Skip to content

Commit

Permalink
add dsse bundle tests
Browse files Browse the repository at this point in the history 
Signed-off-by: Brian DeHamer <[email protected]>
  • Loading branch information
@bdehamer
bdehamer committed Dec 9, 2023
1 parent c8d17eb commit 8025e0a
Show file tree
Hide file tree
Showing 9 changed files with 120 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/conformance.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,4 +25,4 @@ jobs:
id: sigstore-conformance
with:
entrypoint: ${{ github.workspace }}/sigstore-python-conformance
xfail: "test_verify_with_trust_root"
xfail: "test_verify_with_trust_root test_verify_dsse_bundle_with_trust_root"
1 change: 1 addition & 0 deletions test/assets/d.stmt.cert-expired.sigstore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"mediaType":"application/vnd.dev.sigstore.bundle+json;version=0.2","verificationMaterial":{"x509CertificateChain":{"certificates":[{"rawBytes":"MIIC+zCCAqCgAwIBAgIEERggBDAKBggqhkjOPQQDAzArMREwDwYDVQQDEwhzaWdzdG9yZTEWMBQGA1UEChMNc2lnc3RvcmUubW9jazAeFw0zMDAxMDEwMDAwMDBaFw0zMDAxMDEwMDEwMDBaMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARhI6OaXxvRqqPVhwHwTD1n56ngJ4qhuuI+Q8qH6e1K90kDyIwZj3kWHkwUxBddaHkoWZP6bYkUrqRoRE2p4iBYo4IB2zCCAdcwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMIGlBgNVHREBAf8EgZowgZeGgZRodHRwczovL2dpdGh1Yi5jb20vc2lnc3RvcmUtY29uZm9ybWFuY2UvZXh0cmVtZWx5LWRhbmdlcm91cy1wdWJsaWMtb2lkYy1iZWFjb24vLmdpdGh1Yi93b3JrZmxvd3MvZXh0cmVtZWx5LWRhbmdlcm91cy1vaWRjLWJlYWNvbi55bWxAcmVmcy9oZWFkcy9tYWluMB0GA1UdDgQWBBSffLUNo0oDhFqCkeSP5DqqnstPsjAfBgNVHSMEGDAWgBQ/FFxk7FUxt/oE8lDZEF0s7kasuDA7BgorBgEEAYO/MAEIBC0MK2h0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wgYoGCisGAQQB1nkCBAIEfAR6AHgAdgD3JsqjQRe6kWVErzc06SDNTEku91zmIo/cBO7/Lz8n3QAAAYYKRewAAAAEAwBHMEUCIHQFz28n3pVooYV459x0HzuTBHKrL1hKm2mmRv4hs3nbAiEAtN/tQGeROcAf9YHkHqDDe1l183GhkQ++i0lMRedAXfMwCgYIKoZIzj0EAwMDSQAwRgIhAIHhd2TfNlGKQ3/vlybt4+P+9mT7ohwFluEz4cps28fwAiEAv2tR3jwF4i4IB9LTmDNVn2l1xss6mGWYiZPw36eUjWc="}]},"tlogEntries":[{"logIndex":"5252969","logId":{"keyId":"9ybKo0EXupFlRK83NOkgzUxJLvdc5iKP3ATu/y8/J90="},"kindVersion":{"kind":"intoto","version":"0.0.2"},"integratedTime":"1675209600","inclusionPromise":{"signedEntryTimestamp":"MEQCIFpMwnPgnsW/QRryVJpasBFXuU6KkDyCohxyW9vn1md2AiBOHwaxdSlis0jUI+ZXkrt9fPbTCBxym+cPj/pM9HkSDw=="},"inclusionProof":{"logIndex":"0","rootHash":"h7LdGPr3Dc+bDUmh1zyrVBlVOK525Cv412nUseBLAHQ=","treeSize":"1","hashes":[],"checkpoint":{"envelope":"localhost:8000 - 215824313067845\n1\nh7LdGPr3Dc+bDUmh1zyrVBlVOK525Cv412nUseBLAHQ=\nTimestamp: 1675209600000000000\n\n— localhost:8000 9ybKozBFAiBEQ+m19l5dwHrvollpqYFzomUTeAzzG2Hpu0D9TRWzeQIhAKMHccf4AQDHq0crkVZe1NAkfKXQbRYMvgrQt2gKY1k1\n"}},"canonicalizedBody":"eyJhcGlWZXJzaW9uIjoiMC4wLjIiLCJraW5kIjoiaW50b3RvIiwic3BlYyI6eyJjb250ZW50Ijp7ImVudmVsb3BlIjp7InBheWxvYWQiOiJaWGR2WjBsRFNtWmtTR3gzV2xOSk5rbERTbTlrU0ZKM1kzcHZka3d5YkhWTVdGSjJaRWM0ZFdGWE9IWlZNMUpvWkVkV2RGcFhOVEJNTTFsNFNXbDNTMGxEUVdsak0xWnBZVzFXYW1SRFNUWkpSbk5MU1VOQlowbEljMHRKUTBGblNVTkJaMGx0TldoaVYxVnBUMmxCYVdOSGRHNVBiVFYzWWxNNWVtRlhaSHBrUnpsNVdsVkJlVXhxUlhWTlEwbHpRMmxCWjBsRFFXZEpRMHByWVZka2JHTXpVV2xQYVVJM1EybEJaMGxEUVdkSlEwRm5TVzVPYjFsVVZYaE5hVWsyU1VOSk5VMUhXWGxOYWs1dFQxUnJlVnBVVW1wUFJHaHJXa1JCTWs5SFRtdE5iVVV4V20xTk1VNHlXVFZhUkVwcFRYcEJNMDlVWjNwT1JFNXJXa1JhYkUxNmFHMU5hbXhxVFdwUmQxcFVRVEJaYlVWM1QxUkNiRnBxWjNwTlYxazBUa1JSTlUxRVp6Qk9NazB3V2xSbmVWbHFhM2xOZWtwcVRucG9iRTlIUlhsT1ZHY3dUbXBPYVUxWFZURk9WMDEzV21wak1FNXFiRzFPZWsxM1RXcFpNVTFFUVRSYWJVVXlUbXBOZWxwcFNVdEpRMEZuU1VOQloyWlJiMmRKUTBGblpsRnZaMGxHTUhORGFVRm5TVzVDZVZwWFVuQlpNa1l3V2xaU05XTkhWV2xQYVVGcFlVaFNNR05JVFRaTWVUbDZZa2hPYUV4dFVteGthVGwzWTIwNU1scFhOV2hpYlU1c1RETlplRWxwZDB0SlEwRnBZMGhLYkZwSGJHcFpXRkpzU1dwdloyVjNiMmRKUTBGblNXMUtNV0ZYZUd0U1IxWnRZVmMxY0dSSGJIWmlhVWsyU1VoelMwbERRV2RKUTBGblNXMUtNV0ZYZUd0V1NHeDNXbE5KTmtsRFNtOWtTRkozWTNwdmRrd3pUbk5qTWtWMFdtNUthR0pYVmpOaU0wcHlURzFrY0dSSGFERlphVFZ3WW5rNWJtRllVbTlrVjBsMFdWZE9NR0ZYT1hWamVURnBaRmRzYzFwSVVqVmpSMVo2VEROa2RtTnRkRzFpUnprelRETlplRWxwZDB0SlEwRm5TVU5CWjBsdFZqUmtSMVo1WW0xR2MxVkhSbmxaVnpGc1pFZFdlV041U1RaSlNITkxTVU5CWjBsRFFXZEpRMEZwWkRJNWVXRXlXbk5pTTJOcFQybENOME5wUVdkSlEwRm5TVU5CWjBsRFFXbGpiVlp0U1dwdlowbHVTbXhhYmsxMllVZFdhRnBJVFhaaVYwWndZbWxKYzBOcFFXZEpRMEZuU1VOQlowbERRV2xqYlZaM1lqTk9jR1JIT1hsbFUwazJTVU5LYjJSSVVuZGplbTkyVERKa2NHUkhhREZaYVRWcVlqSXdkbU15Ykc1ak0xSjJZMjFWZG1NeWJHNWpNMUoyWTIxVmRHRnVUV2xNUVc5blNVTkJaMGxEUVdkSlEwRm5TVzVDYUdSSFoybFBhVUZwVEcxa2NHUkhhREZaYVRrellqTktjbHB0ZUhaa00wMTJZMjFXYzFwWFJucGFVelUxWWxkM2FVTnBRV2RKUTBGblNVTkJaMlpSYjJkSlEwRm5TVU5DT1V4QmIyZEpRMEZuU1VOQmFXRlhOVEJhV0VwMVdWZDRVVmxZU21oaVYxWXdXbGhLZWtscWIyZGxkMjluU1VOQlowbERRV2RKUTBwdVlWaFNiMlJYU1dsUGFVSTNRMmxCWjBsRFFXZEpRMEZuU1VOQmFWcFlXbXhpYmxKbVltMUdkRnBUU1RaSlEwcDNaRmhPYjBscGQwdEpRMEZuU1VOQlowbERRV2RKUTBwNVdsaENkbU15YkRCaU0wbzFXREpzYTBscWIyZEphbEUxVGxSVk0wNUVWVEZPVTBselEybEJaMGxEUVdkSlEwRm5TVU5CYVdOdFZuZGlNMDV3WkVjNWVXVldPWFprTWpWc1kydzVjRnBEU1RaSlEwa3pUVlJCTlU1cVRURk5lVWxMU1VOQlowbERRV2RKUTBJNVEybEJaMGxEUVdkSlNEQnpRMmxCWjBsRFFXZEpRMHA1V2xoT2RtSklXbXhhUlZKc1kwZFdkVnBIVm5WWk1teHNZM2xKTmtsR2MwdEpRMEZuU1VOQlowbERRamREYVVGblNVTkJaMGxEUVdkSlEwRnBaRmhLY0VscWIyZEpiV1J3WkVOMGIyUklVbmRqZW05MlRESmtjR1JIYURGWmFUVnFZakl3ZG1NeWJHNWpNMUoyWTIxVmRtTXliRzVqTTFKMlkyMVZkR0Z1VGtGamJWWnRZM2s1YjFwWFJtdGplVGwwV1Zkc2RVbHBkMHRKUTBGblNVTkJaMGxEUVdkSlEwcHJZVmRrYkdNelVXbFBhVUkzUTJsQlowbERRV2RKUTBGblNVTkJaMGxEU201aFdGSkVZakl4ZEdGWVVXbFBhVUZwVFdwYWEwMVVXVEZOVkUxNlQwUmFiVnB0Um1oT2VtdDNXV3BHYWsxNlNtMVBWRWt6VGxSUk1GcHFSWHBOYWtwc1RrUkZOVTVEU1V0SlEwRm5TVU5CWjBsRFFXZEpTREJMU1VOQlowbERRV2RKUTBJNVEybEJaMGxEUVdkSlJqQkxTVU5CWjBsSU1ITkRhVUZuU1VOQmFXTnVWblZTUjFZd1dWZHNjMk41U1RaSlNITkxTVU5CWjBsRFFXZEpiVW94WVZkNGExcFlTV2xQYVVJM1EybEJaMGxEUVdkSlEwRm5TVzFzYTBscWIyZEpiV2d3WkVoQ2VrOXBPSFphTW13d1lVaFdhVXh0VG5aaVV6bG9XVE5TY0dJeU5YcE1NMG94WW0wMWJHTnBPVzVoV0ZKdlpGZEpkR0ZIT1hwa1IxWnJTV2R2WjBsRFFXZEpRMEk1VEVGdlowbERRV2RKUTBGcFlsZFdNRmxYVW1oa1IwVnBUMmxDTjBOcFFXZEpRMEZuU1VOQlowbHRiSFZrYlRscVdWaFNjR0l5TlVwYVEwazJTVU5LYjJSSVVuZGplbTkyVERKa2NHUkhhREZaYVRWcVlqSXdkbU15Ykc1ak0xSjJZMjFWZG1NeWJHNWpNMUoyWTIxVmRHRnVUWFpaVjA0d1lWYzVkV041T1hsa1Z6VjZUSHBaZDAxVVVUQlBSR2N5VG1wWmRsbFlVakJhVnpGM1pFaE5kazFUU1V0SlEwRm5TVU5CWjJaUmIyZEpRMEZuWmxGdlowbElNRXRtVVc4OSIsInBheWxvYWRUeXBlIjoiYXBwbGljYXRpb24vdm5kLmluLXRvdG8ranNvbiIsInNpZ25hdHVyZXMiOlt7InB1YmxpY0tleSI6IkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVU1yZWtORFFYRkRaMEYzU1VKQlowbEZSVkpuWjBKRVFVdENaMmR4YUd0cVQxQlJVVVJCZWtGeVRWSkZkMFIzV1VSV1VWRkVSWGRvZW1GWFpIcGtSemw1V2xSRlYwMUNVVWRCTVZWRlEyaE5UbU15Ykc1ak0xSjJZMjFWZFdKWE9XcGhla0ZsUm5jd2VrMUVRWGhOUkVWM1RVUkJkMDFFUW1GR2R6QjZUVVJCZUUxRVJYZE5SRVYzVFVSQ1lVMUJRWGRYVkVGVVFtZGpjV2hyYWs5UVVVbENRbWRuY1docmFrOVFVVTFDUW5kT1EwRkJVbWhKTms5aFdIaDJVbkZ4VUZab2QwaDNWRVF4YmpVMmJtZEtOSEZvZFhWSksxRTRjVWcyWlRGTE9UQnJSSGxKZDFwcU0ydFhTR3QzVlhoQ1pHUmhTR3R2VjFwUU5tSlphMVZ5Y1ZKdlVrVXljRFJwUWxsdk5FbENNbnBEUTBGa1kzZEVaMWxFVmxJd1VFRlJTQzlDUVZGRVFXZGxRVTFDVFVkQk1WVmtTbEZSVFUxQmIwZERRM05IUVZGVlJrSjNUVVJOU1Vkc1FtZE9Wa2hTUlVKQlpqaEZaMXB2ZDJkYVpVZG5XbEp2WkVoU2QyTjZiM1pNTW1Sd1pFZG9NVmxwTldwaU1qQjJZekpzYm1NelVuWmpiVlYwV1RJNWRWcHRPWGxpVjBaMVdUSlZkbHBZYURCamJWWjBXbGQ0TlV4WFVtaGliV1JzWTIwNU1XTjVNWGRrVjBwellWZE5kR0l5Ykd0WmVURnBXbGRHYW1JeU5IWk1iV1J3WkVkb01WbHBPVE5pTTBweVdtMTRkbVF6VFhaYVdHZ3dZMjFXZEZwWGVEVk1WMUpvWW0xa2JHTnRPVEZqZVRGMllWZFNha3hYU214WlYwNTJZbWsxTldKWGVFRmpiVlp0WTNrNWIxcFhSbXRqZVRsMFdWZHNkVTFDTUVkQk1WVmtSR2RSVjBKQ1UyWm1URlZPYnpCdlJHaEdjVU5yWlZOUU5VUnhjVzV6ZEZCemFrRm1RbWRPVmtoVFRVVkhSRUZYWjBKUkwwWkdlR3MzUmxWNGRDOXZSVGhzUkZwRlJqQnpOMnRoYzNWRVFUZENaMjl5UW1kRlJVRlpUeTlOUVVWSlFrTXdUVXN5YURCa1NFSjZUMms0ZG1SSE9YSmFWelIxV1ZkT01HRlhPWFZqZVRWdVlWaFNiMlJYU2pGak1sWjVXVEk1ZFdSSFZuVmtRelZxWWpJd2QyZFpiMGREYVhOSFFWRlJRakZ1YTBOQ1FVbEZaa0ZTTmtGSVowRmtaMFF6U25OeGFsRlNaVFpyVjFaRmNucGpNRFpUUkU1VVJXdDFPVEY2YlVsdkwyTkNUemN2VEhvNGJqTlJRVUZCV1ZsTFVtVjNRVUZCUVVWQmQwSklUVVZWUTBsSVVVWjZNamh1TTNCV2IyOVpWalExT1hnd1NIcDFWRUpJUzNKTU1XaExiVEp0YlZKMk5HaHpNMjVpUVdsRlFYUk9MM1JSUjJWU1QyTkJaamxaU0d0SWNVUkVaVEZzTVRnelIyaHJVU3NyYVRCc1RWSmxaRUZZWmsxM1EyZFpTVXR2V2tsNmFqQkZRWGROUkZOUlFYZFNaMGxvUVVsSWFHUXlWR1pPYkVkTFVUTXZkbXg1WW5RMEsxQXJPVzFVTjI5b2QwWnNkVVY2TkdOd2N6STRabmRCYVVWQmRqSjBVak5xZDBZMGFUUkpRamxNVkcxRVRsWnVNbXd4ZUhOek5tMUhWMWxwV2xCM016WmxWV3BYWXowS0xTMHRMUzFGVGtRZ1EwVlNWRWxHU1VOQlZFVXRMUzB0TFFvPSIsInNpZyI6IlRVVlpRMGxSUTFocVJGVnJhWGM0WTNvMlprd3lSMHBxYVZkUkx6TllPSGRoYlRoTVFuRjNSa1JhTDBKTmFUVjBSV2RKYUVGS2IwbHpkblp4TjJKelprbGxRME00UkRGYVVIY3lVSGRVYURadlRFRktTbFZGTVVwd1dGWXZaSFpGIn1dfSwiaGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6IjFmYzAwYzk2MzFkNGRhZjk5NjdlN2UwYTg2MDk3YWQ1YTJjMzEzMGE0MGI5ZTZmNzM1NzkzYjI5ZGQyNDczMDEifSwicGF5bG9hZEhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJlYjlmN2IyNDg2NDE0NWNkM2IyZDE5OWYyZDBmOTQ4MDFiNDU2NjBjYjg2NmZkMmU5M2YyYTExZmEwYzA2ZWMwIn19fX0="}],"timestampVerificationData":{"rfc3161Timestamps":[{"signedTimestamp":"MIIBbzADAgEAMIIBZgYJKoZIhvcNAQcCoIIBVzCCAVMCAQMxDzANBglghkgBZQMEAgEFADCBoQYLKoZIhvcNAQkQAQSggZEkgY4EgYswgYgCAQEGCSsGAQQBg78wAjAvMAsGCWCGSAFlAwQCAQQgf5jnkdNDGr7t5bocrC+Yw22FQMEYSjUAoQHbKMvDlWgCAQEYDzIwMjMwMjAxMDAwMDAwWjADAgEBAgRJlgLSoCikJjAkMSIwFAYDVQQKEw1zaWdzdG9yZS5tb2NrMAoGA1UEAxMDdHNhoAAxgZYwgZMCAQEwKzAmMQwwCgYDVQQDEwN0c2ExFjAUBgNVBAoTDXNpZ3N0b3JlLm1vY2sCAQEwDQYJYIZIAWUDBAIBBQAwCgYIKoZIzj0EAwIERjBEAiBfaEXzm0l/4ntOb0Pb/wKk8d0PfsOjbUoznCqKbmIR8AIgdeWL9g/3MynEdOpPwBozoYct9abess0426JBfH48fR8="}]}},"dsseEnvelope":{"payload":"ewogICJfdHlwZSI6ICJodHRwczovL2luLXRvdG8uaW8vU3RhdGVtZW50L3YxIiwKICAic3ViamVjdCI6IFsKICAgIHsKICAgICAgIm5hbWUiOiAicGtnOm5wbS9zaWdzdG9yZUAyLjEuMCIsCiAgICAgICJkaWdlc3QiOiB7CiAgICAgICAgInNoYTUxMiI6ICI5MGYyMjNmOTkyZTRjODhkZDA2OGNkMmE1ZmM1N2Y5ZDJiMzA3OTgzNDNkZDZlMzhmMjljMjQwZTA0YmEwOTBlZjgzMWY4NDQ5MDg0N2M0ZTgyYjkyMzJjNzhlOGEyNTg0NjNiMWU1NWMwZjc0NjlmNzMwMjY1MDA4ZmE2NjMzZiIKICAgICAgfQogICAgfQogIF0sCiAgInByZWRpY2F0ZVR5cGUiOiAiaHR0cHM6Ly9zbHNhLmRldi9wcm92ZW5hbmNlL3YxIiwKICAicHJlZGljYXRlIjogewogICAgImJ1aWxkRGVmaW5pdGlvbiI6IHsKICAgICAgImJ1aWxkVHlwZSI6ICJodHRwczovL3Nsc2EtZnJhbWV3b3JrLmdpdGh1Yi5pby9naXRodWItYWN0aW9ucy1idWlsZHR5cGVzL3dvcmtmbG93L3YxIiwKICAgICAgImV4dGVybmFsUGFyYW1ldGVycyI6IHsKICAgICAgICAid29ya2Zsb3ciOiB7CiAgICAgICAgICAicmVmIjogInJlZnMvaGVhZHMvbWFpbiIsCiAgICAgICAgICAicmVwb3NpdG9yeSI6ICJodHRwczovL2dpdGh1Yi5jb20vc2lnc3RvcmUvc2lnc3RvcmUtanMiLAogICAgICAgICAgInBhdGgiOiAiLmdpdGh1Yi93b3JrZmxvd3MvcmVsZWFzZS55bWwiCiAgICAgICAgfQogICAgICB9LAogICAgICAiaW50ZXJuYWxQYXJhbWV0ZXJzIjogewogICAgICAgICJnaXRodWIiOiB7CiAgICAgICAgICAiZXZlbnRfbmFtZSI6ICJwdXNoIiwKICAgICAgICAgICJyZXBvc2l0b3J5X2lkIjogIjQ5NTU3NDU1NSIsCiAgICAgICAgICAicmVwb3NpdG9yeV9vd25lcl9pZCI6ICI3MTA5NjM1MyIKICAgICAgICB9CiAgICAgIH0sCiAgICAgICJyZXNvbHZlZERlcGVuZGVuY2llcyI6IFsKICAgICAgICB7CiAgICAgICAgICAidXJpIjogImdpdCtodHRwczovL2dpdGh1Yi5jb20vc2lnc3RvcmUvc2lnc3RvcmUtanNAcmVmcy9oZWFkcy9tYWluIiwKICAgICAgICAgICJkaWdlc3QiOiB7CiAgICAgICAgICAgICJnaXRDb21taXQiOiAiMjZkMTY1MTMzODZmZmFhNzkwYjFjMzJmOTI3NTQ0ZjEzMjJlNDE5NCIKICAgICAgICAgIH0KICAgICAgICB9CiAgICAgIF0KICAgIH0sCiAgICAicnVuRGV0YWlscyI6IHsKICAgICAgImJ1aWxkZXIiOiB7CiAgICAgICAgImlkIjogImh0dHBzOi8vZ2l0aHViLmNvbS9hY3Rpb25zL3J1bm5lci9naXRodWItaG9zdGVkIgogICAgICB9LAogICAgICAibWV0YWRhdGEiOiB7CiAgICAgICAgImludm9jYXRpb25JZCI6ICJodHRwczovL2dpdGh1Yi5jb20vc2lnc3RvcmUvc2lnc3RvcmUtanMvYWN0aW9ucy9ydW5zLzYwMTQ0ODg2NjYvYXR0ZW1wdHMvMSIKICAgICAgfQogICAgfQogIH0KfQo=","payloadType":"application/vnd.in-toto+json","signatures":[{"sig":"MEYCIQCXjDUkiw8cz6fL2GJjiWQ/3X8wam8LBqwFDZ/BMi5tEgIhAJoIsvvq7bsfIeCC8D1ZPw2PwTh6oLAJJUE1JpXV/dvE","keyid":""}]}}
Loading

0 comments on commit 8025e0a

Please sign in to comment.