Fuzz introspector: fuzz_with_cert_chain
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
594 0 EP call site: 00000 model_signing.signing.Config.sign

Fuzzer calltree

0 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.TestOneInput [function] [call site] 00000
1 atheris.FuzzedDataProvider [function] [call site] 00001
1 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.build_valid_chain [function] [call site] 00002
2 fdp.ConsumeIntInRange [function] [call site] 00003
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.deterministic_validity [function] [call site] 00004
3 datetime.datetime [function] [call site] 00005
3 fdp.ConsumeIntInRange [function] [call site] 00006
3 datetime.timedelta [function] [call site] 00007
3 fdp.ConsumeIntInRange [function] [call site] 00008
3 datetime.timedelta [function] [call site] 00009
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.gen_private_key [function] [call site] 00010
3 fdp.ConsumeBool [function] [call site] 00011
3 fdp.PickValueInList [function] [call site] 00012
3 fdp.PickValueInList [function] [call site] 00013
3 cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key [function] [call site] 00014
4 cryptography.hazmat.primitives.asymmetric.rsa._verify_rsa_parameters [function] [call site] 00015
4 cryptography.hazmat.bindings._rust.openssl.rsa.generate_private_key [function] [call site] 00016
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.gen_name [function] [call site] 00017
3 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._rand_utf8 [function] [call site] 00018
4 fdp.ConsumeIntInRange [function] [call site] 00019
4 fdp.ConsumeBytes [function] [call site] 00020
4 <builtin>.chr [function] [call site] 00021
3 fdp.ConsumeBool [function] [call site] 00022
3 attrs.append [function] [call site] 00023
3 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._rand_utf8 [function] [call site] 00024
3 fdp.ConsumeBool [function] [call site] 00025
3 attrs.append [function] [call site] 00026
3 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._rand_utf8 [function] [call site] 00027
3 fdp.ConsumeBool [function] [call site] 00028
3 fdp.ConsumeBytes [function] [call site] 00029
3 <builtin>.ord [function] [call site] 00030
3 <builtin>.chr [function] [call site] 00031
3 attrs.append [function] [call site] 00032
3 fdp.ConsumeBool [function] [call site] 00033
3 attrs.append [function] [call site] 00034
3 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._rand_utf8 [function] [call site] 00035
2 cryptography.x509.base.CertificateBuilder.subject_name [function] [call site] 00036
3 <builtin>.isinstance [function] [call site] 00037
3 cryptography.x509.base.CertificateBuilder.__init__ [function] [call site] 00038
2 cryptography.x509.base.CertificateBuilder.issuer_name [function] [call site] 00039
3 <builtin>.isinstance [function] [call site] 00040
3 cryptography.x509.base.CertificateBuilder.__init__ [function] [call site] 00041
2 cryptography.x509.base.CertificateBuilder.public_key [function] [call site] 00042
3 <builtin>.isinstance [function] [call site] 00043
3 cryptography.x509.base.CertificateBuilder.__init__ [function] [call site] 00044
2 cryptography.x509.base.CertificateBuilder.serial_number [function] [call site] 00045
3 <builtin>.isinstance [function] [call site] 00046
3 number.bit_length [function] [call site] 00047
3 cryptography.x509.base.CertificateBuilder.__init__ [function] [call site] 00048
2 cryptography.x509.base.CertificateBuilder.not_valid_before [function] [call site] 00049
3 <builtin>.isinstance [function] [call site] 00050
3 cryptography.x509.base._convert_to_naive_utc_time [function] [call site] 00051
4 time.utcoffset [function] [call site] 00052
4 datetime.timedelta [function] [call site] 00053
4 time.replace [function] [call site] 00054
3 cryptography.x509.base.CertificateBuilder.__init__ [function] [call site] 00055
2 cryptography.x509.base.CertificateBuilder.not_valid_after [function] [call site] 00056
3 <builtin>.isinstance [function] [call site] 00057
3 cryptography.x509.base._convert_to_naive_utc_time [function] [call site] 00058
3 cryptography.x509.base.CertificateBuilder.__init__ [function] [call site] 00059
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00060
3 <builtin>.isinstance [function] [call site] 00061
3 cryptography.x509.extensions.Extension.__init__ [function] [call site] 00062
4 <builtin>.isinstance [function] [call site] 00063
4 <builtin>.isinstance [function] [call site] 00064
3 cryptography.x509.base._reject_duplicate_extension [function] [call site] 00065
3 cryptography.x509.base.CertificateBuilder.__init__ [function] [call site] 00066
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00067
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00068
2 root_key.public_key [function] [call site] 00069
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.deterministic_serial [function] [call site] 00070
3 fdp.ConsumeIntInRange [function] [call site] 00071
3 fdp.ConsumeBytes [function] [call site] 00072
3 int.from_bytes [function] [call site] 00073
2 root_key.public_key [function] [call site] 00074
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._ski [function] [call site] 00075
3 cryptography.x509.extensions.SubjectKeyIdentifier.from_public_key [function] [call site] 00076
4 cryptography.x509.extensions._key_identifier_from_public_key [function] [call site] 00077
5 <builtin>.isinstance [function] [call site] 00078
5 public_key.public_bytes [function] [call site] 00079
5 <builtin>.isinstance [function] [call site] 00080
5 public_key.public_bytes [function] [call site] 00081
5 public_key.public_bytes [function] [call site] 00082
5 cryptography.hazmat.bindings._rust.asn1.parse_spki_for_data [function] [call site] 00083
5 hashlib.sha1 [function] [call site] 00084
4 cryptography.x509.extensions.SubjectKeyIdentifier.__init__ [function] [call site] 00085
2 cryptography.x509.base.CertificateBuilder.sign [function] [call site] 00086
3 <builtin>.isinstance [function] [call site] 00087
3 <builtin>.isinstance [function] [call site] 00088
3 <builtin>.isinstance [function] [call site] 00089
3 cryptography.hazmat.bindings._rust.x509.create_x509_certificate [function] [call site] 00090
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._pick_sig_hash [function] [call site] 00091
3 fdp.PickValueInList [function] [call site] 00092
2 <builtin>.range [function] [call site] 00093
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.gen_private_key [function] [call site] 00094
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.gen_name [function] [call site] 00095
2 cryptography.x509.base.CertificateBuilder.subject_name [function] [call site] 00096
2 cryptography.x509.base.CertificateBuilder.issuer_name [function] [call site] 00097
2 cryptography.x509.base.CertificateBuilder.public_key [function] [call site] 00098
2 cryptography.x509.base.CertificateBuilder.serial_number [function] [call site] 00099
2 cryptography.x509.base.CertificateBuilder.not_valid_before [function] [call site] 00100
2 cryptography.x509.base.CertificateBuilder.not_valid_after [function] [call site] 00101
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00102
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00103
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00104
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00105
2 key.public_key [function] [call site] 00106
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.deterministic_serial [function] [call site] 00107
2 key.public_key [function] [call site] 00108
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._ski [function] [call site] 00109
2 cryptography.x509.extensions.AuthorityKeyIdentifier.from_issuer_subject_key_identifier [function] [call site] 00110
3 cryptography.x509.extensions.AuthorityKeyIdentifier.__init__ [function] [call site] 00111
4 <builtin>.list [function] [call site] 00112
4 <builtin>.all [function] [call site] 00113
4 <builtin>.isinstance [function] [call site] 00114
4 <builtin>.isinstance [function] [call site] 00115
2 cryptography.x509.extensions.SubjectKeyIdentifier.from_public_key [function] [call site] 00116
2 issuer_key.public_key [function] [call site] 00117
2 cryptography.x509.base.CertificateBuilder.sign [function] [call site] 00118
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._pick_sig_hash [function] [call site] 00119
2 issuers.insert [function] [call site] 00120
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.gen_ec_key [function] [call site] 00121
3 fdp.PickValueInList [function] [call site] 00122
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.gen_name [function] [call site] 00123
2 cryptography.x509.base.CertificateBuilder.subject_name [function] [call site] 00124
2 cryptography.x509.base.CertificateBuilder.issuer_name [function] [call site] 00125
2 cryptography.x509.base.CertificateBuilder.public_key [function] [call site] 00126
2 cryptography.x509.base.CertificateBuilder.serial_number [function] [call site] 00127
2 cryptography.x509.base.CertificateBuilder.not_valid_before [function] [call site] 00128
2 cryptography.x509.base.CertificateBuilder.not_valid_after [function] [call site] 00129
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00130
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00131
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00132
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00133
2 cryptography.x509.base.CertificateBuilder.add_extension [function] [call site] 00134
2 leaf_key.public_key [function] [call site] 00135
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.deterministic_serial [function] [call site] 00136
2 leaf_key.public_key [function] [call site] 00137
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._ski [function] [call site] 00138
2 cryptography.x509.extensions.AuthorityKeyIdentifier.from_issuer_subject_key_identifier [function] [call site] 00139
2 cryptography.x509.extensions.SubjectKeyIdentifier.from_public_key [function] [call site] 00140
2 issuer_key.public_key [function] [call site] 00141
2 cryptography.x509.base.CertificateBuilder.sign [function] [call site] 00142
2 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._pick_sig_hash [function] [call site] 00143
1 tempfile.mkdtemp [function] [call site] 00144
1 pathlib.Path [function] [call site] 00145
1 pathlib.Path [function] [call site] 00146
1 <builtin>.open [function] [call site] 00147
1 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.key_to_pem [function] [call site] 00148
2 priv.private_bytes [function] [call site] 00149
1 f.write [function] [call site] 00150
1 <builtin>.open [function] [call site] 00151
1 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.to_pem_cert [function] [call site] 00152
2 cert.public_bytes [function] [call site] 00153
1 f.write [function] [call site] 00154
1 <builtin>.enumerate [function] [call site] 00155
1 pathlib.Path [function] [call site] 00156
1 <builtin>.open [function] [call site] 00157
1 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain.to_pem_cert [function] [call site] 00158
1 f.write [function] [call site] 00159
1 chain_paths.append [function] [call site] 00160
1 <builtin>.len [function] [call site] 00161
1 shutil.rmtree [function] [call site] 00162
1 shutil.rmtree [function] [call site] 00163
1 tempfile.mkdtemp [function] [call site] 00164
1 pathlib.Path [function] [call site] 00165
1 utils.create_fuzz_files [function] [call site] 00166
1 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._rand_utf8 [function] [call site] 00167
1 ...model-transparency.tests.fuzzing.fuzz_with_cert_chain._build_hashing_config_from_fdp [function] [call site] 00168
2 fdp.ConsumeIntInRange [function] [call site] 00169
2 fdp.ConsumeBool [function] [call site] 00170
2 fdp.ConsumeBool [function] [call site] 00171
2 hcfg.use_file_serialization [function] [call site] 00172
2 hcfg.use_shard_serialization [function] [call site] 00173
1 model_signing.signing.Config.__init__ [function] [call site] 00174
1 model_signing.signing.Config.use_certificate_signer [function] [call site] 00175
2 model_signing._signing.sign_certificate.Signer.__init__ [function] [call site] 00176
3 <builtin>.super [function] [call site] 00177
3 signing_certificate_path.read_bytes [function] [call site] 00178
3 path.read_bytes [function] [call site] 00179
2 pathlib.Path [function] [call site] 00180
2 pathlib.Path [function] [call site] 00181
2 pathlib.Path [function] [call site] 00182
1 model_signing.signing.Config.set_hashing_config [function] [call site] 00183
1 model_signing.signing.Config.sign [function] [call site] 00184
2 model_signing.signing.Config.use_sigstore_signer [function] [call site] 00185
3 model_signing._signing.sign_sigstore.Signer.__init__ [function] [call site] 00186
4 sigstore.models.ClientTrustConfig.staging [function] [call site] 00187
5 sigstore.models.ClientTrustConfig.from_tuf [function] [call site] 00188
6 sigstore._internal.tuf.TrustUpdater.__init__ [function] [call site] 00189
7 url.rstrip [function] [call site] 00190
7 sigstore._internal.tuf._get_dirs [function] [call site] 00191
8 urllib.parse.quote [function] [call site] 00192
8 platformdirs.user_data_dir [function] [call site] 00193
8 pathlib.Path [function] [call site] 00194
8 platformdirs.user_cache_dir [function] [call site] 00195
8 pathlib.Path [function] [call site] 00196
7 artifact_path.exists [function] [call site] 00197
7 sigstore._utils.read_embedded [function] [call site] 00198
8 urllib.parse.quote [function] [call site] 00199
8 importlib.resources.files [function] [call site] 00200
8 importlib_resources.files [function] [call site] 00201
7 artifact_path.write_bytes [function] [call site] 00202
7 _logger.debug [function] [call site] 00203
7 _logger.debug [function] [call site] 00204
7 _logger.warning [function] [call site] 00205
7 sigstore._utils.read_embedded [function] [call site] 00206
7 bootstrap_root.read_bytes [function] [call site] 00207
7 tuf.ngclient.Updater [function] [call site] 00208
7 <builtin>.str [function] [call site] 00209
7 urllib.parse.urljoin [function] [call site] 00210
7 <builtin>.str [function] [call site] 00211
7 tuf.ngclient.UpdaterConfig [function] [call site] 00212
7 tuf.ngclient.Updater.refresh [function] [call site] 00213
6 sigstore._internal.tuf.TrustUpdater.get_trusted_root_path [function] [call site] 00214
7 _logger.debug [function] [call site] 00215
7 <builtin>.str [function] [call site] 00216
7 tuf.ngclient.Updater.get_targetinfo [function] [call site] 00217
7 tuf.ngclient.Updater.find_cached_target [function] [call site] 00218
7 tuf.ngclient.Updater.download_target [function] [call site] 00219
7 _logger.debug [function] [call site] 00220
6 pathlib.Path [function] [call site] 00221
6 pathlib.Path.read_bytes [function] [call site] 00222
6 sigstore_models.trustroot.v1.TrustedRoot.from_json [function] [call site] 00223
6 sigstore._internal.tuf.TrustUpdater.get_signing_config_path [function] [call site] 00224
7 _logger.debug [function] [call site] 00225
7 <builtin>.str [function] [call site] 00226
7 tuf.ngclient.Updater.get_targetinfo [function] [call site] 00227
7 tuf.ngclient.Updater.find_cached_target [function] [call site] 00228
7 tuf.ngclient.Updater.download_target [function] [call site] 00229
7 _logger.debug [function] [call site] 00230
6 pathlib.Path [function] [call site] 00231
6 pathlib.Path.read_bytes [function] [call site] 00232
6 sigstore_models.trustroot.v1.SigningConfig.from_json [function] [call site] 00233
6 sigstore.models.ClientTrustConfig.__init__ [function] [call site] 00234
6 sigstore_models.trustroot.v1.ClientTrustConfig [function] [call site] 00235
4 sigstore.models.ClientTrustConfig.from_json [function] [call site] 00236
5 sigstore_models.trustroot.v1.ClientTrustConfig.from_json [function] [call site] 00237
5 sigstore.models.ClientTrustConfig.__init__ [function] [call site] 00238
4 trust_config.read_text [function] [call site] 00239
4 sigstore.models.ClientTrustConfig.production [function] [call site] 00240
5 sigstore.models.ClientTrustConfig.from_tuf [function] [call site] 00241
4 trust_config.signing_config.get_oidc_url [function] [call site] 00242
4 sigstore.oidc.Issuer.__init__ [function] [call site] 00243
5 requests.Session [function] [call site] 00244
5 urllib.parse.urljoin [function] [call site] 00245
5 resp.raise_for_status [function] [call site] 00246
5 resp.json [function] [call site] 00247
5 pydantic.BaseModel.model_validate [function] [call site] 00248
4 sigstore.sign.SigningContext.from_trust_config [function] [call site] 00249
5 sigstore.sign.SigningContext.__init__ [function] [call site] 00250
5 signing_config.get_fulcio [function] [call site] 00251
5 signing_config.get_tlogs [function] [call site] 00252
5 signing_config.get_tsas [function] [call site] 00253
2 model_signing._signing.signing.Payload.__init__ [function] [call site] 00254
3 model_signing._hashing.memory.SHA256.__init__ [function] [call site] 00255
4 hashlib.sha256 [function] [call site] 00256
3 manifest.resource_descriptors [function] [call site] 00257
3 model_signing._hashing.memory.SHA256.update [function] [call site] 00258
3 resources.append [function] [call site] 00259
3 model_signing._hashing.memory.SHA256.compute [function] [call site] 00260
3 statement.ResourceDescriptor [function] [call site] 00261
3 statement.Statement [function] [call site] 00262
2 model_signing._signing.sign_sigstore.Signer.sign [function] [call site] 00263
3 sigstore.dsse.Statement.__init__ [function] [call site] 00264
4 <builtin>.isinstance [function] [call site] 00265
4 pydantic.BaseModel.model_validate_json [function] [call site] 00266
4 pydantic.BaseModel.model_dump_json [function] [call site] 00267
3 google.protobuf.json_format.MessageToJson [function] [call site] 00268
3 model_signing._signing.sign_sigstore.Signer._get_identity_token [function] [call site] 00269
4 sigstore.oidc.IdentityToken.__init__ [function] [call site] 00270
5 jwt.decode [function] [call site] 00271
5 sigstore.oidc.IdentityToken.in_validity_period [function] [call site] 00272
6 datetime.datetime.now [function] [call site] 00273
5 _KNOWN_OIDC_ISSUERS.get [function] [call site] 00274
5 <builtin>.str [function] [call site] 00275
5 <builtin>.str [function] [call site] 00276
5 <builtin>.isinstance [function] [call site] 00277
5 federated_claims.get [function] [call site] 00278
5 <builtin>.isinstance [function] [call site] 00279
4 sigstore.oidc.detect_credential [function] [call site] 00280
5 id.detect_credential [function] [call site] 00281
5 typing.cast [function] [call site] 00282
5 sigstore.oidc.IdentityError.raise_from_id [function] [call site] 00283
4 sigstore.oidc.IdentityToken.__init__ [function] [call site] 00284
4 sigstore.oidc.Issuer.identity_token [function] [call site] 00285
5 sigstore._internal.oidc.oauth._OAuthFlow.__init__ [function] [call site] 00286
6 sigstore._internal.oidc.oauth._OAuthRedirectServer.__init__ [function] [call site] 00287
7 <builtin>.super [function] [call site] 00288
7 sigstore._internal.oidc.oauth._OAuthSession.__init__ [function] [call site] 00289
8 uuid.uuid4 [function] [call site] 00290
8 <builtin>.str [function] [call site] 00291
8 uuid.uuid4 [function] [call site] 00292
8 <builtin>.str [function] [call site] 00293
8 typing.NewType [function] [call site] 00294
8 os.urandom [function] [call site] 00295
8 base64.urlsafe_b64encode [function] [call site] 00296
6 threading.Thread [function] [call site] 00297
5 webbrowser.open [function] [call site] 00298
5 <builtin>.print [function] [call site] 00299
5 server.enable_oob [function] [call site] 00300
5 <builtin>.print [function] [call site] 00301
5 server.is_oob [function] [call site] 00302
5 time.sleep [function] [call site] 00303
5 server.auth_response.get [function] [call site] 00304
5 <builtin>.input [function] [call site] 00305
5 logging.debug [function] [call site] 00306
5 resp.raise_for_status [function] [call site] 00307
5 resp.json [function] [call site] 00308
5 token_json.get [function] [call site] 00309
5 sigstore.oidc.IdentityToken.__init__ [function] [call site] 00310
3 signer.sign_dsse [function] [call site] 00311
3 model_signing._signing.sign_sigstore.Signature.__init__ [function] [call site] 00312
2 model_signing._signing.sign_ec_key.Signer.sign [function] [call site] 00313
3 google.protobuf.json_format.MessageToJson [function] [call site] 00314
3 sigstore_models.intoto.Signature [function] [call site] 00315
3 base64.b64encode [function] [call site] 00316
3 model_signing._signing.sign_sigstore_pb.pae [function] [call site] 00317
4 <builtin>.len [function] [call site] 00318
4 <builtin>.len [function] [call site] 00319
3 model_signing._signing.sign_ec_key.get_ec_key_hash [function] [call site] 00320
3 cryptography.hazmat.primitives.asymmetric.ec.ECDSA.__init__ [function] [call site] 00321
4 cryptography.hazmat.backends.openssl.backend.Backend.ecdsa_deterministic_supported [function] [call site] 00322
3 sigstore_models.intoto.Envelope [function] [call site] 00323
3 base64.b64encode [function] [call site] 00324
3 model_signing._signing.sign_sigstore_pb.Signature.__init__ [function] [call site] 00325
3 sigstore_models.bundle.v1.Bundle [function] [call site] 00326
3 model_signing._signing.sign_certificate.Signer._get_verification_material [function] [call site] 00327
4 model_signing._signing.sign_certificate.Signer._get_verification_material._to_protobuf_certificate [function] [call site] 00328
5 sigstore_models.common.v1.X509Certificate [function] [call site] 00329
5 base64.b64encode [function] [call site] 00330
5 certificate.public_bytes [function] [call site] 00331
4 chain.extend [function] [call site] 00332
4 model_signing._signing.sign_certificate.Signer._get_verification_material._to_protobuf_certificate [function] [call site] 00333
4 sigstore_models.bundle.v1.VerificationMaterial [function] [call site] 00334
4 sigstore_models.common.v1.X509CertificateChain [function] [call site] 00335
2 model_signing._signing.sign_pkcs11.Signer.sign [function] [call site] 00336
3 google.protobuf.json_format.MessageToJson [function] [call site] 00337
3 model_signing._signing.sign_ec_key.get_ec_key_hash [function] [call site] 00338
3 model_signing._signing.sign_sigstore_pb.pae [function] [call site] 00339
3 hash.update [function] [call site] 00340
3 hash.finalize [function] [call site] 00341
3 PyKCS11.Mechanism [function] [call site] 00342
3 asn1crypto.algos.DSASignature.from_p1363 [function] [call site] 00343
3 base64.b64encode [function] [call site] 00344
3 sigstore_models.intoto.Signature [function] [call site] 00345
3 sigstore_models.intoto.Envelope [function] [call site] 00346
3 base64.b64encode [function] [call site] 00347
3 model_signing._signing.sign_sigstore_pb.Signature.__init__ [function] [call site] 00348
3 sigstore_models.bundle.v1.Bundle [function] [call site] 00349
3 model_signing._signing.sign_pkcs11.CertSigner._get_verification_material [function] [call site] 00350
4 model_signing._signing.sign_pkcs11.CertSigner._get_verification_material._to_protobuf_certificate [function] [call site] 00351
5 sigstore_models.common.v1.X509Certificate [function] [call site] 00352
5 certificate.public_bytes [function] [call site] 00353
4 chain.extend [function] [call site] 00354
4 model_signing._signing.sign_pkcs11.CertSigner._get_verification_material._to_protobuf_certificate [function] [call site] 00355
4 sigstore_models.bundle.v1.VerificationMaterial [function] [call site] 00356
4 sigstore_models.common.v1.X509CertificateChain [function] [call site] 00357
2 pathlib.Path [function] [call site] 00358
2 model_signing._signing.sign_sigstore_pb.Signature.write [function] [call site] 00359
3 path.write_text [function] [call site] 00360
2 model_signing._signing.sign_sigstore.Signature.write [function] [call site] 00361
3 path.write_text [function] [call site] 00362
1 model_signing.verifying.Config.__init__ [function] [call site] 00363
1 model_signing.verifying.Config.use_certificate_verifier [function] [call site] 00364
2 model_signing._signing.sign_certificate.Verifier.__init__ [function] [call site] 00365
3 certifi.where [function] [call site] 00366
3 pathlib.Path [function] [call site] 00367
3 path.read_bytes [function] [call site] 00368
3 OpenSSL.crypto.X509Store [function] [call site] 00369
3 model_signing._signing.sign_certificate._log_certificate_fingerprint [function] [call site] 00370
4 certificate.fingerprint [function] [call site] 00371
4 logger.info [function] [call site] 00372
3 OpenSSL.crypto.X509.from_cryptography [function] [call site] 00373
2 pathlib.Path [function] [call site] 00374
1 model_signing.verifying.Config.set_hashing_config [function] [call site] 00375
1 model_signing.verifying.Config.verify [function] [call site] 00376
2 pathlib.Path [function] [call site] 00377
2 model_signing._signing.sign_sigstore.Signature.read [function] [call site] 00378
3 path.read_text [function] [call site] 00379
3 sigstore.models.Bundle.from_json [function] [call site] 00380
4 sigstore_models.bundle.v1.Bundle.from_json [function] [call site] 00381
4 sigstore.models.Bundle.__init__ [function] [call site] 00382
5 sigstore.models.Bundle._verify [function] [call site] 00383
6 enum.Enum.__init__ [function] [call site] 00384
6 cryptography.hazmat.bindings._rust.x509.load_der_x509_certificate [function] [call site] 00385
6 cryptography.hazmat.bindings._rust.x509.load_der_x509_certificate [function] [call site] 00386
6 sigstore._utils.cert_is_leaf [function] [call site] 00387
7 sigstore._utils.cert_is_ca [function] [call site] 00388
8 cert.extensions.get_extension_for_oid [function] [call site] 00389
8 cert.extensions.get_extension_for_oid [function] [call site] 00390
7 cert.extensions.get_extension_for_oid [function] [call site] 00391
7 cert.extensions.get_extension_for_oid [function] [call site] 00392
6 sigstore._utils.cert_is_root_ca [function] [call site] 00393
7 sigstore._utils.cert_is_ca [function] [call site] 00394
7 cert.verify_directly_issued_by [function] [call site] 00395
6 _logger.warning [function] [call site] 00396
6 <builtin>.len [function] [call site] 00397
6 sigstore.models.TransparencyLogEntry.__init__ [function] [call site] 00398
7 sigstore.models.TransparencyLogEntry._validate [function] [call site] 00399
6 _logger.debug [function] [call site] 00400
3 model_signing._signing.sign_sigstore.Signature.__init__ [function] [call site] 00401
2 pathlib.Path [function] [call site] 00402
2 model_signing._signing.sign_sigstore_pb.Signature.read [function] [call site] 00403
3 path.read_text [function] [call site] 00404
3 json.loads [function] [call site] 00405
3 sigstore_models.bundle.v1.Bundle.from_dict [function] [call site] 00406
3 model_signing._signing.sign_sigstore_pb.Signature.__init__ [function] [call site] 00407
2 model_signing._signing.signing.Verifier.verify [function] [call site] 00408
3 model_signing._signing.sign_sigstore.Verifier._verify_signed_content [function] [call site] 00409
4 typing.cast [function] [call site] 00410
4 sigstore.verify.verifier.Verifier.verify_dsse [function] [call site] 00411
5 sigstore.verify.verifier.Verifier._verify_common_signing_cert [function] [call site] 00412
6 OpenSSL.crypto.X509Store [function] [call site] 00413
6 OpenSSL.crypto.X509Store.set_flags [function] [call site] 00414
6 OpenSSL.crypto.X509Store.add_cert [function] [call site] 00415
6 sigstore.verify.verifier.Verifier._establish_time [function] [call site] 00416
7 sigstore.verify.verifier.Verifier._verify_timestamp_authority [function] [call site] 00417
8 <builtin>.len [function] [call site] 00418
8 <builtin>.len [function] [call site] 00419
8 <builtin>.set [function] [call site] 00420
8 <builtin>.len [function] [call site] 00421
8 <builtin>.len [function] [call site] 00422
8 sigstore.verify.verifier.Verifier._verify_signed_timestamp [function] [call site] 00423
9 certificate_authority.certificates [function] [call site] 00424
9 <builtin>.len [function] [call site] 00425
9 _logger.debug [function] [call site] 00426
9 rfc3161_client.VerifierBuilder [function] [call site] 00427
9 rfc3161_client.VerifierBuilder.tsa_certificate [function] [call site] 00428
9 builder.add_intermediate_certificate [function] [call site] 00429
9 builder.build [function] [call site] 00430
9 verifier.verify_message [function] [call site] 00431
9 _logger.debug [function] [call site] 00432
9 _logger.debug [function] [call site] 00433
7 verified_timestamps.extend [function] [call site] 00434
7 verified_timestamps.append [function] [call site] 00435
7 datetime.datetime.fromtimestamp [function] [call site] 00436
6 <builtin>.len [function] [call site] 00437
6 OpenSSL.crypto.X509.from_cryptography [function] [call site] 00438
6 sigstore.verify.verifier.Verifier._verify_chain_at_time [function] [call site] 00439
7 OpenSSL.crypto.X509Store [function] [call site] 00440
7 OpenSSL.crypto.X509Store.set_flags [function] [call site] 00441
7 OpenSSL.crypto.X509Store.add_cert [function] [call site] 00442
7 OpenSSL.crypto.X509Store.set_time [function] [call site] 00443
7 OpenSSL.crypto.X509StoreContext [function] [call site] 00444
7 OpenSSL.crypto.X509StoreContext.get_verified_chain [function] [call site] 00445
6 sigstore._internal.sct.verify_sct [function] [call site] 00446
7 sigstore._internal.sct._get_signed_certificate_timestamp [function] [call site] 00447
8 typing.cast.bundle.signing_certificate.extensions.get_extension_for_class [function] [call site] 00448
8 <builtin>.len [function] [call site] 00449
7 sigstore._internal.sct._get_issuer_cert [function] [call site] 00450
8 sigstore._internal.sct._is_preissuer [function] [call site] 00451
9 issuer.extensions.get_extension_for_class [function] [call site] 00452
7 issuer_cert.public_key [function] [call site] 00453
7 sigstore._internal.sct._cert_is_ca [function] [call site] 00454
8 _logger.debug [function] [call site] 00455
8 sigstore._utils.cert_is_ca [function] [call site] 00456
8 _logger.debug [function] [call site] 00457
7 <builtin>.isinstance [function] [call site] 00458
7 sigstore._utils.key_id [function] [call site] 00459
8 key.public_bytes [function] [call site] 00460
8 hashlib.sha256 [function] [call site] 00461
8 typing.NewType [function] [call site] 00462
7 sigstore._internal.sct._pack_digitally_signed [function] [call site] 00463
8 <builtin>.len [function] [call site] 00464
8 sigstore._internal.sct._pack_signed_entry [function] [call site] 00465
9 typing.cast.bundle.signing_certificate.public_bytes [function] [call site] 00466
9 <builtin>.len [function] [call site] 00467
9 fields.append [function] [call site] 00468
9 struct.unpack [function] [call site] 00469
9 <builtin>.len [function] [call site] 00470
9 struct.pack [function] [call site] 00471
9 <builtin>.len [function] [call site] 00472
9 pack_format.format [function] [call site] 00473
9 fields.extend [function] [call site] 00474
9 struct.pack [function] [call site] 00475
8 <builtin>.len [function] [call site] 00476
8 sct.timestamp.replace [function] [call site] 00477
8 struct.pack [function] [call site] 00478
8 timestamp.timestamp [function] [call site] 00479
8 <builtin>.int [function] [call site] 00480
8 <builtin>.len [function] [call site] 00481
7 <builtin>.isinstance [function] [call site] 00482
7 sct.log_id.hex [function] [call site] 00483
7 _logger.debug [function] [call site] 00484
7 ct_keyring.verify [function] [call site] 00485
7 typing.NewType [function] [call site] 00486
6 parent_cert.to_cryptography [function] [call site] 00487
6 typing.cast.bundle.signing_certificate.extensions.get_extension_for_class [function] [call site] 00488
6 typing.cast.bundle.signing_certificate.extensions.get_extension_for_class [function] [call site] 00489
6 sigstore.verify.policy.Identity.verify [function] [call site] 00490
7 sigstore.verify.policy._SingleX509ExtPolicy.verify [function] [call site] 00491
8 typing.cast.bundle.signing_certificate.extensions.get_extension_for_oid [function] [call site] 00492
8 ext.value.decode [function] [call site] 00493
7 typing.cast.bundle.signing_certificate.extensions.get_extension_for_class [function] [call site] 00494
7 san_ext.get_values_for_type [function] [call site] 00495
7 <builtin>.set [function] [call site] 00496
7 san_ext.get_values_for_type [function] [call site] 00497
7 all_sans.update [function] [call site] 00498
7 all_sans.update [function] [call site] 00499
7 on.value.decode [function] [call site] 00500
7 san_ext.get_values_for_type [function] [call site] 00501
6 _logger.debug [function] [call site] 00502
6 typing.cast.bundle.log_entry._verify [function] [call site] 00503
5 typing.cast.bundle.signing_certificate.public_key [function] [call site] 00504
5 typing.cast [function] [call site] 00505
5 sigstore.dsse._verify [function] [call site] 00506
6 sigstore.dsse._pae [function] [call site] 00507
7 <builtin>.len [function] [call site] 00508
6 <builtin>.len [function] [call site] 00509
6 cryptography.hazmat.primitives.asymmetric.ec.ECDSA.__init__ [function] [call site] 00510
6 typing.cast.verify [function] [call site] 00511
5 sigstore.verify.verifier._validate_dsse_v002_entry_body [function] [call site] 00512
6 sigstore_models.rekor.v2.entry.Entry.from_json [function] [call site] 00513
6 sigstore._utils.sha256_digest [function] [call site] 00514
7 <builtin>.isinstance [function] [call site] 00515
7 <builtin>.isinstance [function] [call site] 00516
7 hashlib.sha256 [function] [call site] 00517
7 sigstore._utils._sha256_streaming [function] [call site] 00518
8 hashlib.sha256 [function] [call site] 00519
8 <builtin>.bytearray [function] [call site] 00520
8 <builtin>.memoryview [function] [call site] 00521
8 io.readinto [function] [call site] 00522
8 sha256.update [function] [call site] 00523
8 io.readinto [function] [call site] 00524
8 sha256.digest [function] [call site] 00525
6 sigstore_models.rekor.v2.verifier.Signature [function] [call site] 00526
6 base64.b64encode [function] [call site] 00527
6 sigstore.verify.verifier._v2_verifier_from_certificate [function] [call site] 00528
7 typing.cast.bundle.signing_certificate.public_key [function] [call site] 00529
7 <builtin>.isinstance [function] [call site] 00530
7 <builtin>.isinstance [function] [call site] 00531
7 <builtin>.isinstance [function] [call site] 00532
7 <builtin>.isinstance [function] [call site] 00533
7 sigstore_models.rekor.v2.verifier.Verifier [function] [call site] 00534
7 sigstore_models.common.v1.X509Certificate [function] [call site] 00535
7 base64.b64encode [function] [call site] 00536
7 typing.cast.bundle.signing_certificate.public_bytes [function] [call site] 00537
5 sigstore.verify.verifier._validate_dsse_v001_entry_body [function] [call site] 00538
6 rekor_types.Dsse.model_validate_json [function] [call site] 00539
6 sigstore._utils.sha256_digest [function] [call site] 00540
6 typing.cast.bundle._dsse_envelope._inner.payload.digest.hex [function] [call site] 00541
6 rekor_types.dsse.Signature [function] [call site] 00542
6 base64.b64encode [function] [call site] 00543
6 sigstore._utils.base64_encode_pem_cert [function] [call site] 00544
7 typing.NewType [function] [call site] 00545
7 typing.cast.bundle.signing_certificate.public_bytes [function] [call site] 00546
7 base64.b64encode [function] [call site] 00547
3 json.loads [function] [call site] 00548
3 model_signing._signing.signing.dsse_payload_to_manifest [function] [call site] 00549
4 model_signing._signing.signing.dsse_payload_to_manifest_compat [function] [call site] 00550
5 model_signing.manifest.SerializationType.from_args [function] [call site] 00551
6 subclass._from_args [function] [call site] 00552
5 bytes.fromhex [function] [call site] 00553
5 serialization.new_item [function] [call site] 00554
5 items.append [function] [call site] 00555
5 model_signing.manifest.Manifest.__init__ [function] [call site] 00556
4 <builtin>.len [function] [call site] 00557
4 model_signing.manifest.SerializationType.from_args [function] [call site] 00558
4 model_signing._hashing.memory.SHA256.__init__ [function] [call site] 00559
4 bytes.fromhex [function] [call site] 00560
4 model_signing._hashing.memory.SHA256.update [function] [call site] 00561
4 serialization.new_item [function] [call site] 00562
4 items.append [function] [call site] 00563
4 model_signing._hashing.memory.SHA256.compute [function] [call site] 00564
4 model_signing.manifest.Manifest.__init__ [function] [call site] 00565
2 model_signing.verifying.Config._guess_hashing_config [function] [call site] 00566
3 <builtin>.frozenset [function] [call site] 00567
3 <builtin>.frozenset [function] [call site] 00568
2 model_signing.manifest.Manifest.resource_descriptors [function] [call site] 00569
3 <builtin>.sorted [function] [call site] 00570
3 <builtin>.str [function] [call site] 00571
2 model_signing.verifying.Config._get_manifest_diff [function] [call site] 00572
3 actual.resource_descriptors [function] [call site] 00573
3 model_signing.manifest.Manifest.resource_descriptors [function] [call site] 00574
3 actual_hashes.keys [function] [call site] 00575
3 <builtin>.set [function] [call site] 00576
3 <builtin>.set [function] [call site] 00577
3 expected_hashes.keys [function] [call site] 00578
3 diffs.append [function] [call site] 00579
3 <builtin>.sorted [function] [call site] 00580
3 expected_hashes.keys [function] [call site] 00581
3 <builtin>.set [function] [call site] 00582
3 <builtin>.set [function] [call site] 00583
3 actual_hashes.keys [function] [call site] 00584
3 diffs.append [function] [call site] 00585
3 <builtin>.sorted [function] [call site] 00586
3 actual_hashes.keys [function] [call site] 00587
3 <builtin>.set [function] [call site] 00588
3 expected_hashes.keys [function] [call site] 00589
3 <builtin>.set [function] [call site] 00590
3 <builtin>.sorted [function] [call site] 00591
3 diffs.append [function] [call site] 00592
1 shutil.rmtree [function] [call site] 00593
1 shutil.rmtree [function] [call site] 00594