From 9704c97a2240f0259dda9428ea22e72e5146c430 Mon Sep 17 00:00:00 2001 From: Ramon Petgrave Date: Mon, 17 Jun 2024 16:07:41 +0000 Subject: [PATCH] parse dsse envelope Signed-off-by: Ramon Petgrave --- verifiers/internal/vsa/verifier.go | 26 ++++++++++++++++++++++++++ verifiers/verifier.go | 4 ++-- 2 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 verifiers/internal/vsa/verifier.go diff --git a/verifiers/internal/vsa/verifier.go b/verifiers/internal/vsa/verifier.go new file mode 100644 index 0000000..b997367 --- /dev/null +++ b/verifiers/internal/vsa/verifier.go @@ -0,0 +1,26 @@ +package vsa + +import ( + "context" + "fmt" + + "github.com/slsa-framework/slsa-verifier/v2/options" + "github.com/slsa-framework/slsa-verifier/v2/verifiers/utils" +) + +// VerifyVSA verifies the VSA attestations. +func VerifyVSA(ctx context.Context, + attestations []byte, + vsaOpts *options.VSAOpts, +) ([]byte, *utils.TrustedAttesterID, error) { + // parse the envelope + envelope, err := utils.EnvelopeFromBytes(attestations) + if err != nil { + return nil, nil, err + } + fmt.Println(envelope) + // verify the envelope. signature + // verify the metadata + // print the attestation + return nil, nil, nil +} diff --git a/verifiers/verifier.go b/verifiers/verifier.go index d7d6cad..7ad92fe 100644 --- a/verifiers/verifier.go +++ b/verifiers/verifier.go @@ -9,6 +9,7 @@ import ( "github.com/slsa-framework/slsa-verifier/v2/register" _ "github.com/slsa-framework/slsa-verifier/v2/verifiers/internal/gcb" "github.com/slsa-framework/slsa-verifier/v2/verifiers/internal/gha" + "github.com/slsa-framework/slsa-verifier/v2/verifiers/internal/vsa" "github.com/slsa-framework/slsa-verifier/v2/verifiers/utils" ) @@ -80,6 +81,5 @@ func VerifyVSA(ctx context.Context, attestations []byte, vsaOpts *options.VSAOpts, ) ([]byte, *utils.TrustedAttesterID, error) { - // TODO: Implement this function. - return nil, nil, nil + return vsa.VerifyVSA(ctx, attestations, vsaOpts) }