Class Bundle

Namespace

Dev.Sigstore.Bundle.V1

Assembly

Sigstore.dll

public sealed class Bundle : IMessage<Bundle>, IEquatable<Bundle>, IDeepCloneable<Bundle>, IBufferMessage, IMessage

Inheritance

object

Bundle

Implements

IMessage<Bundle>

IEquatable<Bundle>

IDeepCloneable<Bundle>

IBufferMessage

IMessage

Inherited Members

object.Equals(object, object)

object.GetType()

object.ReferenceEquals(object, object)

Constructors

Bundle()

public Bundle()

Bundle(Bundle)

public Bundle(Bundle other)

Parameters

other Bundle

Fields

DsseEnvelopeFieldNumber

Field number for the "dsse_envelope" field.

public const int DsseEnvelopeFieldNumber = 4

Field Value

int

MediaTypeFieldNumber

Field number for the "media_type" field.

public const int MediaTypeFieldNumber = 1

Field Value

int

MessageSignatureFieldNumber

Field number for the "message_signature" field.

public const int MessageSignatureFieldNumber = 3

Field Value

int

VerificationMaterialFieldNumber

Field number for the "verification_material" field.

public const int VerificationMaterialFieldNumber = 2

Field Value

int

Properties

ContentCase

public Bundle.ContentOneofCase ContentCase { get; }

Property Value

Bundle.ContentOneofCase

Descriptor

public static MessageDescriptor Descriptor { get; }

Property Value

MessageDescriptor

DsseEnvelope

A DSSE envelope can contain arbitrary payloads. Verifiers must verify that the payload type is a supported and expected type. This is part of the DSSE protocol which is defined here: <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md> DSSE envelopes in a bundle MUST have exactly one signature. This is a limitation from the DSSE spec, as it can contain multiple signatures. There are two primary reasons:

1. It simplifies the verification logic and policy
2. The bundle (currently) can only contain a single instance of the required verification materials During verification a client MUST reject an envelope if the number of signatures is not equal to one.

public Envelope DsseEnvelope { get; set; }

Property Value

Envelope

MediaType

MUST be application/vnd.dev.sigstore.bundle.v0.3+json when when encoded as JSON. Clients must to be able to accept media type using the previously defined formats:

• application/vnd.dev.sigstore.bundle+json;version=0.1
• application/vnd.dev.sigstore.bundle+json;version=0.2
• application/vnd.dev.sigstore.bundle+json;version=0.3

public string MediaType { get; set; }

Property Value

string

MessageSignature

public MessageSignature MessageSignature { get; set; }

Property Value

MessageSignature

Parser

public static MessageParser<Bundle> Parser { get; }

Property Value

MessageParser<Bundle>

VerificationMaterial

When a signer is identified by a X.509 certificate, a verifier MUST verify that the signature was computed at the time the certificate was valid as described in the Sigstore client spec: "Verification using a Bundle". <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln> If the verification material contains a public key identifier (key hint) and the content is a DSSE envelope, the key hints MUST be exactly the same in the verification material and in the DSSE envelope.

public VerificationMaterial VerificationMaterial { get; set; }

Property Value

VerificationMaterial

Methods

CalculateSize()

Calculates the size of this message in Protocol Buffer wire format, in bytes.

public int CalculateSize()

Returns

int

The number of bytes required to write this message to a coded output stream.

ClearContent()

public void ClearContent()

Clone()

Creates a deep clone of this object.

public Bundle Clone()

Returns

Bundle

A deep clone of this object.

Equals(Bundle)

Indicates whether the current object is equal to another object of the same type.

public bool Equals(Bundle other)

Parameters

other Bundle

An object to compare with this object.

Returns

bool

true if the current object is equal to the other parameter; otherwise, false.

Equals(object)

Determines whether the specified object is equal to the current object.

public override bool Equals(object other)

Parameters

other object

Returns

bool

true if the specified object is equal to the current object; otherwise, false.

GetHashCode()

Serves as the default hash function.

public override int GetHashCode()

Returns

int

A hash code for the current object.

MergeFrom(Bundle)

Merges the given message into this one.

public void MergeFrom(Bundle other)

Parameters

other Bundle

Remarks

See the user guide for precise merge semantics.

MergeFrom(CodedInputStream)

Merges the data from the specified coded input stream with the current message.

public void MergeFrom(CodedInputStream input)

Parameters

input CodedInputStream

Remarks

See the user guide for precise merge semantics.

ToString()

Returns a string that represents the current object.

public override string ToString()

Returns

string

A string that represents the current object.

WriteTo(CodedOutputStream)

Writes the data to the given coded output stream.

public void WriteTo(CodedOutputStream output)

Parameters

output CodedOutputStream

Coded output stream to write the data to. Must not be null.