"description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics."
"description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics."
},
"value": {
"type": "string",
Expand Down
2 changes: 1 addition & 1 deletion gen/jsonschema/schemas/CloudEventBatch.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
"properties": {
"typeUrl": {
"type": "string",
"description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics."
"description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics."
},
"value": {
"type": "string",
Expand Down
31 changes: 30 additions & 1 deletion gen/jsonschema/schemas/Input.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -652,7 +652,7 @@
"tlogOptions": {
"$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.TlogOptions",
"additionalProperties": false,
"description": "Optional options for artifact transparency log verification. If none is provided, the default verification options are: Threshold: 1 Online verification: false Disable: false"
"description": "Optional options for artifact transparency log verification. If none is provided, the default verification options are: Threshold: 1 Online verification: false Disable: false Verify SET Timestamps: true"
},
"ctlogOptions": {
"$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.CtlogOptions",
Expand All @@ -663,6 +663,11 @@
"$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.TimestampAuthorityOptions",
"additionalProperties": false,
"description": "Optional options for certificate signed timestamp verification. If none is provided, the default verification options are: Threshold: 1 Disable: false"
},
"observerOptions": {
"$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.ObserverTimestampOptions",
"additionalProperties": false,
"description": "Optional options for timestamp verification. If none is provided, the default verification options are: Threshold 1 Disable: false"
}
},
"additionalProperties": false,
Expand Down Expand Up @@ -692,6 +697,11 @@
"required": [
"tsa_options"
]
},
{
"required": [
"observer_options"
]
}
],
"title": "Artifact Verification Options",
Expand All @@ -716,6 +726,21 @@
"type": "object",
"title": "Ctlog Options"
},
"dev.sigstore.verification.v1.ArtifactVerificationOptions.ObserverTimestampOptions": {
"properties": {
"threshold": {
"type": "integer",
"description": "The number of external ovservers of the timestamp, this is a union of RFC3161 signed timestamps, and SETs from a transparency log"
},
"disable": {
"type": "boolean",
"description": "Disable signed timestamp verification."
}
},
"additionalProperties": false,
"type": "object",
"title": "Observer Timestamp Options"
},
"dev.sigstore.verification.v1.ArtifactVerificationOptions.TimestampAuthorityOptions": {
"properties": {
"threshold": {
Expand Down Expand Up @@ -744,6 +769,10 @@
"disable": {
"type": "boolean",
"description": "Disable verification for transparency logs."
},
"verifySetTimestamp": {
"type": "boolean",
"description": "Verify SET timestamps indicates that the timestamp from the SET should be used when verifying the X.509 certifiacte chain"
}
},
"additionalProperties": false,
Expand Down
Loading

0 comments on commit 123c093

Please sign in to comment.