Expand description
uor_addr::schema::codemodule_signed — signed-code-module
content-addressing (ARCHITECTURE.md “Schema-pinned descendants”
§ uor-addr-codemodule-signed).
Schema-pinned descendant of crate::json that imports the
in-toto Statement v1 attestation format — the host-boundary
parser admits only JSON-LD-style values conforming to in-toto’s
published Statement contract per
https://in-toto.io/Statement/v1.
§no_std + no_alloc
Schema admission walks the parsed crate::json::JsonValue’s
tagged bytes via crate::json::JsonValueRef. No serde_json,
no allocator.
§Authoritative sources
- in-toto Statement v1 — https://github.com/in-toto/attestation/blob/main/spec/v1/statement.md.
- SLSA Provenance v1 — https://slsa.dev/spec/v1.0/provenance.
- sigstore signature spec — https://docs.sigstore.dev/cosign/signature_specification/.
§Admission predicate
_typeis"https://in-toto.io/Statement/v1".subjectis a non-empty array; each element is an object with:name— non-empty string.digest— object with at least onesha256entry whose value is a 64-character lowercase-hex SHA-256 digest.
predicateType— non-empty string IRI.predicate— JSON object.
Structs§
Enums§
Constants§
- REQUIRED_
PROPERTIES - SHA256_
HEX_ BYTES - SHA-256 digest hex byte width.
- STATEMENT_
TYPE_ IRI - in-toto Statement v1
_typeIRI.
Functions§
- address
- Mint a κ-label over an in-toto-v1-Statement-admitted JSON value.
- address_
blake3 - As
address, but binds theblake3σ-axis (crate::hash). Schema admission is identical; only the κ-derivation hash differs. - address_
keccak256 - As
address, but binds thekeccak256σ-axis (crate::hash). Schema admission is identical; only the κ-derivation hash differs. - address_
sha3_ 256 - As
address, but binds thesha3_256σ-axis (crate::hash). Schema admission is identical; only the κ-derivation hash differs. - address_
sha512 - As
address, but binds thesha512σ-axis (crate::hash). - canonicalize
- Available only under the
allocfeature.