From 4371750c500fa7789e2b8982d4e1dffa2c9ded9f Mon Sep 17 00:00:00 2001 From: sagnik3788 Date: Thu, 18 Jan 2024 22:55:48 +0530 Subject: [PATCH] improve SBOM validation Signed-off-by: sagnik3788 --- build.go | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/build.go b/build.go index 70b6032..8d6c64b 100644 --- a/build.go +++ b/build.go @@ -19,6 +19,7 @@ package libcnb import ( "errors" "fmt" + "mime" "os" "path/filepath" "reflect" @@ -371,10 +372,29 @@ func validateSBOMFormats(layersPath string, acceptedSBOMFormats []string) error return fmt.Errorf("unable to parse SBOM %s\n%w", sbomFormat, err) } - if !contains(acceptedSBOMFormats, sbomFormat.MediaType()) { - return fmt.Errorf("unable to find actual SBOM Type %s in list of supported SBOM types %s", sbomFormat.MediaType(), acceptedSBOMFormats) + mimeType := sbomFormat.MediaType() + + if !(contains(acceptedSBOMFormats, mimeType)) { + return fmt.Errorf("unable to find actual SBOM Type %s in list of supported SBOM types %v", mimeType, acceptedSBOMFormats) + } + + if err := ensureDeclared(acceptedSBOMFormats, mimeType); err != nil { + return fmt.Errorf("error validating SBOM Type %s: %w", mimeType, err) } } return nil } + +func ensureDeclared(declaredTypes []string, foundType string) error { + for _, declaredType := range declaredTypes { + dType, _, err := mime.ParseMediaType(declaredType) + if err != nil { + return fmt.Errorf("parsing declared media type: %w", err) + } + if foundType == dType { + return nil + } + } + return fmt.Errorf("undeclared SBOM media type: '%s'", foundType) +}