Class: Sigstore::Rekor::Entries

Inherits:

Object

• Object
• Sigstore::Rekor::Entries

Defined in:

lib/sigstore/rekor/client.rb

Defined Under Namespace

Classes: Retrieve

Class Method Summary

• .decode_transparency_log_entry(response) ⇒ Object

Instance Method Summary

• #initialize(url, session:) ⇒ Entries constructor

  A new instance of Entries.

• #post(entry) ⇒ Object
• #retrieve ⇒ Object

Constructor Details

#initialize(url, session:) ⇒ Entries

Returns a new instance of Entries.

# File 'lib/sigstore/rekor/client.rb', line 58

def initialize(url, session:)
  @url = url
  @session = session
end

Class Method Details

.decode_transparency_log_entry(response) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/sigstore/rekor/client.rb', line 107

def self.decode_transparency_log_entry(response)
  raise ArgumentError, "response must be a Hash" unless response.is_a?(Hash)
  raise ArgumentError, "Received multiple entries in response" if response.size != 1

  _, result = response.first
  canonicalized_body = Internal::Util.base64_decode(result.fetch("body"))
  body = JSON.parse(canonicalized_body)
  entry = V1::TransparencyLogEntry.new
  entry.log_index = result.fetch("logIndex")
  entry.log_id = Common::V1::LogId.new
  entry.log_id.key_id = Internal::Util.hex_decode(result.fetch("logID"))
  entry.kind_version = V1::KindVersion.new
  entry.kind_version.kind = body.fetch("kind")
  entry.kind_version.version = body.fetch("apiVersion")
  entry.integrated_time = result.fetch("integratedTime")
  entry.canonicalized_body = canonicalized_body
  if (set = result.dig("verification", "signedEntryTimestamp"))
    entry.inclusion_promise = V1::InclusionPromise.new
    entry.inclusion_promise.signed_entry_timestamp = Internal::Util.base64_decode(set)
  end
  if (inclusion_proof = result.dig("verification", "inclusionProof"))
    entry.inclusion_proof = V1::InclusionProof.new
    entry.inclusion_proof.checkpoint = V1::Checkpoint.new
    entry.inclusion_proof.checkpoint.envelope = inclusion_proof.fetch("checkpoint")
    entry.inclusion_proof.hashes = inclusion_proof.fetch("hashes").map { |h| Internal::Util.hex_decode(h) }
    entry.inclusion_proof.log_index = inclusion_proof.fetch("logIndex")
    entry.inclusion_proof.root_hash = Internal::Util.hex_decode(inclusion_proof.fetch("rootHash"))
    entry.inclusion_proof.tree_size = inclusion_proof.fetch("treeSize")
  end

  entry
end

Instance Method Details

#post(entry) ⇒ Object

# File 'lib/sigstore/rekor/client.rb', line 67

def post(entry)
  resp = @session.post2(@url.path.chomp("/"), entry.to_json,
                        { "Content-Type" => "application/json", "Accept" => "application/json" })

  unless resp.code == "201"
    raise Error::FailedRekorPost,
          "#{resp.code} #{resp.message.inspect}\n#{JSON.pretty_generate(entry)}\n#{resp.body}"
  end
  unless resp.content_type == "application/json"
    raise Error::FailedRekorPost, "Unexpected content type: #{resp.content_type.inspect}"
  end

  body = JSON.parse(resp.body)
  Entries.decode_transparency_log_entry(body)
end

#retrieve ⇒ Object

# File 'lib/sigstore/rekor/client.rb', line 63

def retrieve
  Retrieve.new(URI.join(@url, "retrieve/"), session: @session)
end