sigstore._internal.rekor

 1# Copyright 2022 The Sigstore Authors
 2#
 3# Licensed under the Apache License, Version 2.0 (the "License");
 4# you may not use this file except in compliance with the License.
 5# You may obtain a copy of the License at
 6#
 7#      http://www.apache.org/licenses/LICENSE-2.0
 8#
 9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15"""
16APIs for interacting with Rekor.
17"""
18
19import base64
20
21import rekor_types
22from cryptography.x509 import Certificate
23
24from sigstore._utils import base64_encode_pem_cert
25from sigstore.hashes import Hashed
26
27__all__ = [
28    "_hashedrekord_from_parts",
29]
30
31
32# TODO: This should probably live somewhere better.
33def _hashedrekord_from_parts(
34    cert: Certificate, sig: bytes, hashed: Hashed
35) -> rekor_types.Hashedrekord:
36    return rekor_types.Hashedrekord(
37        spec=rekor_types.hashedrekord.HashedrekordV001Schema(
38            signature=rekor_types.hashedrekord.Signature(
39                content=base64.b64encode(sig).decode(),
40                public_key=rekor_types.hashedrekord.PublicKey(
41                    content=base64_encode_pem_cert(cert),
42                ),
43            ),
44            data=rekor_types.hashedrekord.Data(
45                hash=rekor_types.hashedrekord.Hash(
46                    algorithm=hashed._as_hashedrekord_algorithm(),
47                    value=hashed.digest.hex(),
48                )
49            ),
50        )
51    )