Skip to content

Commit

Permalink
fix lint errors
Browse files Browse the repository at this point in the history
Signed-off-by: Vivek Kumar Sahu <[email protected]>
  • Loading branch information
viveksahu26 committed Sep 5, 2024
1 parent 4c7085d commit 69e8572
Show file tree
Hide file tree
Showing 4 changed files with 52 additions and 67 deletions.
14 changes: 7 additions & 7 deletions pkg/sbom/signature.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,13 +23,13 @@ type GetSignature interface {
}

type signature struct {
keyID string
algorithm string
value string
publicKey string
certificatePath string
certificate string
timestamp string
keyID string
algorithm string
value string
publicKey string
// certificatePath string
certificate string
// timestamp string
}

func (s signature) CheckSignatureExists() bool {
Expand Down
1 change: 0 additions & 1 deletion pkg/sbom/spdx.go
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,6 @@ func (s *SpdxDoc) parse() {

func (s *SpdxDoc) parseSignature() {
s.signature = nil
return
}

func (s *SpdxDoc) parseSpec() {
Expand Down
101 changes: 44 additions & 57 deletions pkg/scvs/scvs.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,7 @@ func IsSBOMCreationAutomated(d sbom.Document, s *scvsScore) bool {
if tools := d.Tools(); tools != nil {
for _, tool := range tools {
name := tool.GetName()
fmt.Println("Name: ", name)
version := tool.GetVersion()
fmt.Println("version: ", version)

if name != "" && version != "" {
s.setDesc(fmt.Sprintf("SBOM has %d authors", noOfTools))
Expand All @@ -63,21 +61,18 @@ func IsSBOMCreationAutomated(d sbom.Document, s *scvsScore) bool {
// 2.3 Each SBOM has a unique identifier
func IsSBOMHasUniqID(d sbom.Document, s *scvsScore) bool {
if ns := d.Spec().GetNamespace(); ns != "" {
s.setDesc(fmt.Sprintf("SBOM has uniq ID"))
s.setDesc("SBOM has uniq ID")
return true
}
s.setDesc(fmt.Sprintf("SBOM doesn't has uniq ID"))
s.setDesc("SBOM doesn't has uniq ID")
return false
}

func IsSBOMHasSignature(d sbom.Document, s *scvsScore) bool {
// isSignatureExists := d.Spec().GetSignature().CheckSignatureExists()
sig := d.Signature()
fmt.Println("Signature: ", sig)

if sig != nil {
fmt.Println("Signature is not nil")

for _, signature := range sig {
if signature != nil {
return signature.CheckSignatureExists()
Expand All @@ -97,69 +92,61 @@ func IsSBOMSignatureCorrect(d sbom.Document, s *scvsScore) bool {
func IsSBOMSignatureVerified(d sbom.Document, s *scvsScore) bool {
// Save signature and public key to temporary files
signature := d.Signature()
if signature == nil {
if signature == nil || len(signature) == 0 {

Check failure on line 95 in pkg/scvs/scvs.go

View workflow job for this annotation

GitHub Actions / lint

S1009: should omit nil check; len() for []github.com/interlynk-io/sbomqs/pkg/sbom.GetSignature is defined as zero (gosimple)
return false
}
for _, sig := range signature {
if sig == nil {
return false
}

sigFile, err := os.CreateTemp("", "signature-*.sig")
if err != nil {
fmt.Println("Error creating temp file for signature:", err)
return false
}
defer os.Remove(sigFile.Name())
// Use the first signature
sig := signature[0]
if sig == nil {
return false
}

pubKeyFile, err := os.CreateTemp("", "publickey-*.pem")
if err != nil {
fmt.Println("Error creating temp file for public key:", err)
return false
}
defer os.Remove(pubKeyFile.Name())
sigFile, err := os.CreateTemp("", "signature-*.sig")
if err != nil {
fmt.Println("Error creating temp file for signature:", err)
return false
}
defer os.Remove(sigFile.Name())

_, err = sigFile.WriteString(sig.Value())
if err != nil {
fmt.Println("Error writing signature to temp file:", err)
return false
}
_, err = pubKeyFile.WriteString(sig.PublicKey())
if err != nil {
fmt.Println("Error writing public key to temp file:", err)
return false
}
pubKeyFile, err := os.CreateTemp("", "publickey-*.pem")
if err != nil {
fmt.Println("Error creating temp file for public key:", err)
return false
}
defer os.Remove(pubKeyFile.Name())

// Use openssl to verify the signature
cmd := exec.Command("openssl", "dgst", "-verify", pubKeyFile.Name(), "-signature", sigFile.Name(), "data-to-verify.txt")
output, err := cmd.CombinedOutput()
if err != nil {
fmt.Println("Error verifying signature with openssl:", err)
return false
}
// // Use cosign to verify the signature
// cmd := exec.Command("cosign", "verify-blob", "--key", pubKeyFile.Name(), "--signature", sigFile.Name(), "data-to-verify.txt")
// output, err := cmd.CombinedOutput()
// if err != nil {
// fmt.Println("Error verifying signature with cosign:", err)
// fmt.Println(string(output))
// return false
// }

verificationResult := strings.Contains(string(output), "Verified OK")
fmt.Println("Verification result:", verificationResult)

return verificationResult
_, err = sigFile.WriteString(sig.Value())
if err != nil {
fmt.Println("Error writing signature to temp file:", err)
return false
}
return false
_, err = pubKeyFile.WriteString(sig.PublicKey())
if err != nil {
fmt.Println("Error writing public key to temp file:", err)
return false
}

// Use openssl to verify the signature
cmd := exec.Command("openssl", "dgst", "-verify", pubKeyFile.Name(), "-signature", sigFile.Name(), "data-to-verify.txt")
output, err := cmd.CombinedOutput()
if err != nil {
fmt.Println("Error verifying signature with openssl:", err)
return false
}

verificationResult := strings.Contains(string(output), "Verified OK")
fmt.Println("Verification result:", verificationResult)

return verificationResult
}

func IsSBOMTimestamped(d sbom.Document, s *scvsScore) bool {
if d.Spec().GetCreationTimestamp() != "" {
s.setDesc(fmt.Sprintf("SBOM is timestamped"))
s.setDesc("SBOM is timestamped")
return true
}
s.setDesc(fmt.Sprintf("SBOM isn't timestamped"))
s.setDesc("SBOM isn't timestamped")
return false
}

Expand Down
3 changes: 1 addition & 2 deletions pkg/scvs/scvsReport.go
Original file line number Diff line number Diff line change
Expand Up @@ -51,9 +51,8 @@ func (r *ScvsReporter) detailedScvsReport() {
outDoc := [][]string{}

for _, score := range scores.ScoreList() {
var l []string

l = []string{score.Feature(), score.L1Score(), score.L2Score(), score.L3Score(), score.Descr()}
l := []string{score.Feature(), score.L1Score(), score.L2Score(), score.L3Score(), score.Descr()}

outDoc = append(outDoc, l)
}
Expand Down

0 comments on commit 69e8572

Please sign in to comment.