Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix linting errors
Browse files Browse the repository at this point in the history
Signed-off-by: Vivek Kumar Sahu <[email protected]>
viveksahu26 committed Nov 28, 2024

Verified

This commit was signed with the committer’s verified signature.
viveksahu26 vivek kumar sahu
1 parent 4b46326 commit df07d66
Showing 7 changed files with 49 additions and 50 deletions.
2 changes: 1 addition & 1 deletion pkg/compliance/bsi.go
Original file line number Diff line number Diff line change
@@ -80,7 +80,7 @@ const (
PACK_INFO
SBOM_TYPE
PACK_EXT_REF
SBOM_VULNERABILITES
SBOM_VULNERABILITIES
SBOM_SIGNATURE
)

12 changes: 5 additions & 7 deletions pkg/compliance/bsiV2.go
Original file line number Diff line number Diff line change
@@ -68,13 +68,13 @@ func bsiV2Vulnerabilities(doc sbom.Document) *db.Record {
vuln := doc.Vulnerabilities()

if vuln != nil {
vulnId := vuln.GetID()
if vulnId != "" {
result = vulnId
vulnID := vuln.GetID()
if vulnID != "" {
result = vulnID
}
score = 0.0
}
return db.NewRecordStmt(SBOM_VULNERABILITES, "doc", result, score, "")
return db.NewRecordStmt(SBOM_VULNERABILITIES, "doc", result, score, "")
}

// bsiV2SbomSignature
@@ -83,15 +83,13 @@ func bsiV2SbomSignature(doc sbom.Document) *db.Record {

if doc.Signature() != nil {
// verify signature
// common.VerifySignature()
pubKey := doc.Signature().GetPublicKey()
blob := doc.Signature().GetBlob()
sig := doc.Signature().GetSigValue()
valid, err := common.VerifySignature(pubKey, blob, sig)
if err != nil {
fmt.Printf("Verification failed: %v\n", err)
result = "Verification failed"
score = 0.0
return db.NewRecordStmt(SBOM_SIGNATURE, "doc", "Verification failed", 0.0, "")
}
if valid {
score = 10.0
2 changes: 1 addition & 1 deletion pkg/compliance/bsi_report.go
Original file line number Diff line number Diff line change
@@ -45,7 +45,7 @@ var bsiSectionDetails = map[int]bsiSection{
COMP_DOWNLOAD_URL: {Title: "Additional fields components", ID: "5.3.2", Required: false, DataField: "URI of the executable form of the component"},
COMP_SOURCE_HASH: {Title: "Additional fields components", ID: "5.3.2", Required: false, DataField: "Hash value of the source code of the component"},
COMP_OTHER_UNIQ_IDS: {Title: "Additional fields components", ID: "5.3.2", Required: false, DataField: "Other unique identifiers"},
SBOM_VULNERABILITES: {Title: "Definition of SBOM", ID: "3.1", Required: true, DataField: "vuln"},
SBOM_VULNERABILITIES: {Title: "Definition of SBOM", ID: "3.1", Required: true, DataField: "vuln"},
SBOM_SIGNATURE: {Title: "Optional sboms fields", ID: "8.1.11", Required: false, DataField: "signature"},
}

63 changes: 32 additions & 31 deletions pkg/engine/compliance.go
Original file line number Diff line number Diff line change
@@ -198,52 +198,53 @@ func RetrieveSignatureFromSBOM(sbomFile string) (string, string, string, error)
}

var sbom SBOM

// nolint
extracted_signature := "extracted_signature.bin"

// nolint
extracted_publick_key := "extracted_public_key.pem"

if err := json.Unmarshal(data, &sbom); err != nil {
fmt.Println("Error parsing SBOM JSON:", err)
return "", "", "", fmt.Errorf("error unmarshalling SBOM JSON: %w", err)
}

// Extract and print the signature
if sbom.Signature == nil {
fmt.Println("signature and public key are not present in the SBOM")
return sbomFile, "", "", nil
} else {
fmt.Println("signature and public key are present in the SBOM")

signatureValue, err := base64.StdEncoding.DecodeString(sbom.Signature.Value)
if err != nil {
return "", "", "", fmt.Errorf("Error decoding signature: %w", err)
}
}
fmt.Println("signature and public key are present in the SBOM")

if err := os.WriteFile(extracted_signature, signatureValue, 0o644); err != nil {
fmt.Println("Error writing signature to file:", err)
}
fmt.Println("Signature written to file: extracted_signature.bin")
signatureValue, err := base64.StdEncoding.DecodeString(sbom.Signature.Value)
if err != nil {
return "", "", "", fmt.Errorf("error decoding signature: %w", err)
}

// extract the public key modulus and exponent
modulus, err := base64.StdEncoding.DecodeString(sbom.Signature.PublicKey.N)
if err != nil {
return "", "", "", fmt.Errorf("Error decoding public key modulus: %w", err)
}
exponent := decodeBase64URLEncodingToInt(sbom.Signature.PublicKey.E)
if exponent == 0 {
fmt.Println("Invalid public key exponent.")
}
if err := os.WriteFile(extracted_signature, signatureValue, 0o600); err != nil {
fmt.Println("Error writing signature to file:", err)
}
fmt.Println("Signature written to file: extracted_signature.bin")

// create the RSA public key
pubKey := &rsa.PublicKey{
N: decodeBigInt(modulus),
E: int(exponent),
}
// extract the public key modulus and exponent
modulus, err := base64.StdEncoding.DecodeString(sbom.Signature.PublicKey.N)
if err != nil {
return "", "", "", fmt.Errorf("error decoding public key modulus: %w", err)
}
exponent := decodeBase64URLEncodingToInt(sbom.Signature.PublicKey.E)
if exponent == 0 {
fmt.Println("Invalid public key exponent.")
}

pubKeyPEM := publicKeyToPEM(pubKey)
if err := os.WriteFile(extracted_publick_key, pubKeyPEM, 0o644); err != nil {
fmt.Println("Error writing public key to file:", err)
}
// create the RSA public key
pubKey := &rsa.PublicKey{
N: decodeBigInt(modulus),
E: exponent,
}

pubKeyPEM := publicKeyToPEM(pubKey)
if err := os.WriteFile(extracted_publick_key, pubKeyPEM, 0o600); err != nil {
fmt.Println("error writing public key to file:", err)
}

// remove the "signature" section
@@ -259,7 +260,7 @@ func RetrieveSignatureFromSBOM(sbomFile string) (string, string, string, error)

// save the modified SBOM to a new file without a trailing newline
standaloneSBOMFile := "standalone_sbom.json"
if err := os.WriteFile(standaloneSBOMFile, bytes.TrimSuffix(normalizedSBOM.Bytes(), []byte("\n")), 0o644); err != nil {
if err := os.WriteFile(standaloneSBOMFile, bytes.TrimSuffix(normalizedSBOM.Bytes(), []byte("\n")), 0o600); err != nil {
return "", "", "", fmt.Errorf("error writing standalone SBOM file: %w", err)
}

12 changes: 6 additions & 6 deletions pkg/sbom/cdx.go
Original file line number Diff line number Diff line change
@@ -151,8 +151,8 @@ func (c CdxDoc) GetComposition(componentID string) string {
return c.composition[componentID]
}

func (s CdxDoc) Vulnerabilities() GetVulnerabilities {
return s.vuln
func (c CdxDoc) Vulnerabilities() GetVulnerabilities {
return c.vuln
}

func (c CdxDoc) Signature() GetSignature {
@@ -237,7 +237,7 @@ func (c *CdxDoc) parseVulnerabilities() {
if c.doc.Vulnerabilities != nil {
for _, v := range *c.doc.Vulnerabilities {
if v.ID != "" {
vuln.Id = v.ID
vuln.ID = v.ID
}
}
c.vuln = vuln
@@ -271,7 +271,7 @@ func (c *CdxDoc) parseSignature() {
}

// Write the signature to a file
if err := os.WriteFile("extracted_signature.bin", signatureValue, 0o644); err != nil {
if err := os.WriteFile("extracted_signature.bin", signatureValue, 0o600); err != nil {
fmt.Println("Error writing signature to file:", err)
return
}
@@ -293,12 +293,12 @@ func (c *CdxDoc) parseSignature() {
// Create the RSA public key
pubKey := &rsa.PublicKey{
N: decodeBigInt(modulus),
E: int(exponent),
E: exponent,
}

// Write the public key to a PEM file
pubKeyPEM := publicKeyToPEM(pubKey)
if err := os.WriteFile("extracted_public_key.pem", pubKeyPEM, 0o644); err != nil {
if err := os.WriteFile("extracted_public_key.pem", pubKeyPEM, 0o600); err != nil {
fmt.Println("Error writing public key to file:", err)
return
}
4 changes: 2 additions & 2 deletions pkg/sbom/spdx.go
Original file line number Diff line number Diff line change
@@ -159,8 +159,8 @@ func (s SpdxDoc) Vulnerabilities() GetVulnerabilities {
return s.vuln
}

func (c SpdxDoc) Signature() GetSignature {
return c.SignatureDetail
func (s SpdxDoc) Signature() GetSignature {
return s.SignatureDetail
}

func (s *SpdxDoc) parse() {
4 changes: 2 additions & 2 deletions pkg/sbom/vulnerabilities.go
Original file line number Diff line number Diff line change
@@ -19,9 +19,9 @@ type GetVulnerabilities interface {
}

type Vulnerability struct {
Id string
ID string
}

func (v Vulnerability) GetID() string {
return v.Id
return v.ID
}

0 comments on commit df07d66

Please sign in to comment.