protobug_sigstore_protos 0.1.0

data/lib/sigstore/verification/v1/sigstore_verification_pb.rb

@@ -0,0 +1,365 @@
+# frozen_string_literal: true
+
+# Code generated by protoc-gen-protobug. DO NOT EDIT.
+
+# source: sigstore_verification.proto
+# syntax: proto3
+# package: dev.sigstore.verification.v1
+# options:
+#   java_package: "dev.sigstore.proto.verification.v1"
+#   java_outer_classname: "VerificationProto"
+#   java_multiple_files: true
+#   go_package: "github.com/sigstore/protobuf-specs/gen/pb-go/verification/v1"
+#   ruby_package: "Sigstore::Verification::V1"
+
+# Copyright 2022 The Sigstore Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "protobug"
+
+require_relative "../../common/v1/sigstore_common_pb"
+require_relative "../../trustroot/v1/sigstore_trustroot_pb"
+require_relative "../../bundle/v1/sigstore_bundle_pb"
+
+module Sigstore
+  module Verification
+    module V1
+      # The identity of a X.509 Certificate signer.
+      class CertificateIdentity
+        extend Protobug::Message
+
+        self.full_name = "dev.sigstore.verification.v1.CertificateIdentity"
+
+        # The X.509v3 issuer extension (OID 1.3.6.1.4.1.57264.1.1)
+        optional(1, "issuer", type: :string, proto3_optional: false)
+        optional(
+          2,
+          "san",
+          type: :message,
+          message_type: "dev.sigstore.common.v1.SubjectAlternativeName",
+          proto3_optional: false
+        )
+        # An unordered list of OIDs that must be verified.
+        # All OID/values provided in this list MUST exactly match against
+        # the values in the certificate for verification to be successful.
+        repeated(
+          3,
+          "oids",
+          type: :message,
+          message_type: "dev.sigstore.common.v1.ObjectIdentifierValuePair"
+        )
+      end
+
+      class CertificateIdentities
+        extend Protobug::Message
+
+        self.full_name = "dev.sigstore.verification.v1.CertificateIdentities"
+
+        repeated(
+          1,
+          "identities",
+          type: :message,
+          message_type: "dev.sigstore.verification.v1.CertificateIdentity"
+        )
+      end
+
+      class PublicKeyIdentities
+        extend Protobug::Message
+
+        self.full_name = "dev.sigstore.verification.v1.PublicKeyIdentities"
+
+        repeated(
+          1,
+          "public_keys",
+          type: :message,
+          message_type: "dev.sigstore.common.v1.PublicKey",
+          json_name: "publicKeys"
+        )
+      end
+
+      # A light-weight set of options/policies for identifying trusted signers,
+      # used during verification of a single artifact.
+      class ArtifactVerificationOptions
+        extend Protobug::Message
+
+        self.full_name = "dev.sigstore.verification.v1.ArtifactVerificationOptions"
+
+        class TlogOptions
+          extend Protobug::Message
+
+          self.full_name = "dev.sigstore.verification.v1.ArtifactVerificationOptions.TlogOptions"
+
+          # Number of transparency logs the entry must appear on.
+          optional(1, "threshold", type: :int32, proto3_optional: false)
+          # Perform an online inclusion proof.
+          optional(
+            2,
+            "perform_online_verification",
+            type: :bool,
+            json_name: "performOnlineVerification",
+            proto3_optional: false
+          )
+          # Disable verification for transparency logs.
+          optional(3, "disable", type: :bool, proto3_optional: false)
+        end
+
+        class CtlogOptions
+          extend Protobug::Message
+
+          self.full_name = "dev.sigstore.verification.v1.ArtifactVerificationOptions.CtlogOptions"
+
+          # The number of ct transparency logs the certificate must
+          # appear on.
+          optional(1, "threshold", type: :int32, proto3_optional: false)
+          # Disable ct transparency log verification
+          optional(3, "disable", type: :bool, proto3_optional: false)
+
+          reserved_range(2...3)
+        end
+
+        class TimestampAuthorityOptions
+          extend Protobug::Message
+
+          self.full_name = "dev.sigstore.verification.v1.ArtifactVerificationOptions.TimestampAuthorityOptions"
+
+          # The number of signed timestamps that are expected.
+          optional(1, "threshold", type: :int32, proto3_optional: false)
+          # Disable signed timestamp verification.
+          optional(2, "disable", type: :bool, proto3_optional: false)
+        end
+
+        class TlogIntegratedTimestampOptions
+          extend Protobug::Message
+
+          self.full_name = "dev.sigstore.verification.v1.ArtifactVerificationOptions.TlogIntegratedTimestampOptions"
+
+          # The number of integrated timestamps that are expected.
+          optional(1, "threshold", type: :int32, proto3_optional: false)
+          # Disable integrated timestamp verification.
+          optional(2, "disable", type: :bool, proto3_optional: false)
+        end
+
+        class ObserverTimestampOptions
+          extend Protobug::Message
+
+          self.full_name = "dev.sigstore.verification.v1.ArtifactVerificationOptions.ObserverTimestampOptions"
+
+          # The number of external observers of the timestamp.
+          # This is a union of RFC3161 signed timestamps, and
+          # integrated timestamps from a transparency log, that
+          # could include additional timestamp sources in the
+          # future.
+          optional(1, "threshold", type: :int32, proto3_optional: false)
+          # Disable observer timestamp verification.
+          optional(2, "disable", type: :bool, proto3_optional: false)
+        end
+
+        # At least one identity MUST be provided. Providing zero identities
+        # is an error. If at least one provided identity is found as a
+        # signer, the verification is considered successful.
+
+        optional(
+          1,
+          "certificate_identities",
+          type: :message,
+          message_type: "dev.sigstore.verification.v1.CertificateIdentities",
+          json_name: "certificateIdentities",
+          oneof: :signers,
+          proto3_optional: false
+        )
+        # To simplify verification implementation, the logic for
+        # bundle verification should be implemented as a
+        # higher-order function, where one of argument should be an
+        # interface over the set of trusted public keys, like this:
+        # `Verify(bytes artifact, bytes signature, string key_id)`.
+        # This way the caller is in full control of mapping the
+        # identified (or hinted) key in the bundle to one of the
+        # trusted keys, as this process is inherently application
+        # specific.
+        optional(
+          2,
+          "public_keys",
+          type: :message,
+          message_type: "dev.sigstore.verification.v1.PublicKeyIdentities",
+          json_name: "publicKeys",
+          oneof: :signers,
+          proto3_optional: false
+        )
+        # Optional options for artifact transparency log verification.
+        # If none is provided, the default verification options are:
+        # Threshold: 1
+        # Online verification: false
+        # Disable: false
+        optional(
+          3,
+          "tlog_options",
+          type: :message,
+          message_type:
+          "dev.sigstore.verification.v1.ArtifactVerificationOptions.TlogOptions",
+          json_name: "tlogOptions"
+        )
+        # Optional options for certificate transparency log verification.
+        # If none is provided, the default verification options are:
+        # Threshold: 1
+        # Disable: false
+        optional(
+          4,
+          "ctlog_options",
+          type: :message,
+          message_type:
+          "dev.sigstore.verification.v1.ArtifactVerificationOptions.CtlogOptions",
+          json_name: "ctlogOptions"
+        )
+        # Optional options for certificate signed timestamp verification.
+        # If none is provided, the default verification options are:
+        # Threshold: 0
+        # Disable: true
+        optional(
+          5,
+          "tsa_options",
+          type: :message,
+          message_type:
+          "dev.sigstore.verification.v1.ArtifactVerificationOptions.TimestampAuthorityOptions",
+          json_name: "tsaOptions"
+        )
+        # Optional options for integrated timestamp verification.
+        # If none is provided, the default verification options are:
+        # Threshold: 0
+        # Disable: true
+        optional(
+          6,
+          "integrated_ts_options",
+          type: :message,
+          message_type:
+          "dev.sigstore.verification.v1.ArtifactVerificationOptions.TlogIntegratedTimestampOptions",
+          json_name: "integratedTsOptions"
+        )
+        # Optional options for observed timestamp verification.
+        # If none is provided, the default verification options are:
+        # Threshold 1
+        # Disable: false
+        optional(
+          7,
+          "observer_options",
+          type: :message,
+          message_type:
+          "dev.sigstore.verification.v1.ArtifactVerificationOptions.ObserverTimestampOptions",
+          json_name: "observerOptions"
+        )
+      end
+
+      class Artifact
+        extend Protobug::Message
+
+        self.full_name = "dev.sigstore.verification.v1.Artifact"
+
+        # Location of the artifact
+        optional(
+          1,
+          "artifact_uri",
+          type: :string,
+          json_name: "artifactUri",
+          oneof: :data,
+          proto3_optional: false
+        )
+        # The raw bytes of the artifact
+        optional(
+          2,
+          "artifact",
+          type: :bytes,
+          oneof: :data,
+          proto3_optional: false
+        )
+      end
+
+      # Input captures all that is needed to call the bundle verification method,
+      # to verify a single artifact referenced by the bundle.
+      class Input
+        extend Protobug::Message
+
+        self.full_name = "dev.sigstore.verification.v1.Input"
+
+        # The verification materials provided during a bundle verification.
+        # The running process is usually preloaded with a "global"
+        # dev.sisgtore.trustroot.TrustedRoot.v1 instance. Prior to
+        # verifying an artifact (i.e a bundle), and/or based on current
+        # policy, some selection is expected to happen, to filter out the
+        # exact certificate authority to use, which transparency logs are
+        # relevant etc. The result should b ecaptured in the
+        # `artifact_trust_root`.
+        optional(
+          1,
+          "artifact_trust_root",
+          type: :message,
+          message_type: "dev.sigstore.trustroot.v1.TrustedRoot",
+          json_name: "artifactTrustRoot",
+          proto3_optional: false
+        )
+        optional(
+          2,
+          "artifact_verification_options",
+          type: :message,
+          message_type:
+          "dev.sigstore.verification.v1.ArtifactVerificationOptions",
+          json_name: "artifactVerificationOptions",
+          proto3_optional: false
+        )
+        optional(
+          3,
+          "bundle",
+          type: :message,
+          message_type: "dev.sigstore.bundle.v1.Bundle",
+          proto3_optional: false
+        )
+        # If the bundle contains a message signature, the artifact must be
+        # provided.
+        optional(
+          4,
+          "artifact",
+          type: :message,
+          message_type: "dev.sigstore.verification.v1.Artifact"
+        )
+      end
+
+      def self.register_sigstore_verification_protos(registry)
+        Sigstore::Common::V1.register_sigstore_common_protos(registry)
+        Sigstore::TrustRoot::V1.register_sigstore_trustroot_protos(registry)
+        Sigstore::Bundle::V1.register_sigstore_bundle_protos(registry)
+        registry.register(Sigstore::Verification::V1::CertificateIdentity)
+        registry.register(Sigstore::Verification::V1::CertificateIdentities)
+        registry.register(Sigstore::Verification::V1::PublicKeyIdentities)
+        registry.register(
+          Sigstore::Verification::V1::ArtifactVerificationOptions
+        )
+        registry.register(
+          Sigstore::Verification::V1::ArtifactVerificationOptions::TlogOptions
+        )
+        registry.register(
+          Sigstore::Verification::V1::ArtifactVerificationOptions::CtlogOptions
+        )
+        registry.register(
+          Sigstore::Verification::V1::ArtifactVerificationOptions::TimestampAuthorityOptions
+        )
+        registry.register(
+          Sigstore::Verification::V1::ArtifactVerificationOptions::TlogIntegratedTimestampOptions
+        )
+        registry.register(
+          Sigstore::Verification::V1::ArtifactVerificationOptions::ObserverTimestampOptions
+        )
+        registry.register(Sigstore::Verification::V1::Artifact)
+        registry.register(Sigstore::Verification::V1::Input)
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,95 @@
+--- !ruby/object:Gem::Specification
+name: protobug_sigstore_protos
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Samuel Giddins
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2024-04-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: protobug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+- !ruby/object:Gem::Dependency
+  name: protobug_well_known_protos
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+- !ruby/object:Gem::Dependency
+  name: protobug_googleapis_field_behavior_protos
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+description: 
+email:
+- segiddins@segiddins.me
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/protobug_sigstore_protos.rb
+- lib/sigstore/bundle/v1/sigstore_bundle_pb.rb
+- lib/sigstore/common/v1/sigstore_common_pb.rb
+- lib/sigstore/dsse/envelope_pb.rb
+- lib/sigstore/events/events_pb.rb
+- lib/sigstore/rekor/v1/sigstore_rekor_pb.rb
+- lib/sigstore/trustroot/v1/sigstore_trustroot_pb.rb
+- lib/sigstore/verification/v1/sigstore_verification_pb.rb
+homepage: https://github.com/segiddins/protobug/blob/v0.1.0/gen/protobug_sigstore_protos
+licenses:
+- Unlicense
+metadata:
+  rubygems_mfa_required: 'true'
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.0.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.9
+signing_key: 
+specification_version: 4
+summary: Compiled protos for protobug from https://github.com/sigstore/protobuf-specs
+  (sigstore_protos)
+test_files: []