Skip to content

Commit

Permalink
[WIP] remove signer support
Browse files Browse the repository at this point in the history
  • Loading branch information
Cole committed Dec 19, 2023
1 parent fb8e2c3 commit 0f9488c
Showing 1 changed file with 40 additions and 20 deletions.
60 changes: 40 additions & 20 deletions report/report.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,38 +60,58 @@ func ProcessVerifiedEvidence(verifiedEvidence map[string][]source.VerifiedCollec
// var signers []dsse.Signature

for _, signer := range signers {
// Decode the PEM certificate
break
// Decode the PEM block
block, _ := pem.Decode(signer.Certificate)

Check failure on line 65 in report/report.go

View workflow job for this annotation

GitHub Actions / sast / witness

unreachable code

Check failure on line 65 in report/report.go

View workflow job for this annotation

GitHub Actions / lint

unreachable: unreachable code (govet)

Check failure on line 65 in report/report.go

View workflow job for this annotation

GitHub Actions / sast / witness

unreachable code

Check failure on line 65 in report/report.go

View workflow job for this annotation

GitHub Actions / lint

unreachable: unreachable code (govet)

Check failure on line 65 in report/report.go

View workflow job for this annotation

GitHub Actions / sast / witness

unreachable code
if block == nil {
return nil, fmt.Errorf("failed to decode PEM block containing the certificate")
}
//dont error out, just skip this signer
break

// Parse the certificate
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, fmt.Errorf("failed to parse certificate: %w", err)
//return nil, fmt.Errorf("failed to decode PEM block")
}

var functionary Functionary

functionary.CACommonName = cert.Issuer.CommonName
functionary.CommonName = cert.Subject.CommonName
// Check if the block is a certificate
if block.Type == "CERTIFICATE" {
// Parse the certificate
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, fmt.Errorf("failed to parse certificate: %w", err)
}

// Check if the EmailAddresses slice is not empty
if len(cert.EmailAddresses) > 0 {
functionary.Email = cert.EmailAddresses[0]
} else {
functionary.Email = "N/A" // Or any default value you deem appropriate
}
functionary.CACommonName = cert.Issuer.CommonName
functionary.CommonName = cert.Subject.CommonName

// Check if the URIs slice is not empty
if len(cert.URIs) > 0 {
functionary.URI = cert.URIs[0].String()
// Handle EmailAddresses
if len(cert.EmailAddresses) > 0 {
functionary.Email = cert.EmailAddresses[0]
} else {
functionary.Email = "N/A"
}

// Handle URIs
if len(cert.URIs) > 0 {
functionary.URI = cert.URIs[0].String()
} else {
functionary.URI = "N/A"
}
} else if block.Type == "PUBLIC KEY" || block.Type == "RSA PUBLIC KEY" {
// Handle public key
_, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, fmt.Errorf("failed to parse public key: %w", err)
}
// You can now use publicKey for your purposes
// For example, setting common name as "Public Key"
functionary.CommonName = "Public Key"
functionary.Email = "N/A"
functionary.URI = "N/A"
} else {
functionary.URI = "N/A" // Or any default value you deem appropriate
return nil, fmt.Errorf("unknown PEM block type")
}

stepData.Signers = append(stepData.Signers, functionary)

}

// Unmarshal the payload into an intoto.Statement
Expand Down

0 comments on commit 0f9488c

Please sign in to comment.