Skip to content

Commit

Permalink
Update rekor to pick up new API changes. (#284)
Browse files Browse the repository at this point in the history 
Signed-off-by: Dan Lorenc <dlorenc@google.com>
  • Loading branch information
dlorenc authored Apr 28, 2021
1 parent c9f4bdb commit 037ff74
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 5 deletions.
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ require (
github.com/peterbourgon/ff/v3 v3.0.0
github.com/pkg/errors v0.9.1
github.com/sigstore/fulcio v0.0.0-20210405115948-e7630f533fca
github.com/sigstore/rekor v0.1.2-0.20210422173947-d52685fc3178
github.com/sigstore/rekor v0.1.2-0.20210428010952-9e3e56d52dd0
github.com/sigstore/sigstore v0.0.0-20210427115853-11e6eaab7cdc
github.com/spf13/afero v1.6.0 // indirect
github.com/stretchr/testify v1.7.0
Expand Down
3 changes: 3 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -261,6 +261,7 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsr
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/cyberphone/json-canonicalization v0.0.0-20210303052042-6bc126869bf4/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw=
github.com/danieljoos/wincred v1.1.0 h1:3RNcEpBg4IhIChZdFRSdlQt1QjCp1sMAPIrOnm7Yf8g=
github.com/danieljoos/wincred v1.1.0/go.mod h1:XYlo+eRTsVA9aHGp7NGjFkPla4m+DCL7hqDjlFjiygg=
github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
Expand Down Expand Up @@ -1114,6 +1115,8 @@ github.com/sigstore/fulcio v0.0.0-20210405115948-e7630f533fca/go.mod h1:l16xJtui
github.com/sigstore/rekor v0.1.1/go.mod h1:b+T8TvGKWgaFbtPRQgF/gXjbj/R9HdJ5lA93cnGT3Sc=
github.com/sigstore/rekor v0.1.2-0.20210422173947-d52685fc3178 h1:f4STaOSAXUSpXURUivpKnyPGOVn5Xrmd5CYg34mcFMk=
github.com/sigstore/rekor v0.1.2-0.20210422173947-d52685fc3178/go.mod h1:Df5vQUsc43fRHrpyeU6hA1cl11JCMHtb9r7pKPZJs7I=
github.com/sigstore/rekor v0.1.2-0.20210428010952-9e3e56d52dd0 h1:Poo2bQoQDIZaPDfTCZClhfHBCryA5MagjHxjJY27tOI=
github.com/sigstore/rekor v0.1.2-0.20210428010952-9e3e56d52dd0/go.mod h1:n4yvDpg42QgZFQF5U8dWV6hTm4Y26zinE3pwRXYRu2w=
github.com/sigstore/sigstore v0.0.0-20210415112811-cb2061113e4a/go.mod h1:EoLIp5JbrCE2VZqdCCIemNEdNYiOcdwF0igIvorqo1o=
github.com/sigstore/sigstore v0.0.0-20210427115853-11e6eaab7cdc h1:DoOvWMIzbN59q3T1+pGMpz5nNYDiDYlCCzmYGLv2E5o=
github.com/sigstore/sigstore v0.0.0-20210427115853-11e6eaab7cdc/go.mod h1:gjB7+oR8dUATOHeESM8GTLov7kPUmMGPhRCW5pwGSFc=
Expand Down
8 changes: 4 additions & 4 deletions pkg/cosign/verify.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,19 +110,19 @@ func VerifyTLogEntry(rekorClient *client.Rekor, uuid string) (index int64, err e
e := lep.Payload[params.EntryUUID]

hashes := [][]byte{}
for _, h := range e.InclusionProof.Hashes {
for _, h := range e.Verification.InclusionProof.Hashes {
hb, _ := hex.DecodeString(h)
hashes = append(hashes, hb)
}

rootHash, _ := hex.DecodeString(*e.InclusionProof.RootHash)
rootHash, _ := hex.DecodeString(*e.Verification.InclusionProof.RootHash)
leafHash, _ := hex.DecodeString(params.EntryUUID)

v := logverifier.New(hasher.DefaultHasher)
if err := v.VerifyInclusionProof(*e.InclusionProof.LogIndex, *e.InclusionProof.TreeSize, hashes, rootHash, leafHash); err != nil {
if err := v.VerifyInclusionProof(*e.Verification.InclusionProof.LogIndex, *e.Verification.InclusionProof.TreeSize, hashes, rootHash, leafHash); err != nil {
return 0, errors.Wrap(err, "verifying inclusion proof")
}
return *e.InclusionProof.LogIndex, nil
return *e.Verification.InclusionProof.LogIndex, nil
}

// There are only payloads. Some have certs, some don't.
Expand Down

0 comments on commit 037ff74

Please sign in to comment.