dsse: add Envelope._from_json (#1039)

woodruffw · web-flow · commit 28237a42678d · 2024-06-06T13:26:20.000Z
* dsse: add Envelope._from_json

Signed-off-by: William Woodruff &lt;william@trailofbits.com&gt;

* dsse: liskov

Signed-off-by: William Woodruff &lt;william@trailofbits.com&gt;

---------

Signed-off-by: William Woodruff &lt;william@trailofbits.com&gt;
diff --git a/sigstore/dsse.py b/sigstore/dsse.py
@@ -190,7 +190,7 @@ class Envelope:
     """
     Represents a DSSE envelope.
 
-    This class cannot be constructed directly; you must use `sign`.
+    This class cannot be constructed directly; you must use `sign` or `from_json`.
 
     See: <https://github.com/secure-systems-lab/dsse/blob/v1.0.0/envelope.md>
     """
@@ -204,12 +204,26 @@ def __init__(self, inner: _Envelope) -> None:
 
         self._inner = inner
 
+    @classmethod
+    def _from_json(cls, contents: bytes | str) -> Envelope:
+        """Return a DSSE envelope from the given JSON representation."""
+        inner = _Envelope().from_json(contents)
+        return cls(inner)
+
     def to_json(self) -> str:
         """
         Return a JSON string with this DSSE envelope's contents.
         """
         return self._inner.to_json()
 
+    def __eq__(self, other: object) -> bool:
+        """Equality for DSSE envelopes."""
+
+        if not isinstance(other, Envelope):
+            return NotImplemented
+
+        return self._inner == other._inner
+
 
 def _pae(type_: str, body: bytes) -> bytes:
     """
diff --git a/test/unit/test_dsse.py b/test/unit/test_dsse.py
@@ -0,0 +1,41 @@
+# Copyright 2022 The Sigstore Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import base64
+import json
+
+from sigstore import dsse
+
+
+class TestEnvelope:
+    def test_roundtrip(self):
+        raw = json.dumps(
+            {
+                "payload": base64.b64encode(b"foo").decode(),
+                "payloadType": dsse.Envelope._TYPE,
+                "signatures": [
+                    {"sig": base64.b64encode(b"lol").decode()},
+                    {"sig": base64.b64encode(b"lmao").decode()},
+                ],
+            }
+        )
+        evp = dsse.Envelope._from_json(raw)
+
+        assert evp._inner.payload == b"foo"
+        assert evp._inner.payload_type == dsse.Envelope._TYPE
+        assert [b"lol", b"lmao"] == [s.sig for s in evp._inner.signatures]
+
+        serialized = evp.to_json()
+        assert serialized == raw
+        assert dsse.Envelope._from_json(serialized) == evp
