in-toto-rs Roadmap of GSOC 2022

Roadmap of GSOC 2022

Open cutecutecat opened this issue 2 years ago • 0 comments

In GSOC 2022 project, my work is to deploy DSSE and SLSA for in-toto-rs

Structure of workflow

step 1 -- Generate predicate version by argument

graph TD
A[in_toto_run] --> B[LinkMetadataBuilder]
B[LinkMetadataBuilder] --> C[MeatdataFlatten]
C[MeatdataFlatten] --> D[PredicateWrapper]
E(PredicateVer) -->|select| D[PredicateWrapper]
D[PredicateWrapper] -.->|one of four| F[None]
D[PredicateWrapper] -.->|one of four| G[Link_V02]
D[PredicateWrapper] -.->|one of four| H[SLSA_Provenance_V01]
D[PredicateWrapper] -.->|one of four| I[SLSA_Provenance_V02]

step 2 -- Generate statement version by argument

graph TD
A[in_toto_run] --> B[LinkMetadataBuilder]
B[LinkMetadataBuilder] --> C[MeatdataFlatten]
C[MeatdataFlatten] --> D[StatementWrapper]
E(StatementVer) -->|select| D[PredicateWrapper]
D[StatementWrapper] -.->|one of two| F[Statement_naive]
D[StatementWrapper] -.->|one of two| G[Statement_V01]

step3 -- Validate the predicate and statement

valid combination of predicate and statement

predicate	statement	description
Statement_naive	None	original version
Statement_V01	Link_V02	link
Statement_V01	SLSA_PROVENCE_V01	link
Statement_V01	SLSA_PROVENCE_V02	link

step 4 -- Serialize the statement

graph TD
A[StatementWrapper] -.->|one of two| B[Statement_V01]
A[StatementWrapper] -.->|one of two| C[Statement_naive]
B[Statement_V01] --> K[serde::Serialize]
B[Statement_V01] --> D[PredicateWrapper]
D[PredicateWrapper] -.->|one of four-same| E[Any Predicate]
E[Any Predicate] --> K[serde::Serialize]
C[Statement_naive] --> K[serde::Serialize]
K[serde::Serialize] --> H[json attestation]

Finished and todo feature

[x] DSSE Envelope data model
[ ] DSSE introduced into attestion sealing
[x] Link compatity data model v0.2 [Serialize+Deserialize]
[x] SLSA provenance data model v0.1 [Serialize+Deserialize]
[x] SLSA provenance data model v0.2 [Serialize+Deserialize]
[x] SLSA introduced into attestion formatting
[x] New argument in in-toto-run for switch attestion format
[x] New testcase for SLSA provenance and Link provenance
[ ] work with rebuildered to migrate output format into SLSA

API updated

API	argument	update	description	type
in_toto_run	build_id	renamed from `name`	correspond to SLSA `build_id`	&str
in_toto_run	build_type	new argument	correspond to SLSA `build_type`, necessary for SLSA format	Option<&str>
in_toto_run	statement_format	new argument	output format of attestation	Option<MetaFormat>

Corresponding PR

PR	description
#27	Add Pre-Authentication Encoding(pae) for DSSE
#28	Add data model EnvelopeFile for DSSE
#32	Add 3 Predicate model / 2 State models for SLSA
#36	Add callee of SLSA model

Sep 12 '22 12:09 cutecutecat

in-toto-rs in-toto-rs copied to clipboard

Roadmap of GSOC 2022

Structure of workflow

step 1 -- Generate predicate version by argument

step 2 -- Generate statement version by argument

step3 -- Validate the predicate and statement

step 4 -- Serialize the statement

Finished and todo feature

API updated

Corresponding PR

in-toto-rs
in-toto-rs copied to clipboard