Skip to content

Commit 0039db8

Browse files
mypy
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
1 parent 25842bf commit 0039db8

File tree

3 files changed

+14
-27
lines changed

3 files changed

+14
-27
lines changed

sigstore/_internal/rekor/client.py

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -28,15 +28,15 @@
2828
import rekor_types
2929
import requests
3030
from cryptography.hazmat.primitives import serialization
31+
from cryptography.x509 import Certificate
3132

3233
from sigstore._internal import USER_AGENT
3334
from sigstore._internal.rekor import (
34-
Certificate,
35-
Envelope,
36-
Hashed,
37-
LogEntry,
3835
RekorLogSubmitter,
3936
)
37+
from sigstore.dsse import Envelope
38+
from sigstore.hashes import Hashed
39+
from sigstore.models import LogEntry
4040

4141
_logger = logging.getLogger(__name__)
4242

@@ -270,13 +270,15 @@ def log(self) -> RekorLog:
270270
"""
271271
return RekorLog(f"{self.url}/log", session=self.session)
272272

273-
def create_entry(self, request: rekor_types.Hashedrekord) -> LogEntry:
273+
def create_entry( # type: ignore[override]
274+
self, request: rekor_types.Hashedrekord | rekor_types.Dsse
275+
) -> LogEntry:
274276
"""
275277
Submit the request to Rekor.
276278
"""
277279
return self.log.entries.post(request)
278280

279-
def _build_hashed_rekord_request(
281+
def _build_hashed_rekord_request( # type: ignore[override]
280282
self, hashed_input: Hashed, signature: bytes, certificate: Certificate
281283
) -> rekor_types.Hashedrekord:
282284
"""
@@ -303,7 +305,7 @@ def _build_hashed_rekord_request(
303305
),
304306
)
305307

306-
def _build_dsse_request(
308+
def _build_dsse_request( # type: ignore[override]
307309
self, envelope: Envelope, certificate: Certificate
308310
) -> rekor_types.Dsse:
309311
"""

sigstore/_internal/rekor/client_v2.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,10 +27,13 @@
2727
from cryptography.x509 import Certificate
2828

2929
from sigstore._internal import USER_AGENT
30-
from sigstore._internal.rekor import Envelope, Hashed, LogEntry, RekorLogSubmitter
30+
from sigstore._internal.rekor import RekorLogSubmitter
3131
from sigstore._internal.rekor.v2_types.dev.sigstore.common import v1 as common_v1
3232
from sigstore._internal.rekor.v2_types.dev.sigstore.rekor import v2
3333
from sigstore._internal.rekor.v2_types.io import intoto as v2_intoto
34+
from sigstore.dsse import Envelope
35+
from sigstore.hashes import Hashed
36+
from sigstore.models import LogEntry
3437

3538
_logger = logging.getLogger(__name__)
3639

sigstore/sign.py

Lines changed: 1 addition & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,6 @@
3838

3939
from __future__ import annotations
4040

41-
import base64
4241
import logging
4342
from collections.abc import Iterator
4443
from contextlib import contextmanager
@@ -47,7 +46,7 @@
4746

4847
import cryptography.x509 as x509
4948
import rekor_types
50-
from cryptography.hazmat.primitives import hashes, serialization
49+
from cryptography.hazmat.primitives import hashes
5150
from cryptography.hazmat.primitives.asymmetric import ec
5251
from cryptography.x509.oid import NameOID
5352
from sigstore_protobuf_specs.dev.sigstore.common.v1 import (
@@ -211,27 +210,10 @@ def sign_dsse(
211210
"""
212211
cert = self._signing_cert()
213212

214-
# Prepare inputs
215-
b64_cert = base64.b64encode(
216-
cert.public_bytes(encoding=serialization.Encoding.PEM)
217-
)
218-
219213
# Sign the statement, producing a DSSE envelope
220214
content = dsse._sign(self._private_key, input_)
221215

222216
# Create the proposed DSSE log entry
223-
proposed_entry = rekor_types.Dsse(
224-
spec=rekor_types.dsse.DsseSchema(
225-
# NOTE: mypy can't see that this kwarg is correct due to two interacting
226-
# behaviors/bugs (one pydantic, one datamodel-codegen):
227-
# See: <https://github.com/pydantic/pydantic/discussions/7418#discussioncomment-9024927>
228-
# See: <https://github.com/koxudaxi/datamodel-code-generator/issues/1903>
229-
proposed_content=rekor_types.dsse.ProposedContent( # type: ignore[call-arg]
230-
envelope=content.to_json(),
231-
verifiers=[b64_cert.decode()],
232-
),
233-
),
234-
)
235217
proposed_entry = self._signing_ctx._rekor._build_dsse_request(
236218
envelope=content, certificate=cert
237219
)

0 commit comments

Comments
 (0)