From f99d31578419a7d9dd878c6c8c3508aa6e1b2c42 Mon Sep 17 00:00:00 2001 From: Marcela Melara Date: Fri, 3 Nov 2023 19:09:29 -0700 Subject: [PATCH 1/3] Add KubeConCNCNA23 demo verification flow setup Signed-off-by: Marcela Melara --- README.md | 2 +- .../README.md | 0 .../attestations/build.e060fc8d.json | 1 + .../evidence-collection.keyid.json | 1 + .../evidence-collection.scai.json | 50 +++++++++++++++ .../images/intoto-kccncna2023-demo.png | Bin .../pdo_client_wawaka.provenance.json | 21 +++++++ .../tlog-entries/pdo_client_wawaka.scai.json | 21 +++++++ kccncna2023-demo/verification-flow.sh | 19 ++++++ scai-gen/cmd/rekor.go | 59 ++++++++++++++++++ scai-gen/cmd/root.go | 1 + 11 files changed, 174 insertions(+), 1 deletion(-) rename docs/kccncna2023.md => kccncna2023-demo/README.md (100%) create mode 100644 kccncna2023-demo/attestations/build.e060fc8d.json create mode 100644 kccncna2023-demo/attestations/evidence-collection.keyid.json create mode 100644 kccncna2023-demo/attestations/evidence-collection.scai.json rename {docs => kccncna2023-demo}/images/intoto-kccncna2023-demo.png (100%) create mode 100644 kccncna2023-demo/tlog-entries/pdo_client_wawaka.provenance.json create mode 100644 kccncna2023-demo/tlog-entries/pdo_client_wawaka.scai.json create mode 100755 kccncna2023-demo/verification-flow.sh create mode 100644 scai-gen/cmd/rekor.go diff --git a/README.md b/README.md index 9e6f2fa..a1a5edd 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ illustrative purposes, and should not be used in production. [in-toto Attestation Framework]: https://github.com/in-toto/attestation/tree/main/spec [intro doc]: docs/intro.md -[KubeCon + CloudNativeCon NA '23]: docs/kccncna2023.md +[KubeCon + CloudNativeCon NA '23]: kccncna2023-demo/README.md [usage doc]: docs/usage.md [SCAI specification]: https://github.com/in-toto/attestation/blob/main/spec/predicates/scai.md [SCAI spec doc]: https://arxiv.org/pdf/2210.05813.pdf diff --git a/docs/kccncna2023.md b/kccncna2023-demo/README.md similarity index 100% rename from docs/kccncna2023.md rename to kccncna2023-demo/README.md diff --git a/kccncna2023-demo/attestations/build.e060fc8d.json b/kccncna2023-demo/attestations/build.e060fc8d.json new file mode 100644 index 0000000..8f2aee9 --- /dev/null +++ b/kccncna2023-demo/attestations/build.e060fc8d.json @@ -0,0 +1 @@ +{"payloadType":"application/vnd.in-toto+json","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjAuMSIsInByZWRpY2F0ZVR5cGUiOiJodHRwczovL3Nsc2EuZGV2L3Byb3ZlbmFuY2UvdjAuMiIsInN1YmplY3QiOlt7Im5hbWUiOiJwZG9fY2xpZW50X3dhd2FrYSIsImRpZ2VzdCI6eyJzaGEyNTYiOiIwMmMxY2E0Mjc0YTM0NmE3M2QwZTMyOTBmNzhlMWJjOGQ1Y2UxNjNkMWY0OGY1YWZkNTU5MTI3MmFiOWI0NTAwIn19XSwicHJlZGljYXRlIjp7ImJ1aWxkZXIiOnsiaWQiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Nsc2EzLnltbEByZWZzL3RhZ3MvdjEuNy4wIn0sImJ1aWxkVHlwZSI6Imh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvZ2VuZXJpY0B2MSIsImludm9jYXRpb24iOnsiY29uZmlnU291cmNlIjp7InVyaSI6ImdpdCtodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0c0ByZWZzL2hlYWRzL2ludG90by1rY2NuY25hMjAyMy1kZW1vIiwiZGlnZXN0Ijp7InNoYTEiOiJmMzJhNTJkNTllMWRlMWJjYmU3ZjY1NzFkM2FhOWExZWE3MTlhMjhhIn0sImVudHJ5UG9pbnQiOiIuZ2l0aHViL3dvcmtmbG93cy9pbnRvdG8ta2NjbmNuYTIwMjMtZGVtby55bWwifSwicGFyYW1ldGVycyI6e30sImVudmlyb25tZW50Ijp7ImdpdGh1Yl9hY3RvciI6Im1hcmNlbGFtZWxhcmEiLCJnaXRodWJfYWN0b3JfaWQiOiI5Mzc5Nzg5OCIsImdpdGh1Yl9iYXNlX3JlZiI6IiIsImdpdGh1Yl9ldmVudF9uYW1lIjoicHVzaCIsImdpdGh1Yl9ldmVudF9wYXlsb2FkIjp7ImFmdGVyIjoiZjMyYTUyZDU5ZTFkZTFiY2JlN2Y2NTcxZDNhYTlhMWVhNzE5YTI4YSIsImJhc2VfcmVmIjoicmVmcy9oZWFkcy9rdWJlY29uTkEyMy1pbnRvdG8tZGVtbyIsImJlZm9yZSI6IjAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAiLCJjb21taXRzIjpbXSwiY29tcGFyZSI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbXBhcmUvaW50b3RvLWtjY25jbmEyMDIzLWRlbW8iLCJjcmVhdGVkIjp0cnVlLCJkZWxldGVkIjpmYWxzZSwiZm9yY2VkIjpmYWxzZSwiaGVhZF9jb21taXQiOnsiYXV0aG9yIjp7ImVtYWlsIjoibWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tIiwibmFtZSI6Ik1hcmNlbGEgTWVsYXJhIiwidXNlcm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sImNvbW1pdHRlciI6eyJlbWFpbCI6Im1hcmNlbGEubWVsYXJhQGludGVsLmNvbSIsIm5hbWUiOiJNYXJjZWxhIE1lbGFyYSIsInVzZXJuYW1lIjoibWFyY2VsYW1lbGFyYSJ9LCJkaXN0aW5jdCI6dHJ1ZSwiaWQiOiJmMzJhNTJkNTllMWRlMWJjYmU3ZjY1NzFkM2FhOWExZWE3MTlhMjhhIiwibWVzc2FnZSI6IkFkZCBLdWJlQ29uIE5BICcyMyBkZW1vIGJ1aWxkIHdvcmtmbG93XG5cblNpZ25lZC1vZmYtYnk6IE1hcmNlbGEgTWVsYXJhIFx1MDAzY21hcmNlbGEubWVsYXJhQGludGVsLmNvbVx1MDAzZSIsInRpbWVzdGFtcCI6IjIwMjMtMTEtMDJUMTA6MTQ6MjAtMDc6MDAiLCJ0cmVlX2lkIjoiYjk0ODljNTZmZWJlOTE0ZGEzYzkwY2Y5ZDE0YjJlZWRhMWVjNTY1MyIsInVybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbW1pdC9mMzJhNTJkNTllMWRlMWJjYmU3ZjY1NzFkM2FhOWExZWE3MTlhMjhhIn0sInB1c2hlciI6eyJlbWFpbCI6Im1hcmNlbGEubWVsYXJhQGludGVsLmNvbSIsIm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sInJlZiI6InJlZnMvaGVhZHMvaW50b3RvLWtjY25jbmEyMDIzLWRlbW8iLCJyZXBvc2l0b3J5Ijp7ImFsbG93X2ZvcmtpbmciOnRydWUsImFyY2hpdmVfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3thcmNoaXZlX2Zvcm1hdH17L3JlZn0iLCJhcmNoaXZlZCI6ZmFsc2UsImFzc2lnbmVlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvYXNzaWduZWVzey91c2VyfSIsImJsb2JzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvYmxvYnN7L3NoYX0iLCJicmFuY2hlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvYnJhbmNoZXN7L2JyYW5jaH0iLCJjbG9uZV91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy5naXQiLCJjb2xsYWJvcmF0b3JzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9jb2xsYWJvcmF0b3Jzey9jb2xsYWJvcmF0b3J9IiwiY29tbWVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbW1lbnRzey9udW1iZXJ9IiwiY29tbWl0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29tbWl0c3svc2hhfSIsImNvbXBhcmVfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbXBhcmUve2Jhc2V9Li4ue2hlYWR9IiwiY29udGVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbnRlbnRzL3srcGF0aH0iLCJjb250cmlidXRvcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbnRyaWJ1dG9ycyIsImNyZWF0ZWRfYXQiOjE1ODAxNTg1MzQsImRlZmF1bHRfYnJhbmNoIjoibWFpbiIsImRlcGxveW1lbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9kZXBsb3ltZW50cyIsImRlc2NyaXB0aW9uIjoiVGhlIFByaXZhdGUgRGF0YSBPYmplY3RzIGxhYiBwcm92aWRlcyB0ZWNobm9sb2d5IGZvciBjb25maWRlbnRpYWxpdHktcHJlc2VydmluZywgb2ZmLWNoYWluIHNtYXJ0IGNvbnRyYWN0cy4iLCJkaXNhYmxlZCI6ZmFsc2UsImRvd25sb2Fkc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZG93bmxvYWRzIiwiZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9ldmVudHMiLCJmb3JrIjp0cnVlLCJmb3JrcyI6MSwiZm9ya3NfY291bnQiOjEsImZvcmtzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9mb3JrcyIsImZ1bGxfbmFtZSI6Im1hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMiLCJnaXRfY29tbWl0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZ2l0L2NvbW1pdHN7L3NoYX0iLCJnaXRfcmVmc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZ2l0L3JlZnN7L3NoYX0iLCJnaXRfdGFnc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZ2l0L3RhZ3N7L3NoYX0iLCJnaXRfdXJsIjoiZ2l0Oi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzLmdpdCIsImhhc19kaXNjdXNzaW9ucyI6ZmFsc2UsImhhc19kb3dubG9hZHMiOnRydWUsImhhc19pc3N1ZXMiOmZhbHNlLCJoYXNfcGFnZXMiOmZhbHNlLCJoYXNfcHJvamVjdHMiOnRydWUsImhhc193aWtpIjp0cnVlLCJob21lcGFnZSI6bnVsbCwiaG9va3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2hvb2tzIiwiaHRtbF91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cyIsImlkIjoyMzY1OTI5MDgsImlzX3RlbXBsYXRlIjpmYWxzZSwiaXNzdWVfY29tbWVudF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvaXNzdWVzL2NvbW1lbnRzey9udW1iZXJ9IiwiaXNzdWVfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9pc3N1ZXMvZXZlbnRzey9udW1iZXJ9IiwiaXNzdWVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9pc3N1ZXN7L251bWJlcn0iLCJrZXlzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9rZXlzey9rZXlfaWR9IiwibGFiZWxzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9sYWJlbHN7L25hbWV9IiwibGFuZ3VhZ2UiOiJDKysiLCJsYW5ndWFnZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2xhbmd1YWdlcyIsImxpY2Vuc2UiOnsia2V5IjoiYXBhY2hlLTIuMCIsIm5hbWUiOiJBcGFjaGUgTGljZW5zZSAyLjAiLCJub2RlX2lkIjoiTURjNlRHbGpaVzV6WlRJPSIsInNwZHhfaWQiOiJBcGFjaGUtMi4wIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9saWNlbnNlcy9hcGFjaGUtMi4wIn0sIm1hc3Rlcl9icmFuY2giOiJtYWluIiwibWVyZ2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9tZXJnZXMiLCJtaWxlc3RvbmVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9taWxlc3RvbmVzey9udW1iZXJ9IiwibWlycm9yX3VybCI6bnVsbCwibmFtZSI6InByaXZhdGUtZGF0YS1vYmplY3RzIiwibm9kZV9pZCI6Ik1ERXdPbEpsY0c5emFYUnZjbmt5TXpZMU9USTVNRGc9Iiwibm90aWZpY2F0aW9uc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvbm90aWZpY2F0aW9uc3s/c2luY2UsYWxsLHBhcnRpY2lwYXRpbmd9Iiwib3Blbl9pc3N1ZXMiOjAsIm9wZW5faXNzdWVzX2NvdW50IjowLCJvd25lciI6eyJhdmF0YXJfdXJsIjoiaHR0cHM6Ly9hdmF0YXJzLmdpdGh1YnVzZXJjb250ZW50LmNvbS91LzkzNzk3ODk4P3Y9NCIsImVtYWlsIjoibWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tIiwiZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9ldmVudHN7L3ByaXZhY3l9IiwiZm9sbG93ZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9mb2xsb3dlcnMiLCJmb2xsb3dpbmdfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2ZvbGxvd2luZ3svb3RoZXJfdXNlcn0iLCJnaXN0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvZ2lzdHN7L2dpc3RfaWR9IiwiZ3JhdmF0YXJfaWQiOiIiLCJodG1sX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhIiwiaWQiOjkzNzk3ODk4LCJsb2dpbiI6Im1hcmNlbGFtZWxhcmEiLCJuYW1lIjoibWFyY2VsYW1lbGFyYSIsIm5vZGVfaWQiOiJVX2tnRE9CWmMtQ2ciLCJvcmdhbml6YXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9vcmdzIiwicmVjZWl2ZWRfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9yZWNlaXZlZF9ldmVudHMiLCJyZXBvc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvcmVwb3MiLCJzaXRlX2FkbWluIjpmYWxzZSwic3RhcnJlZF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvc3RhcnJlZHsvb3duZXJ9ey9yZXBvfSIsInN1YnNjcmlwdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3N1YnNjcmlwdGlvbnMiLCJ0eXBlIjoiVXNlciIsInVybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYSJ9LCJwcml2YXRlIjpmYWxzZSwicHVsbHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3B1bGxzey9udW1iZXJ9IiwicHVzaGVkX2F0IjoxNjk4OTQ1NTQ1LCJyZWxlYXNlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvcmVsZWFzZXN7L2lkfSIsInNpemUiOjM0ODAsInNzaF91cmwiOiJnaXRAZ2l0aHViLmNvbTptYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzLmdpdCIsInN0YXJnYXplcnMiOjAsInN0YXJnYXplcnNfY291bnQiOjAsInN0YXJnYXplcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3N0YXJnYXplcnMiLCJzdGF0dXNlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvc3RhdHVzZXMve3NoYX0iLCJzdWJzY3JpYmVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvc3Vic2NyaWJlcnMiLCJzdWJzY3JpcHRpb25fdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3N1YnNjcmlwdGlvbiIsInN2bl91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cyIsInRhZ3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3RhZ3MiLCJ0ZWFtc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvdGVhbXMiLCJ0b3BpY3MiOltdLCJ0cmVlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZ2l0L3RyZWVzey9zaGF9IiwidXBkYXRlZF9hdCI6IjIwMjItMDEtMTFUMDE6MDQ6MzRaIiwidXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMiLCJ2aXNpYmlsaXR5IjoicHVibGljIiwid2F0Y2hlcnMiOjAsIndhdGNoZXJzX2NvdW50IjowLCJ3ZWJfY29tbWl0X3NpZ25vZmZfcmVxdWlyZWQiOmZhbHNlfSwic2VuZGVyIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvOTM3OTc4OTg/dj00IiwiZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9ldmVudHN7L3ByaXZhY3l9IiwiZm9sbG93ZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9mb2xsb3dlcnMiLCJmb2xsb3dpbmdfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2ZvbGxvd2luZ3svb3RoZXJfdXNlcn0iLCJnaXN0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvZ2lzdHN7L2dpc3RfaWR9IiwiZ3JhdmF0YXJfaWQiOiIiLCJodG1sX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhIiwiaWQiOjkzNzk3ODk4LCJsb2dpbiI6Im1hcmNlbGFtZWxhcmEiLCJub2RlX2lkIjoiVV9rZ0RPQlpjLUNnIiwib3JnYW5pemF0aW9uc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvb3JncyIsInJlY2VpdmVkX2V2ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvcmVjZWl2ZWRfZXZlbnRzIiwicmVwb3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3JlcG9zIiwic2l0ZV9hZG1pbiI6ZmFsc2UsInN0YXJyZWRfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3N0YXJyZWR7L293bmVyfXsvcmVwb30iLCJzdWJzY3JpcHRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9zdWJzY3JpcHRpb25zIiwidHlwZSI6IlVzZXIiLCJ1cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEifX0sImdpdGh1Yl9oZWFkX3JlZiI6IiIsImdpdGh1Yl9yZWYiOiJyZWZzL2hlYWRzL2ludG90by1rY2NuY25hMjAyMy1kZW1vIiwiZ2l0aHViX3JlZl90eXBlIjoiYnJhbmNoIiwiZ2l0aHViX3JlcG9zaXRvcnlfaWQiOiIyMzY1OTI5MDgiLCJnaXRodWJfcmVwb3NpdG9yeV9vd25lciI6Im1hcmNlbGFtZWxhcmEiLCJnaXRodWJfcmVwb3NpdG9yeV9vd25lcl9pZCI6IjkzNzk3ODk4IiwiZ2l0aHViX3J1bl9hdHRlbXB0IjoiMSIsImdpdGh1Yl9ydW5faWQiOiI2NzM2MDUxMzQ5IiwiZ2l0aHViX3J1bl9udW1iZXIiOiIyIiwiZ2l0aHViX3NoYTEiOiJmMzJhNTJkNTllMWRlMWJjYmU3ZjY1NzFkM2FhOWExZWE3MTlhMjhhIn19LCJtZXRhZGF0YSI6eyJidWlsZEludm9jYXRpb25JRCI6IjY3MzYwNTEzNDktMSIsImNvbXBsZXRlbmVzcyI6eyJwYXJhbWV0ZXJzIjp0cnVlLCJlbnZpcm9ubWVudCI6ZmFsc2UsIm1hdGVyaWFscyI6ZmFsc2V9LCJyZXByb2R1Y2libGUiOmZhbHNlfSwibWF0ZXJpYWxzIjpbeyJ1cmkiOiJnaXQraHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHNAcmVmcy9oZWFkcy9pbnRvdG8ta2NjbmNuYTIwMjMtZGVtbyIsImRpZ2VzdCI6eyJzaGExIjoiZjMyYTUyZDU5ZTFkZTFiY2JlN2Y2NTcxZDNhYTlhMWVhNzE5YTI4YSJ9fV19fQ==","signatures":[{"keyid":"","sig":"MEQCIByuHkfkBkK5VwGWxNXi6mDZ8uQINXYdchAqOhxJVu8rAiAZDNbKKWv5k73pINPluH/OYXGVyHJhcJ84GJQfLquK2Q==","cert":"-----BEGIN CERTIFICATE-----\nMIIHuDCCBz6gAwIBAgIUEjL+iKMGHDZx40JCEI4XmLPIOjwwCgYIKoZIzj0EAwMw\nNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRl\ncm1lZGlhdGUwHhcNMjMxMTAyMTczOTQ3WhcNMjMxMTAyMTc0OTQ3WjAAMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEid/NZhyCdtz+W1WsJU/ECeWPY+WfKVVGm/yH\nOeOyF4teaUO8Ivwuk+tInihuNFXqARe6wz5FR4UmZekQjpXlLaOCBl0wggZZMA4G\nA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUu5vW\nz4Dh2uVQp3ywiFymVTGEKEYwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4Y\nZD8wgYQGA1UdEQEB/wR6MHiGdmh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1l\nd29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvLmdpdGh1Yi93b3JrZmxvd3MvZ2Vu\nZXJhdG9yX2dlbmVyaWNfc2xzYTMueW1sQHJlZnMvdGFncy92MS43LjAwOQYKKwYB\nBAGDvzABAQQraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50\nLmNvbTASBgorBgEEAYO/MAECBARwdXNoMDYGCisGAQQBg78wAQMEKGYzMmE1MmQ1\nOWUxZGUxYmNiZTdmNjU3MWQzYWE5YTFlYTcxOWEyOGEwTAYKKwYBBAGDvzABBAQ+\nUHJpdmF0ZSBEYXRhIE9iamVjdHMgKFBETykgYnVpbGQgd2l0aCBTVyBzdXBwbHkg\nY2hhaW4gbWV0YWRhdGEwMAYKKwYBBAGDvzABBQQibWFyY2VsYW1lbGFyYS9wcml2\nYXRlLWRhdGEtb2JqZWN0czAwBgorBgEEAYO/MAEGBCJyZWZzL2hlYWRzL2ludG90\nby1rY2NuY25hMjAyMy1kZW1vMDsGCisGAQQBg78wAQgELQwraHR0cHM6Ly90b2tl\nbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbTCBhgYKKwYBBAGDvzABCQR4\nDHZodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWIt\nZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Ns\nc2EzLnltbEByZWZzL3RhZ3MvdjEuNy4wMDgGCisGAQQBg78wAQoEKgwoZTU1Yjc2\nY2U0MjEwODJkZmE0YjM0YTZhYzNjNWU1OWRlMGYzYmI1ODAdBgorBgEEAYO/MAEL\nBA8MDWdpdGh1Yi1ob3N0ZWQwRQYKKwYBBAGDvzABDAQ3DDVodHRwczovL2dpdGh1\nYi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0czA4BgorBgEE\nAYO/MAENBCoMKGYzMmE1MmQ1OWUxZGUxYmNiZTdmNjU3MWQzYWE5YTFlYTcxOWEy\nOGEwMgYKKwYBBAGDvzABDgQkDCJyZWZzL2hlYWRzL2ludG90by1rY2NuY25hMjAy\nMy1kZW1vMBkGCisGAQQBg78wAQ8ECwwJMjM2NTkyOTA4MDAGCisGAQQBg78wARAE\nIgwgaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEwGAYKKwYBBAGDvzAB\nEQQKDAg5Mzc5Nzg5ODCBmAYKKwYBBAGDvzABEgSBiQyBhmh0dHBzOi8vZ2l0aHVi\nLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzLy5naXRodWIv\nd29ya2Zsb3dzL2ludG90by1rY2NuY25hMjAyMy1kZW1vLnltbEByZWZzL2hlYWRz\nL2ludG90by1rY2NuY25hMjAyMy1kZW1vMDgGCisGAQQBg78wARMEKgwoZjMyYTUy\nZDU5ZTFkZTFiY2JlN2Y2NTcxZDNhYTlhMWVhNzE5YTI4YTAUBgorBgEEAYO/MAEU\nBAYMBHB1c2gwaAYKKwYBBAGDvzABFQRaDFhodHRwczovL2dpdGh1Yi5jb20vbWFy\nY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9hY3Rpb25zL3J1bnMvNjcz\nNjA1MTM0OS9hdHRlbXB0cy8xMBYGCisGAQQBg78wARYECAwGcHVibGljMIGJBgor\nBgEEAdZ5AgQCBHsEeQB3AHUA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p\n7o4AAAGLkR6n2wAABAMARjBEAiAhDbI+6lM6YdPOT+nTdPmWcR2vdLnzsXaamtSO\nnSwxIQIgPnwdA67rLTX0wM6cBVcxBm9oQn42tgCO4XpekkImjfcwCgYIKoZIzj0E\nAwMDaAAwZQIwSirI2MYX96zWUQEhYFCwBsWfZ0FSVxbpW5i2d8jI7NJPbQC4Rxo/\naJMsKAD1UDD9AjEA/0Z4kErsI82eYxd9A+zfGrFKpKk5QoqiLGgSKVh4SdL6Khfv\n5O0s2Z1BwoAsyHTJ\n-----END CERTIFICATE-----\n"}]} \ No newline at end of file diff --git a/kccncna2023-demo/attestations/evidence-collection.keyid.json b/kccncna2023-demo/attestations/evidence-collection.keyid.json new file mode 100644 index 0000000..a9e5bb9 --- /dev/null +++ b/kccncna2023-demo/attestations/evidence-collection.keyid.json @@ -0,0 +1 @@ +{"payloadType":"application/vnd.in-toto","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCAic3ViamVjdCI6W3sibmFtZSI6InBkb19jbGllbnRfd2F3YWthIiwgInVyaSI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbW1pdC80ZTA3YWZiYjM3ZTI0ZDUyODRjMjE2M2YzNjAzZDM3NGEwOTI2ODkwIiwgImRpZ2VzdCI6eyJzaGEyNTYiOiI5NTRmNjBjNWRlM2YzYjljMjFiOTExOGUyNWJlYzc5M2M0ZGU5MTZhYTMyYWYxNDBhY2M1NTAxZGIxODlkYjdiIn19XSwgInByZWRpY2F0ZVR5cGUiOiJodHRwczovL2luLXRvdG8uaW8vYXR0ZXN0YXRpb24vc2NhaS9hdHRyaWJ1dGUtcmVwb3J0L3YwLjIiLCAicHJlZGljYXRlIjp7ImF0dHJpYnV0ZXMiOlt7ImF0dHJpYnV0ZSI6Ikhhc1NCT00iLCAiZXZpZGVuY2UiOnsiZGlnZXN0Ijp7InNoYTI1NiI6IjkxZmI3ZWU4ODA3NzUyMGRmNGZiMjU2YzVkMDI5ZmYyYTE4ZWZmNzY3NGZhNWU1NDA0ZDJmZGY0ZGZkNDEzMmQifSwgImRvd25sb2FkTG9jYXRpb24iOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9hY3Rpb25zL3J1bnMvNjc0MDE4NTE4OSIsICJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi9qc29uIiwgIm5hbWUiOiJwZG9fY2xpZW50X3dhd2FrYS5zcGR4Lmpzb24ifX0sIHsiYXR0cmlidXRlIjoiSGFzU0xTQSIsICJldmlkZW5jZSI6eyJkaWdlc3QiOnsic2hhMjU2IjoiYTljMGVhYjFiYTA0M2U1YTUyOTAzYWRjMzNlYzAyNDFkZTIyMjhmZGVlOGQyNmZkMTJhNTAyNWRmOGE1ZjNiNiJ9LCAiZG93bmxvYWRMb2NhdGlvbiI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2FjdGlvbnMvcnVucy82NzQwMTg1MTg5IiwgIm1lZGlhVHlwZSI6ImFwcGxpY2F0aW9uL3ZuZC5pbi10b3RvLnByb3ZlbmFuY2UrZHNzZSIsICJuYW1lIjoicGRvX2NsaWVudF93YXdha2Euc2xzYS5pbnRvdG8uanNvbmwifX0sIHsiYXR0cmlidXRlIjoiTm9uSGVybWV0aWNCdWlsZCIsICJldmlkZW5jZSI6eyJkaWdlc3QiOnsic2hhMjU2IjoiZTkxNTY2YTM0ZWYxNzFlYTYyMDRkODc3NmIyMzQ5ZDVhOTZlMTA4MzNjYjY5MDViYjhiZWY3NDY5YTVhMzM0OCJ9LCAiZG93bmxvYWRMb2NhdGlvbiI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2FjdGlvbnMvcnVucy82NzQwMTg1MTg5IiwgIm1lZGlhVHlwZSI6InRleHQvcGxhaW4iLCAibmFtZSI6InN0cmFjZS5sb2cifX1dfX0=","signatures":[{"keyid":"","sig":"MEUCIQC6gF+QEE0Df7z520y4LLWC7xjNaYMIJL40h4sl/4otqgIgHfwfQsnqsWkM+rQqOV3PZXAt9NZFdUIbmILJqC0t9TM="}]} diff --git a/kccncna2023-demo/attestations/evidence-collection.scai.json b/kccncna2023-demo/attestations/evidence-collection.scai.json new file mode 100644 index 0000000..047453d --- /dev/null +++ b/kccncna2023-demo/attestations/evidence-collection.scai.json @@ -0,0 +1,50 @@ +{ + "_type": "https://in-toto.io/Statement/v1", + "subject": [ + { + "name": "pdo_client_wawaka", + "uri": "https://github.com/marcelamelara/private-data-objects/commit/4e07afbb37e24d5284c2163f3603d374a0926890", + "digest": { + "sha256": "954f60c5de3f3b9c21b9118e25bec793c4de916aa32af140acc5501db189db7b" + } + } + ], + "predicateType": "https://in-toto.io/attestation/scai/attribute-report/v0.2", + "predicate": { + "attributes": [ + { + "attribute": "HasSBOM", + "evidence": { + "digest": { + "sha256": "91fb7ee88077520df4fb256c5d029ff2a18eff7674fa5e5404d2fdf4dfd4132d" + }, + "downloadLocation": "https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", + "mediaType": "application/json", + "name": "pdo_client_wawaka.spdx.json" + } + }, + { + "attribute": "HasSLSA", + "evidence": { + "digest": { + "sha256": "a9c0eab1ba043e5a52903adc33ec0241de2228fdee8d26fd12a5025df8a5f3b6" + }, + "downloadLocation": "https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", + "mediaType": "application/vnd.in-toto.provenance+dsse", + "name": "pdo_client_wawaka.slsa.intoto.jsonl" + } + }, + { + "attribute": "NonHermeticBuild", + "evidence": { + "digest": { + "sha256": "e91566a34ef171ea6204d8776b2349d5a96e10833cb6905bb8bef7469a5a3348" + }, + "downloadLocation": "https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", + "mediaType": "text/plain", + "name": "strace.log" + } + } + ] + } +} diff --git a/docs/images/intoto-kccncna2023-demo.png b/kccncna2023-demo/images/intoto-kccncna2023-demo.png similarity index 100% rename from docs/images/intoto-kccncna2023-demo.png rename to kccncna2023-demo/images/intoto-kccncna2023-demo.png diff --git a/kccncna2023-demo/tlog-entries/pdo_client_wawaka.provenance.json b/kccncna2023-demo/tlog-entries/pdo_client_wawaka.provenance.json new file mode 100644 index 0000000..4537691 --- /dev/null +++ b/kccncna2023-demo/tlog-entries/pdo_client_wawaka.provenance.json @@ -0,0 +1,21 @@ +LogID: c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d +Attestation: {"_type":"https://in-toto.io/Statement/v0.1","predicateType":"https://slsa.dev/provenance/v0.2","subject":[{"name":"pdo_client_wawaka","digest":{"sha256":"954f60c5de3f3b9c21b9118e25bec793c4de916aa32af140acc5501db189db7b"}}],"predicate":{"builder":{"id":"https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@refs/tags/v1.7.0"},"buildType":"https://github.com/slsa-framework/slsa-github-generator/generic@v1","invocation":{"configSource":{"uri":"git+https://github.com/marcelamelara/private-data-objects@refs/heads/intoto-kccncna2023-demo","digest":{"sha1":"4e07afbb37e24d5284c2163f3603d374a0926890"},"entryPoint":".github/workflows/intoto-kccncna2023-demo.yml"},"parameters":{},"environment":{"github_actor":"marcelamelara","github_actor_id":"93797898","github_base_ref":"","github_event_name":"push","github_event_payload":{"after":"4e07afbb37e24d5284c2163f3603d374a0926890","base_ref":null,"before":"1b6e9168a1653126b5d7ddd5624c09ae28bfa8b0","commits":[{"author":{"email":"marcela.melara@intel.com","name":"Marcela Melara","username":"marcelamelara"},"committer":{"email":"marcela.melara@intel.com","name":"Marcela Melara","username":"marcelamelara"},"distinct":true,"id":"4e07afbb37e24d5284c2163f3603d374a0926890","message":"Fix signed attestation name\n\nSigned-off-by: Marcela Melara \u003cmarcela.melara@intel.com\u003e","timestamp":"2023-11-02T18:27:32-07:00","tree_id":"9f8903f7017d1ee513f0c420664c209f74fa4cba","url":"https://github.com/marcelamelara/private-data-objects/commit/4e07afbb37e24d5284c2163f3603d374a0926890"}],"compare":"https://github.com/marcelamelara/private-data-objects/compare/1b6e9168a165...4e07afbb37e2","created":false,"deleted":false,"forced":false,"head_commit":{"author":{"email":"marcela.melara@intel.com","name":"Marcela Melara","username":"marcelamelara"},"committer":{"email":"marcela.melara@intel.com","name":"Marcela Melara","username":"marcelamelara"},"distinct":true,"id":"4e07afbb37e24d5284c2163f3603d374a0926890","message":"Fix signed attestation name\n\nSigned-off-by: Marcela Melara \u003cmarcela.melara@intel.com\u003e","timestamp":"2023-11-02T18:27:32-07:00","tree_id":"9f8903f7017d1ee513f0c420664c209f74fa4cba","url":"https://github.com/marcelamelara/private-data-objects/commit/4e07afbb37e24d5284c2163f3603d374a0926890"},"pusher":{"email":"marcela.melara@intel.com","name":"marcelamelara"},"ref":"refs/heads/intoto-kccncna2023-demo","repository":{"allow_forking":true,"archive_url":"https://api.github.com/repos/marcelamelara/private-data-objects/{archive_format}{/ref}","archived":false,"assignees_url":"https://api.github.com/repos/marcelamelara/private-data-objects/assignees{/user}","blobs_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/blobs{/sha}","branches_url":"https://api.github.com/repos/marcelamelara/private-data-objects/branches{/branch}","clone_url":"https://github.com/marcelamelara/private-data-objects.git","collaborators_url":"https://api.github.com/repos/marcelamelara/private-data-objects/collaborators{/collaborator}","comments_url":"https://api.github.com/repos/marcelamelara/private-data-objects/comments{/number}","commits_url":"https://api.github.com/repos/marcelamelara/private-data-objects/commits{/sha}","compare_url":"https://api.github.com/repos/marcelamelara/private-data-objects/compare/{base}...{head}","contents_url":"https://api.github.com/repos/marcelamelara/private-data-objects/contents/{+path}","contributors_url":"https://api.github.com/repos/marcelamelara/private-data-objects/contributors","created_at":1580158534,"default_branch":"main","deployments_url":"https://api.github.com/repos/marcelamelara/private-data-objects/deployments","description":"The Private Data Objects lab provides technology for confidentiality-preserving, off-chain smart contracts.","disabled":false,"downloads_url":"https://api.github.com/repos/marcelamelara/private-data-objects/downloads","events_url":"https://api.github.com/repos/marcelamelara/private-data-objects/events","fork":true,"forks":1,"forks_count":1,"forks_url":"https://api.github.com/repos/marcelamelara/private-data-objects/forks","full_name":"marcelamelara/private-data-objects","git_commits_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/commits{/sha}","git_refs_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/refs{/sha}","git_tags_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/tags{/sha}","git_url":"git://github.com/marcelamelara/private-data-objects.git","has_discussions":false,"has_downloads":true,"has_issues":false,"has_pages":false,"has_projects":true,"has_wiki":true,"homepage":null,"hooks_url":"https://api.github.com/repos/marcelamelara/private-data-objects/hooks","html_url":"https://github.com/marcelamelara/private-data-objects","id":236592908,"is_template":false,"issue_comment_url":"https://api.github.com/repos/marcelamelara/private-data-objects/issues/comments{/number}","issue_events_url":"https://api.github.com/repos/marcelamelara/private-data-objects/issues/events{/number}","issues_url":"https://api.github.com/repos/marcelamelara/private-data-objects/issues{/number}","keys_url":"https://api.github.com/repos/marcelamelara/private-data-objects/keys{/key_id}","labels_url":"https://api.github.com/repos/marcelamelara/private-data-objects/labels{/name}","language":"C++","languages_url":"https://api.github.com/repos/marcelamelara/private-data-objects/languages","license":{"key":"apache-2.0","name":"Apache License 2.0","node_id":"MDc6TGljZW5zZTI=","spdx_id":"Apache-2.0","url":"https://api.github.com/licenses/apache-2.0"},"master_branch":"main","merges_url":"https://api.github.com/repos/marcelamelara/private-data-objects/merges","milestones_url":"https://api.github.com/repos/marcelamelara/private-data-objects/milestones{/number}","mirror_url":null,"name":"private-data-objects","node_id":"MDEwOlJlcG9zaXRvcnkyMzY1OTI5MDg=","notifications_url":"https://api.github.com/repos/marcelamelara/private-data-objects/notifications{?since,all,participating}","open_issues":0,"open_issues_count":0,"owner":{"avatar_url":"https://avatars.githubusercontent.com/u/93797898?v=4","email":"marcela.melara@intel.com","events_url":"https://api.github.com/users/marcelamelara/events{/privacy}","followers_url":"https://api.github.com/users/marcelamelara/followers","following_url":"https://api.github.com/users/marcelamelara/following{/other_user}","gists_url":"https://api.github.com/users/marcelamelara/gists{/gist_id}","gravatar_id":"","html_url":"https://github.com/marcelamelara","id":93797898,"login":"marcelamelara","name":"marcelamelara","node_id":"U_kgDOBZc-Cg","organizations_url":"https://api.github.com/users/marcelamelara/orgs","received_events_url":"https://api.github.com/users/marcelamelara/received_events","repos_url":"https://api.github.com/users/marcelamelara/repos","site_admin":false,"starred_url":"https://api.github.com/users/marcelamelara/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/marcelamelara/subscriptions","type":"User","url":"https://api.github.com/users/marcelamelara"},"private":false,"pulls_url":"https://api.github.com/repos/marcelamelara/private-data-objects/pulls{/number}","pushed_at":1698974855,"releases_url":"https://api.github.com/repos/marcelamelara/private-data-objects/releases{/id}","size":3479,"ssh_url":"git@github.com:marcelamelara/private-data-objects.git","stargazers":0,"stargazers_count":0,"stargazers_url":"https://api.github.com/repos/marcelamelara/private-data-objects/stargazers","statuses_url":"https://api.github.com/repos/marcelamelara/private-data-objects/statuses/{sha}","subscribers_url":"https://api.github.com/repos/marcelamelara/private-data-objects/subscribers","subscription_url":"https://api.github.com/repos/marcelamelara/private-data-objects/subscription","svn_url":"https://github.com/marcelamelara/private-data-objects","tags_url":"https://api.github.com/repos/marcelamelara/private-data-objects/tags","teams_url":"https://api.github.com/repos/marcelamelara/private-data-objects/teams","topics":[],"trees_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/trees{/sha}","updated_at":"2022-01-11T01:04:34Z","url":"https://github.com/marcelamelara/private-data-objects","visibility":"public","watchers":0,"watchers_count":0,"web_commit_signoff_required":false},"sender":{"avatar_url":"https://avatars.githubusercontent.com/u/93797898?v=4","events_url":"https://api.github.com/users/marcelamelara/events{/privacy}","followers_url":"https://api.github.com/users/marcelamelara/followers","following_url":"https://api.github.com/users/marcelamelara/following{/other_user}","gists_url":"https://api.github.com/users/marcelamelara/gists{/gist_id}","gravatar_id":"","html_url":"https://github.com/marcelamelara","id":93797898,"login":"marcelamelara","node_id":"U_kgDOBZc-Cg","organizations_url":"https://api.github.com/users/marcelamelara/orgs","received_events_url":"https://api.github.com/users/marcelamelara/received_events","repos_url":"https://api.github.com/users/marcelamelara/repos","site_admin":false,"starred_url":"https://api.github.com/users/marcelamelara/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/marcelamelara/subscriptions","type":"User","url":"https://api.github.com/users/marcelamelara"}},"github_head_ref":"","github_ref":"refs/heads/intoto-kccncna2023-demo","github_ref_type":"branch","github_repository_id":"236592908","github_repository_owner":"marcelamelara","github_repository_owner_id":"93797898","github_run_attempt":"1","github_run_id":"6740185189","github_run_number":"5","github_sha1":"4e07afbb37e24d5284c2163f3603d374a0926890"}},"metadata":{"buildInvocationID":"6740185189-1","completeness":{"parameters":true,"environment":false,"materials":false},"reproducible":false},"materials":[{"uri":"git+https://github.com/marcelamelara/private-data-objects@refs/heads/intoto-kccncna2023-demo","digest":{"sha1":"4e07afbb37e24d5284c2163f3603d374a0926890"}}]}} +Index: 47212639 +IntegratedTime: 2023-11-03T01:47:24Z +UUID: 24296fb24b8ad77ac67df9169ecdd6759b6894daeeafeb95e5398ad34e50418a1e94c6ae9cf7e7d0 +Body: { + "IntotoObj": { + "content": { + "hash": { + "algorithm": "sha256", + "value": "a9c0eab1ba043e5a52903adc33ec0241de2228fdee8d26fd12a5025df8a5f3b6" + }, + "payloadHash": { + "algorithm": "sha256", + "value": "75d64033e57a6d1d0f6abbfae527e56cc3741ce0d020946baa7d04520b572c3a" + } + }, + "publicKey": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUh1VENDQnorZ0F3SUJBZ0lVWkUySkJhaGxWTUQ0QTFScjBHMXpIZlZXMWE0d0NnWUlLb1pJemowRUF3TXcKTnpFVk1CTUdBMVVFQ2hNTWMybG5jM1J2Y21VdVpHVjJNUjR3SEFZRFZRUURFeFZ6YVdkemRHOXlaUzFwYm5SbApjbTFsWkdsaGRHVXdIaGNOTWpNeE1UQXpNREUwTnpJMFdoY05Nak14TVRBek1ERTFOekkwV2pBQU1Ga3dFd1lICktvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVKTEcwcFl5eG5GT3N5SXVhM1NaWFl0dVVDbitrQWpYM2Exa3cKYzVBUk9rL1JHQkxXeE5GSytXQUliR2hrekFDeXZuQ3lpNXFIbER0TUkrY0QzWFZOT3FPQ0JsNHdnZ1phTUE0RwpBMVVkRHdFQi93UUVBd0lIZ0RBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREF6QWRCZ05WSFE0RUZnUVUxYWlnCjB5NlQrblJiS0hwZ1dDTGtZOGxJSW00d0h3WURWUjBqQkJnd0ZvQVUzOVBwejFZa0VaYjVxTmpwS0ZXaXhpNFkKWkQ4d2dZUUdBMVVkRVFFQi93UjZNSGlHZG1oMGRIQnpPaTh2WjJsMGFIVmlMbU52YlM5emJITmhMV1p5WVcxbApkMjl5YXk5emJITmhMV2RwZEdoMVlpMW5aVzVsY21GMGIzSXZMbWRwZEdoMVlpOTNiM0pyWm14dmQzTXZaMlZ1ClpYSmhkRzl5WDJkbGJtVnlhV05mYzJ4ellUTXVlVzFzUUhKbFpuTXZkR0ZuY3k5Mk1TNDNMakF3T1FZS0t3WUIKQkFHRHZ6QUJBUVFyYUhSMGNITTZMeTkwYjJ0bGJpNWhZM1JwYjI1ekxtZHBkR2gxWW5WelpYSmpiMjUwWlc1MApMbU52YlRBU0Jnb3JCZ0VFQVlPL01BRUNCQVJ3ZFhOb01EWUdDaXNHQVFRQmc3OHdBUU1FS0RSbE1EZGhabUppCk16ZGxNalJrTlRJNE5HTXlNVFl6WmpNMk1ETmtNemMwWVRBNU1qWTRPVEF3VEFZS0t3WUJCQUdEdnpBQkJBUSsKVUhKcGRtRjBaU0JFWVhSaElFOWlhbVZqZEhNZ0tGQkVUeWtnWW5WcGJHUWdkMmwwYUNCVFZ5QnpkWEJ3YkhrZwpZMmhoYVc0Z2JXVjBZV1JoZEdFd01BWUtLd1lCQkFHRHZ6QUJCUVFpYldGeVkyVnNZVzFsYkdGeVlTOXdjbWwyCllYUmxMV1JoZEdFdGIySnFaV04wY3pBd0Jnb3JCZ0VFQVlPL01BRUdCQ0p5WldaekwyaGxZV1J6TDJsdWRHOTAKYnkxclkyTnVZMjVoTWpBeU15MWtaVzF2TURzR0Npc0dBUVFCZzc4d0FRZ0VMUXdyYUhSMGNITTZMeTkwYjJ0bApiaTVoWTNScGIyNXpMbWRwZEdoMVluVnpaWEpqYjI1MFpXNTBMbU52YlRDQmhnWUtLd1lCQkFHRHZ6QUJDUVI0CkRIWm9kSFJ3Y3pvdkwyZHBkR2gxWWk1amIyMHZjMnh6WVMxbWNtRnRaWGR2Y21zdmMyeHpZUzFuYVhSb2RXSXQKWjJWdVpYSmhkRzl5THk1bmFYUm9kV0l2ZDI5eWEyWnNiM2R6TDJkbGJtVnlZWFJ2Y2w5blpXNWxjbWxqWDNOcwpjMkV6TG5sdGJFQnlaV1p6TDNSaFozTXZkakV1Tnk0d01EZ0dDaXNHQVFRQmc3OHdBUW9FS2d3b1pUVTFZamMyClkyVTBNakV3T0RKa1ptRTBZak0wWVRaaFl6TmpOV1UxT1dSbE1HWXpZbUkxT0RBZEJnb3JCZ0VFQVlPL01BRUwKQkE4TURXZHBkR2gxWWkxb2IzTjBaV1F3UlFZS0t3WUJCQUdEdnpBQkRBUTNERFZvZEhSd2N6b3ZMMmRwZEdoMQpZaTVqYjIwdmJXRnlZMlZzWVcxbGJHRnlZUzl3Y21sMllYUmxMV1JoZEdFdGIySnFaV04wY3pBNEJnb3JCZ0VFCkFZTy9NQUVOQkNvTUtEUmxNRGRoWm1KaU16ZGxNalJrTlRJNE5HTXlNVFl6WmpNMk1ETmtNemMwWVRBNU1qWTQKT1RBd01nWUtLd1lCQkFHRHZ6QUJEZ1FrRENKeVpXWnpMMmhsWVdSekwybHVkRzkwYnkxclkyTnVZMjVoTWpBeQpNeTFrWlcxdk1Ca0dDaXNHQVFRQmc3OHdBUThFQ3d3Sk1qTTJOVGt5T1RBNE1EQUdDaXNHQVFRQmc3OHdBUkFFCklnd2dhSFIwY0hNNkx5OW5hWFJvZFdJdVkyOXRMMjFoY21ObGJHRnRaV3hoY21Fd0dBWUtLd1lCQkFHRHZ6QUIKRVFRS0RBZzVNemM1TnpnNU9EQ0JtQVlLS3dZQkJBR0R2ekFCRWdTQmlReUJobWgwZEhCek9pOHZaMmwwYUhWaQpMbU52YlM5dFlYSmpaV3hoYldWc1lYSmhMM0J5YVhaaGRHVXRaR0YwWVMxdlltcGxZM1J6THk1bmFYUm9kV0l2CmQyOXlhMlpzYjNkekwybHVkRzkwYnkxclkyTnVZMjVoTWpBeU15MWtaVzF2TG5sdGJFQnlaV1p6TDJobFlXUnoKTDJsdWRHOTBieTFyWTJOdVkyNWhNakF5TXkxa1pXMXZNRGdHQ2lzR0FRUUJnNzh3QVJNRUtnd29OR1V3TjJGbQpZbUl6TjJVeU5HUTFNamcwWXpJeE5qTm1Nell3TTJRek56UmhNRGt5TmpnNU1EQVVCZ29yQmdFRUFZTy9NQUVVCkJBWU1CSEIxYzJnd2FBWUtLd1lCQkFHRHZ6QUJGUVJhREZob2RIUndjem92TDJkcGRHaDFZaTVqYjIwdmJXRnkKWTJWc1lXMWxiR0Z5WVM5d2NtbDJZWFJsTFdSaGRHRXRiMkpxWldOMGN5OWhZM1JwYjI1ekwzSjFibk12TmpjMApNREU0TlRFNE9TOWhkSFJsYlhCMGN5OHhNQllHQ2lzR0FRUUJnNzh3QVJZRUNBd0djSFZpYkdsak1JR0tCZ29yCkJnRUVBZFo1QWdRQ0JId0VlZ0I0QUhZQTNUMHdhc2JIRVRKakdSNGNtV2MzQXFKS1hyamVQSzMvaDRweWdDOHAKN280QUFBR0xrdDBWcndBQUJBTUFSekJGQWlCR20yLzNZbDhTZ2VqR0p4V0tneTNZV21rcXhCY3l4a3dxdExMSgpjUGIxWkFJaEFMLzM1Tm1GbklNWVpSak04RGRHckQ3Y1FqSFJIbFlVOXBkRHIzcWh6REo3TUFvR0NDcUdTTTQ5CkJBTURBMmdBTUdVQ01RQ1htVWFzUWRXVUVRTzcweCtnZUlneFNyaXd5KzRMSUZMVUN5b1MyM205MDBBTlpLK0QKV2RDTXo4aUhjWlN4ZGhzQ01HVUtFU3BUbGFCcWhwVzV5b0RtbVB2b1FQU3FSRVlsazQzTHEyS1BJU3ZzSkE1WAo2RWNqWE0veHYyTGpnUXRHc3c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" + } +} + diff --git a/kccncna2023-demo/tlog-entries/pdo_client_wawaka.scai.json b/kccncna2023-demo/tlog-entries/pdo_client_wawaka.scai.json new file mode 100644 index 0000000..565ced6 --- /dev/null +++ b/kccncna2023-demo/tlog-entries/pdo_client_wawaka.scai.json @@ -0,0 +1,21 @@ +LogID: c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d +Attestation: {"_type":"https://in-toto.io/Statement/v1", "subject":[{"name":"pdo_client_wawaka", "uri":"https://github.com/marcelamelara/private-data-objects/commit/4e07afbb37e24d5284c2163f3603d374a0926890", "digest":{"sha256":"954f60c5de3f3b9c21b9118e25bec793c4de916aa32af140acc5501db189db7b"}}], "predicateType":"https://in-toto.io/attestation/scai/attribute-report/v0.2", "predicate":{"attributes":[{"attribute":"HasSBOM", "evidence":{"digest":{"sha256":"91fb7ee88077520df4fb256c5d029ff2a18eff7674fa5e5404d2fdf4dfd4132d"}, "downloadLocation":"https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", "mediaType":"application/json", "name":"pdo_client_wawaka.spdx.json"}}, {"attribute":"HasSLSA", "evidence":{"digest":{"sha256":"a9c0eab1ba043e5a52903adc33ec0241de2228fdee8d26fd12a5025df8a5f3b6"}, "downloadLocation":"https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", "mediaType":"application/vnd.in-toto.provenance+dsse", "name":"pdo_client_wawaka.slsa.intoto.jsonl"}}, {"attribute":"NonHermeticBuild", "evidence":{"digest":{"sha256":"e91566a34ef171ea6204d8776b2349d5a96e10833cb6905bb8bef7469a5a3348"}, "downloadLocation":"https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", "mediaType":"text/plain", "name":"strace.log"}}]}} +Index: 47431571 +IntegratedTime: 2023-11-03T23:39:36Z +UUID: 24296fb24b8ad77ab2803f68cbf3f73ef6d4c4a0dce5b13e0d86db9f9548fd77de522002a8a8c97c +Body: { + "IntotoObj": { + "content": { + "hash": { + "algorithm": "sha256", + "value": "82e1c9e17eb3d3e4176b1e7c14a866199cac81b4554987ab603c342a113d43b8" + }, + "payloadHash": { + "algorithm": "sha256", + "value": "fc500f2816b3b1711e4f3772fa0c8a03edfe449bb58761a7d1844fa3bb1a65ed" + } + }, + "publicKey": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUgzekNDQjJTZ0F3SUJBZ0lVUmV6K01WTTZVQXJwYmRGYW0rOWhRb1NBWmM0d0NnWUlLb1pJemowRUF3TXcKTnpFVk1CTUdBMVVFQ2hNTWMybG5jM1J2Y21VdVpHVjJNUjR3SEFZRFZRUURFeFZ6YVdkemRHOXlaUzFwYm5SbApjbTFsWkdsaGRHVXdIaGNOTWpNeE1UQXpNak16T1RNMldoY05Nak14TVRBek1qTTBPVE0yV2pBQU1Ga3dFd1lICktvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVvbHlEeWF5Zjd6d2QyS2xXNVpCdDFOYkRGSjRnVFFRUkd2MnAKUWwreldGL3VQakhrMk1MOXhJOGVCcVA1VDRYN3F6NDBqTURRU0ErR3crQjY0QnN3U3FPQ0JvTXdnZ1ovTUE0RwpBMVVkRHdFQi93UUVBd0lIZ0RBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREF6QWRCZ05WSFE0RUZnUVVuR0RxCmdxNWgranlCNGdHTnZHeDRVc2lYeU44d0h3WURWUjBqQkJnd0ZvQVUzOVBwejFZa0VaYjVxTmpwS0ZXaXhpNFkKWkQ4d2daY0dBMVVkRVFFQi93U0JqRENCaVlhQmhtaDBkSEJ6T2k4dloybDBhSFZpTG1OdmJTOXRZWEpqWld4aApiV1ZzWVhKaEwzQnlhWFpoZEdVdFpHRjBZUzF2WW1wbFkzUnpMeTVuYVhSb2RXSXZkMjl5YTJac2IzZHpMMmx1CmRHOTBieTFyWTJOdVkyNWhNakF5TXkxa1pXMXZMbmx0YkVCeVpXWnpMMmhsWVdSekwybHVkRzkwYnkxclkyTnUKWTI1aE1qQXlNeTFrWlcxdk1Ea0dDaXNHQVFRQmc3OHdBUUVFSzJoMGRIQnpPaTh2ZEc5clpXNHVZV04wYVc5dQpjeTVuYVhSb2RXSjFjMlZ5WTI5dWRHVnVkQzVqYjIwd0VnWUtLd1lCQkFHRHZ6QUJBZ1FFY0hWemFEQTJCZ29yCkJnRUVBWU8vTUFFREJDZzBaVEEzWVdaaVlqTTNaVEkwWkRVeU9EUmpNakUyTTJZek5qQXpaRE0zTkdFd09USTIKT0Rrd01Fd0dDaXNHQVFRQmc3OHdBUVFFUGxCeWFYWmhkR1VnUkdGMFlTQlBZbXBsWTNSeklDaFFSRThwSUdKMQphV3hrSUhkcGRHZ2dVMWNnYzNWd2NHeDVJR05vWVdsdUlHMWxkR0ZrWVhSaE1EQUdDaXNHQVFRQmc3OHdBUVVFCkltMWhjbU5sYkdGdFpXeGhjbUV2Y0hKcGRtRjBaUzFrWVhSaExXOWlhbVZqZEhNd01BWUtLd1lCQkFHRHZ6QUIKQmdRaWNtVm1jeTlvWldGa2N5OXBiblJ2ZEc4dGEyTmpibU51WVRJd01qTXRaR1Z0YnpBN0Jnb3JCZ0VFQVlPLwpNQUVJQkMwTUsyaDBkSEJ6T2k4dmRHOXJaVzR1WVdOMGFXOXVjeTVuYVhSb2RXSjFjMlZ5WTI5dWRHVnVkQzVqCmIyMHdnWmdHQ2lzR0FRUUJnNzh3QVFrRWdZa01nWVpvZEhSd2N6b3ZMMmRwZEdoMVlpNWpiMjB2YldGeVkyVnMKWVcxbGJHRnlZUzl3Y21sMllYUmxMV1JoZEdFdGIySnFaV04wY3k4dVoybDBhSFZpTDNkdmNtdG1iRzkzY3k5cApiblJ2ZEc4dGEyTmpibU51WVRJd01qTXRaR1Z0Ynk1NWJXeEFjbVZtY3k5b1pXRmtjeTlwYm5SdmRHOHRhMk5qCmJtTnVZVEl3TWpNdFpHVnRiekE0QmdvckJnRUVBWU8vTUFFS0JDb01LRFJsTURkaFptSmlNemRsTWpSa05USTQKTkdNeU1UWXpaak0yTUROa016YzBZVEE1TWpZNE9UQXdIUVlLS3dZQkJBR0R2ekFCQ3dRUERBMW5hWFJvZFdJdAphRzl6ZEdWa01FVUdDaXNHQVFRQmc3OHdBUXdFTnd3MWFIUjBjSE02THk5bmFYUm9kV0l1WTI5dEwyMWhjbU5sCmJHRnRaV3hoY21FdmNISnBkbUYwWlMxa1lYUmhMVzlpYW1WamRITXdPQVlLS3dZQkJBR0R2ekFCRFFRcURDZzAKWlRBM1lXWmlZak0zWlRJMFpEVXlPRFJqTWpFMk0yWXpOakF6WkRNM05HRXdPVEkyT0Rrd01ESUdDaXNHQVFRQgpnNzh3QVE0RUpBd2ljbVZtY3k5b1pXRmtjeTlwYm5SdmRHOHRhMk5qYm1OdVlUSXdNak10WkdWdGJ6QVpCZ29yCkJnRUVBWU8vTUFFUEJBc01DVEl6TmpVNU1qa3dPREF3QmdvckJnRUVBWU8vTUFFUUJDSU1JR2gwZEhCek9pOHYKWjJsMGFIVmlMbU52YlM5dFlYSmpaV3hoYldWc1lYSmhNQmdHQ2lzR0FRUUJnNzh3QVJFRUNnd0lPVE0zT1RjNApPVGd3Z1pnR0Npc0dBUVFCZzc4d0FSSUVnWWtNZ1lab2RIUndjem92TDJkcGRHaDFZaTVqYjIwdmJXRnlZMlZzCllXMWxiR0Z5WVM5d2NtbDJZWFJsTFdSaGRHRXRiMkpxWldOMGN5OHVaMmwwYUhWaUwzZHZjbXRtYkc5M2N5OXAKYm5SdmRHOHRhMk5qYm1OdVlUSXdNak10WkdWdGJ5NTViV3hBY21WbWN5OW9aV0ZrY3k5cGJuUnZkRzh0YTJOagpibU51WVRJd01qTXRaR1Z0YnpBNEJnb3JCZ0VFQVlPL01BRVRCQ29NS0RSbE1EZGhabUppTXpkbE1qUmtOVEk0Ck5HTXlNVFl6WmpNMk1ETmtNemMwWVRBNU1qWTRPVEF3RkFZS0t3WUJCQUdEdnpBQkZBUUdEQVJ3ZFhOb01HZ0cKQ2lzR0FRUUJnNzh3QVJVRVdneFlhSFIwY0hNNkx5OW5hWFJvZFdJdVkyOXRMMjFoY21ObGJHRnRaV3hoY21FdgpjSEpwZG1GMFpTMWtZWFJoTFc5aWFtVmpkSE12WVdOMGFXOXVjeTl5ZFc1ekx6WTNOREF4T0RVeE9Ea3ZZWFIwClpXMXdkSE12TWpBV0Jnb3JCZ0VFQVlPL01BRVdCQWdNQm5CMVlteHBZekNCaWdZS0t3WUJCQUhXZVFJRUFnUjgKQkhvQWVBQjJBTjA5TUdyR3h4RXlZeGtlSEpsbk53S2lTbDY0M2p5dC80ZUtjb0F2S2U2T0FBQUJpNWVPYjRnQQpBQVFEQUVjd1JRSWdLRkdGRDYzQUVNWWJaUnlUcmhCclFBd2UrK3BXMGRGLzFPSnhFUkVraUZRQ0lRQ1RnNHo4CmxKOU05N2d3eEhDTXFWYVlBSFlwcy9yY2FqemxBQnh4NFNwdGNEQUtCZ2dxaGtqT1BRUURBd05wQURCbUFqRUEKb3k1Z2JXY1pxQmtRNXBDSzZTNGQxaDRZZ3NUdER5Sk52RkhzNWRhMHF3enU2N0Q5bURTZ21PUFBabElCc0xJKwpBakVBdkp4RXMrY2I2VDR4OSs5ajBaOEg4bjM5ekVQa0VsOFZncHE2a2NOUWJRUDAvcXd3SnFla09Wb1ZaYytqCk1OUUcKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" + } +} + diff --git a/kccncna2023-demo/verification-flow.sh b/kccncna2023-demo/verification-flow.sh new file mode 100755 index 0000000..7e10ec0 --- /dev/null +++ b/kccncna2023-demo/verification-flow.sh @@ -0,0 +1,19 @@ +printf "in-toto KubeCon + CloudNativeCon NA 2023 demo (verification flow only)\n\n" + +# From: https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189/job/18354917647 +SLSA_UUID="24296fb24b8ad77ac67df9169ecdd6759b6894daeeafeb95e5398ad34e50418a1e94c6ae9cf7e7d0" + +# From: https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189/job/18354917925 +SCAI_UUID="24296fb24b8ad77ab2803f68cbf3f73ef6d4c4a0dce5b13e0d86db9f9548fd77de522002a8a8c97c" + +printf "Retrieving transparency log entries from Rekor\n\n" +rekor-cli get --uuid $SLSA_UUID > tlog-entries/pdo_client_wawaka.provenance.json +rekor-cli get --uuid $SCAI_UUID > tlog-entries/pdo_client_wawaka.scai.json + +printf "Obtaining public keys Rekor log entries\n\n" +scai-gen rekor tlog-entries/pdo_client_wawaka.provenance.json > functionaries/slsa.cert.pem +#scai-gen rekor tlog-entries/pdo_client_wawaka.scai.json > functionaries/scai.cert.pem + +printf "Obtaining functionary info\n\n" +in-toto-golang key layout functionaries/slsa.cert.pem > functionaries/slsa.func +#in-toto-golang key layout functionaries/scai.cert.pem > functionaries/scai.func diff --git a/scai-gen/cmd/rekor.go b/scai-gen/cmd/rekor.go new file mode 100644 index 0000000..452347f --- /dev/null +++ b/scai-gen/cmd/rekor.go @@ -0,0 +1,59 @@ +// adapted from https://github.com/slsa-framework/slsa-github-generator/blob/main/signing/sigstore/fulcio.go +// and https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/generic/attest.go +package cmd + +import ( + "bufio" + "encoding/base64" + "fmt" + "os" + "strings" + + "github.com/spf13/cobra" +) + +var rekorCmd = &cobra.Command{ + Use: "rekor", + Args: cobra.ExactArgs(1), + Short: "Parses a Rekor log entry to extract info needed to verify signed in-toto Attestations", + RunE: parseRekorEntry, +} + +func parseRekorEntry(cmd *cobra.Command, args []string) error { + fmt.Println("EXPERIMENTAL FEATURE. DO NOT USE IN PRODUCTION.") + + entryFile := args[0] + readFile, err := os.Open(entryFile) + if err != nil { + return fmt.Errorf("error reading file: %w", err) + } + + fileScanner := bufio.NewScanner(readFile) + fileScanner.Split(bufio.ScanLines) + var fileLines [][]byte + + for fileScanner.Scan() { + fileLines = append(fileLines, fileScanner.Bytes()) + } + + readFile.Close() + + for _, line := range fileLines { + lineStr := string(line) + if strings.Contains(lineStr, "publicKey") { + pkB64Raw := strings.TrimPrefix(lineStr, " \"publicKey\": ") + pkB64 := strings.Trim(pkB64Raw, "\"") + + pkPem, err := base64.StdEncoding.DecodeString(pkB64) + if err != nil { + return fmt.Errorf("error decoding base64-encoded public key: %w", err) + } + + // lazy + fmt.Println(string(pkPem)) + return nil + } + } + + return nil +} diff --git a/scai-gen/cmd/root.go b/scai-gen/cmd/root.go index f606a75..bc04bd4 100644 --- a/scai-gen/cmd/root.go +++ b/scai-gen/cmd/root.go @@ -23,6 +23,7 @@ func init() { rootCmd.AddCommand(reportCmd) rootCmd.AddCommand(checkCmd) rootCmd.AddCommand(sigstoreCmd) + rootCmd.AddCommand(rekorCmd) } // Execute adds all child commands to the root command and sets flags appropriately. From 9e89fcdcca5b550b878326c867a2a845ea7d0109 Mon Sep 17 00:00:00 2001 From: Marcela Melara Date: Thu, 28 Dec 2023 14:00:58 -0800 Subject: [PATCH 2/3] Final demo setup Signed-off-by: Marcela Melara --- .github/workflows/test-e2e-flow.yml | 2 +- go.mod | 4 +- go.sum | 72 +++++++++++++++++++ kccncna2023-demo/README.md | 18 ++++- .../attestations/build.452e628a.json | 1 + .../attestations/build.e060fc8d.json | 1 - .../evidence-collection.1f575092.json | 1 + .../evidence-collection.keyid.json | 1 - .../evidence-collection.scai.json | 50 ------------- .../evidence-files/build.452e628a.json | 1 + kccncna2023-demo/policies/has-slsa.yml | 6 ++ kccncna2023-demo/policies/layout.yml | 48 +++++++++++++ .../pdo_client_wawaka.provenance.json | 21 ------ .../tlog-entries/pdo_client_wawaka.scai.json | 21 ------ kccncna2023-demo/verification-flow.sh | 21 ++---- scai-gen/cmd/rekor.go | 24 +++++-- 16 files changed, 175 insertions(+), 117 deletions(-) create mode 100644 kccncna2023-demo/attestations/build.452e628a.json delete mode 100644 kccncna2023-demo/attestations/build.e060fc8d.json create mode 100644 kccncna2023-demo/attestations/evidence-collection.1f575092.json delete mode 100644 kccncna2023-demo/attestations/evidence-collection.keyid.json delete mode 100644 kccncna2023-demo/attestations/evidence-collection.scai.json create mode 100644 kccncna2023-demo/evidence-files/build.452e628a.json create mode 100644 kccncna2023-demo/policies/has-slsa.yml create mode 100644 kccncna2023-demo/policies/layout.yml delete mode 100644 kccncna2023-demo/tlog-entries/pdo_client_wawaka.provenance.json delete mode 100644 kccncna2023-demo/tlog-entries/pdo_client_wawaka.scai.json diff --git a/.github/workflows/test-e2e-flow.yml b/.github/workflows/test-e2e-flow.yml index bd7e0da..3f2f2a2 100644 --- a/.github/workflows/test-e2e-flow.yml +++ b/.github/workflows/test-e2e-flow.yml @@ -18,7 +18,7 @@ jobs: - name: Install Go uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 with: - go-version: 1.20.x + go-version: 1.21.x - name: Checkout updated scai-gen CLI tools uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 diff --git a/go.mod b/go.mod index 6dc64ef..fc4dc10 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,8 @@ module github.com/in-toto/scai-demos -go 1.20 +go 1.21 + +toolchain go1.21.5 require ( github.com/google/cel-go v0.18.2 diff --git a/go.sum b/go.sum index 9333fcb..aec4f51 100644 --- a/go.sum +++ b/go.sum @@ -31,7 +31,9 @@ cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2Aawl cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/iam v1.1.5 h1:1jTsCu4bcsNsE4iiqNT5SHwrDRCfRmIaaaVFhRveTJI= +cloud.google.com/go/iam v1.1.5/go.mod h1:rB6P/Ic3mykPbFio+vo7403drjlgvoWfYpJhMXEbzv8= cloud.google.com/go/kms v1.15.5 h1:pj1sRfut2eRbD9pFRjNnPNg/CzJPuQAzUujMIM1vVeM= +cloud.google.com/go/kms v1.15.5/go.mod h1:cU2H5jnp6G2TDpUGZyqTCoy1n16fbubHZjmVXSMtwDI= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= @@ -46,15 +48,21 @@ dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7 filippo.io/edwards25519 v1.0.0 h1:0wAIcmJUqRdI8IJ/3eGi5/HwXZWPujYXXlkrQogz0Ek= filippo.io/edwards25519 v1.0.0/go.mod h1:N1IkdkCkiLB6tki+MYJoSx2JTY9NUlxZE7eHn5EwJns= github.com/AdamKorcz/go-fuzz-headers-1 v0.0.0-20230618160516-e936619f9f18 h1:rd389Q26LMy03gG4anandGFC2LW/xvjga5GezeeaxQk= +github.com/AdamKorcz/go-fuzz-headers-1 v0.0.0-20230618160516-e936619f9f18/go.mod h1:fgJuSBrJP5qZtKqaMJE0hmhS2tmRH+44IkfZvjtaf1M= github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0 h1:8+4G8JaejP8Xa6W46PzJEwisNgBXMvFcz78N6zG/ARw= github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0/go.mod h1:GgeIE+1be8Ivm7Sh4RgwI42aTtC9qrcj+Y9Y6CjJhJs= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 h1:fb8kj/Dh4CSwgsOzHeZY4Xh68cFVbzXx+ONXGMY//4w= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0/go.mod h1:uReU2sSxZExRPBAg3qKzmAucSi51+SP1OhohieR821Q= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 h1:d81/ng9rET2YqdVkVwkb6EXeRrLJIwyGnJcAlAWKwhs= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1 h1:MyVTgWR8qd/Jw1Le0NZebGBUCLbtak3bJ3z1OlqZBpw= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1/go.mod h1:GpPjLhVR9dnUoJMyHWSPy71xY9/lcmpzIPZXmF0FCVY= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0 h1:D3occbWoio4EBLkbkevetNMAVX197GkzbUMtqjGWn80= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0/go.mod h1:bTSOgj05NGRuHHhQwAdPnYr9TOdNmKlZTgGLL6nyAdI= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= @@ -79,6 +87,7 @@ github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZ github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.0 h1:hVeq+yCyUi+MsoO/CU95yqCIcdzra5ovzk8Q2BBpV2M= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.0/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= @@ -88,6 +97,7 @@ github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c/go.mod h1:EjA github.com/ThalesIgnite/crypto11 v1.2.5 h1:1IiIIEqYmBvUYFeMnHqRft4bwf/O36jryEUpY+9ef8E= github.com/ThalesIgnite/crypto11 v1.2.5/go.mod h1:ILDKtnCKiQ7zRoNxcp36Y1ZR8LBPmR2E23+wTQe/MlE= github.com/alessio/shellescape v1.4.1 h1:V7yhSDDn8LP4lc4jS8pFkt0zCnzVJlG5JXy9BVKJUX0= +github.com/alessio/shellescape v1.4.1/go.mod h1:PZAiSCk0LJaZkiCSkPv8qIobYglO3FPpyFjDCtHLS30= github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.2/go.mod h1:sCavSAvdzOjul4cEqeVtvlSaSScfNsTQ+46HwlTL1hc= github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4 h1:iC9YFYKDGEy3n/FtqJnOkZsene9olVspKmkX5A2YBEo= github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4/go.mod h1:sCavSAvdzOjul4cEqeVtvlSaSScfNsTQ+46HwlTL1hc= @@ -136,6 +146,7 @@ github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:W github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/aws/aws-sdk-go v1.48.11 h1:9YbiSbaF/jWi+qLRl+J5dEhr2mcbDYHmKg2V7RBcD5M= +github.com/aws/aws-sdk-go v1.48.11/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go-v2 v1.21.2/go.mod h1:ErQhvNuEMhJjweavOYhxVkn2RUx7kQXVATHrjKtxIpM= github.com/aws/aws-sdk-go-v2 v1.23.5 h1:xK6C4udTyDMd82RFvNkDQxtAd00xlzFUtX4fF2nMZyg= github.com/aws/aws-sdk-go-v2 v1.23.5/go.mod h1:t3szzKfP0NeRU27uBFczDivYJjsmSnqI8kIvKyWb9ds= @@ -162,6 +173,7 @@ github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.3/go.mod h1: github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.8 h1:EamsKe+ZjkOQjDdHd86/JCEucjFKQ9T0atWKO4s2Lgs= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.8/go.mod h1:Q0vV3/csTpbkfKLI5Sb56cJQTCTtJ0ixdb7P+Wedqiw= github.com/aws/aws-sdk-go-v2/service/kms v1.27.2 h1:I0NiSQiZu1UzP0akJWXSacjckEpYdN4VN7XYYfW6EYs= +github.com/aws/aws-sdk-go-v2/service/kms v1.27.2/go.mod h1:E2IzqbIZfYuYUgib2KxlaweBbkxHCb3ZIgnp85TjKic= github.com/aws/aws-sdk-go-v2/service/sso v1.18.2 h1:xJPydhNm0Hiqct5TVKEuHG7weC0+sOs4MUnd7A5n5F4= github.com/aws/aws-sdk-go-v2/service/sso v1.18.2/go.mod h1:zxk6y1X2KXThESWMS5CrKRvISD8mbIMab6nZrCGxDG0= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.2 h1:8dU9zqA77C5egbU6yd4hFLaiIdPv3rU+6cp7sz5FjCU= @@ -174,6 +186,7 @@ github.com/aws/smithy-go v1.18.1/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6 github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20231024185945-8841054dbdb8 h1:SoFYaT9UyGkR0+nogNyD/Lj+bsixB+SNuAS4ABlEs6M= github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20231024185945-8841054dbdb8/go.mod h1:2JF49jcDOrLStIXN/j/K1EKRq8a8R2qRnlZA6/o/c7c= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/buildkite/agent/v3 v3.59.0 h1:4+4gnl5DAgmDXs2JomzlVcYAiWJWkb6U9631Nh3wr0A= @@ -184,8 +197,10 @@ github.com/buildkite/interpolate v0.0.0-20200526001904-07f35b4ae251 h1:k6UDF1uPY github.com/buildkite/interpolate v0.0.0-20200526001904-07f35b4ae251/go.mod h1:gbPR1gPu9dB96mucYIR7T3B7p/78hRVSOuzIWLHK2Y4= github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/cenkalti/backoff/v3 v3.2.2 h1:cfUAAO3yvKMYKPrvhDuHSwQnhZNk/RMHKdZqKTxfm6M= +github.com/cenkalti/backoff/v3 v3.2.2/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589 h1:krfRl01rzPzxSxyLyrChD+U+MzsBXbm0OwYYB67uF+4= github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589/go.mod h1:OuDyvmLnMCwa2ep4Jkm6nyA0ocJuZlGyk2gGseVzERM= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -202,6 +217,7 @@ github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGX github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUoc7Ik9EfrFqcylYqgPZ9ANSbTAntnE= +github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb/go.mod h1:ZjrT6AXHbDs86ZSdt/osfBi5qfexBrKUdONk989Wnk4= github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be h1:J5BL2kskAlV9ckgEsNQXscjIaLiOYiZ75d4e94E6dcQ= github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be/go.mod h1:mk5IQ+Y0ZeO87b858TlA645sVcEcbiX6YqP98kt+7+w= github.com/containerd/stargz-snapshotter/estargz v0.14.3 h1:OqlDCK3ZVUO6C3B/5FSkDwbkEETK84kQgEeFwDC+62k= @@ -213,11 +229,13 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 h1:2Dx4IHfC1yHWI12AxQDJM1QbRCDfk6M+blLzlZCXdrc= github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= github.com/danieljoos/wincred v1.2.0 h1:ozqKHaLK0W/ii4KVbbvluM91W2H3Sh0BncbUNPS7jLE= +github.com/danieljoos/wincred v1.2.0/go.mod h1:FzQLLMKBFdvu+osBrnFODiv32YGwCfx0SkRa/eYHgec= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/depcheck-test/depcheck-test v0.0.0-20220607135614-199033aaa936 h1:foGzavPWwtoyBvjWyKJYDYsyzy+23iBV7NKTwdk+LRY= +github.com/depcheck-test/depcheck-test v0.0.0-20220607135614-199033aaa936/go.mod h1:ttKPnOepYt4LLzD+loXQ1rT6EmpyIYHro7TAJuIIlHo= github.com/digitorus/pkcs7 v0.0.0-20230713084857-e76b763bdc49/go.mod h1:SKVExuS+vpu2l9IoOc0RwqE7NYnb0JlcFHFnEJkVDzc= github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 h1:ge14PCmCvPjpMQMIAH7uKg0lrtNSOdpYsRXlwk3QbaE= github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352/go.mod h1:SKVExuS+vpu2l9IoOc0RwqE7NYnb0JlcFHFnEJkVDzc= @@ -242,7 +260,9 @@ github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5y github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY= +github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= @@ -295,10 +315,14 @@ github.com/go-openapi/validate v0.22.3/go.mod h1:kVxh31KbfsxU8ZyoHaDbLBWU5CnMdqB github.com/go-piv/piv-go v1.11.0 h1:5vAaCdRTFSIW4PeqMbnsDlUZ7odMYWnHBDGdmtU/Zhg= github.com/go-piv/piv-go v1.11.0/go.mod h1:NZ2zmjVkfFaL/CF8cVQ/pXdXtuj110zEKGdJM6fJZZM= github.com/go-rod/rod v0.114.5 h1:1x6oqnslwFVuXJbJifgxspJUd3O4ntaGhRLHt+4Er9c= +github.com/go-rod/rod v0.114.5/go.mod h1:aiedSEFg5DwG/fnNbUOTPMTTWX3MRj6vIs/a684Mthw= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg= +github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= +github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= @@ -306,6 +330,7 @@ github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzw github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE= +github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -387,11 +412,14 @@ github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20231023181126-ff6d637d2a7b h1:RMpPgZTSApbPf7xaVel+QkoGPRLFLrwFO89uDUHEGf0= +github.com/google/pprof v0.0.0-20231023181126-ff6d637d2a7b/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= github.com/google/tink/go v1.7.0 h1:6Eox8zONGebBFcCBqkVmt60LaWZa6xg1cl/DwAh/J1w= +github.com/google/tink/go v1.7.0/go.mod h1:GAUOd+QE3pgj9q8VKIGTCP33c/B7eb4NhxLcgTJZStM= github.com/google/trillian v1.5.3 h1:3ioA5p09qz+U9/t2riklZtaQdZclaStp0/eQNfewNRg= +github.com/google/trillian v1.5.3/go.mod h1:p4tcg7eBr7aT6DxrAoILpc3uXNfcuAvZSnQKonVg+Eo= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -402,27 +430,37 @@ github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksP github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas= +github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gopherjs/gopherjs v0.0.0-20200217142428-fce0ec30dd00/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= +github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 h1:UpiO20jno/eV1eVZcxqWnUohyKRe1g8FPV/xH1s/2qs= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU= +github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.1-vault-5 h1:kI3hhbbyzr4dldA8UdTb7ZlVVlI2DACdCfz31RPDgJM= github.com/hashicorp/hcl v1.0.1-vault-5/go.mod h1:XYhtn6ijBSAj6n4YqAaf7RBPS4I06AItNorpy+MoQNM= github.com/hashicorp/vault/api v1.10.0 h1:/US7sIjWN6Imp4o/Rj1Ce2Nr5bki/AXi9vAW3p2tOJQ= +github.com/hashicorp/vault/api v1.10.0/go.mod h1:jo5Y/ET+hNyz+JnKDt8XLAdKs+AM0G5W0Vp1IrFI8N8= github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef h1:A9HsByNhogrvm9cWb28sjiS3i7tcKCkflWFEkHfuAgM= +github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef/go.mod h1:lADxMC39cJJqL93Duh1xhAs4I2Zs8mKS89XWXFGp9cs= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= @@ -439,11 +477,13 @@ github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLf github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267 h1:TMtDYDHKYY15rFihtRfck/bfFqNfvcabqvXAFQfAUpY= github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267/go.mod h1:h1nSAbGFqGVzn6Jyl1R/iCcBUHN4g+gW1u9CoBTrb9E= github.com/jellydator/ttlcache/v3 v3.1.0 h1:0gPFG0IHHP6xyUyXq+JaD8fwkDCqgqwohXNJBcYE71g= +github.com/jellydator/ttlcache/v3 v3.1.0/go.mod h1:hi7MGFdMAwZna5n2tuvh63DvFLzVKySzCVW6+0gA2n4= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/jmhodges/clock v1.2.0 h1:eq4kys+NI0PLngzaHEe7AmPT90XMGIEySD1JfV1PDIs= +github.com/jmhodges/clock v1.2.0/go.mod h1:qKjhA7x7u/lQpPB1XAqX1b1lCI/w3/fNuYpI/ZjLynI= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= @@ -461,11 +501,13 @@ github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/letsencrypt/boulder v0.0.0-20231026200631-000cd05d5491 h1:WGrKdjHtWC67RX96eTkYD2f53NDHhrq/7robWTAfk4s= github.com/letsencrypt/boulder v0.0.0-20231026200631-000cd05d5491/go.mod h1:o158RFmdEbYyIZmXAbrvmJWesbyxlLKee6X64VPVuOc= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= @@ -476,9 +518,12 @@ github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/miekg/pkcs11 v1.0.3-0.20190429190417-a667d056470f/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU= github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= @@ -517,11 +562,13 @@ github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE= +github.com/onsi/ginkgo/v2 v2.9.4/go.mod h1:gCQYp2Q+kSoIj7ykSVb9nskRSsR6PUj4AiLywzIhbKM= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= +github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= @@ -533,21 +580,29 @@ github.com/pborman/uuid v1.2.1/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtP github.com/pelletier/go-toml/v2 v2.1.0 h1:FnwAJ4oYMvbT/34k9zzHuZNrhlz48GB3/s6at6/MHO4= github.com/pelletier/go-toml/v2 v2.1.0/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= +github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q= +github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= +github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= +github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/sagikazarmark/locafero v0.3.0 h1:zT7VEGWC2DTflmccN/5T1etyKvxSxpHsjb9cJvm4SvQ= github.com/sagikazarmark/locafero v0.3.0/go.mod h1:w+v7UsPNFwzF1cHuOajOOzoq4U7v/ig1mpRjqV+Bu1U= github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= @@ -555,6 +610,7 @@ github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWR github.com/sassoftware/relic v7.2.1+incompatible h1:Pwyh1F3I0r4clFJXkSI8bOyJINGqpgjJU3DYAZeI05A= github.com/sassoftware/relic v7.2.1+incompatible/go.mod h1:CWfAxv73/iLZ17rbyhIEq3K9hs5w6FpNMdUT//qR+zk= github.com/sassoftware/relic/v7 v7.6.1 h1:O5s8ewCgq5QYNpv45dK4u6IpBmDM9RIcsbf/G1uXepQ= +github.com/sassoftware/relic/v7 v7.6.1/go.mod h1:NxwtWxWxlUa9as2qZi635Ye6bBT/tGnMALLq7dSfOOU= github.com/secure-systems-lab/go-securesystemslib v0.8.0 h1:mr5An6X45Kb2nddcFlbmfHkLguCE9laoZCUzEEpIZXA= github.com/secure-systems-lab/go-securesystemslib v0.8.0/go.mod h1:UH2VZVuJfCYR8WgMlCU1uFsOUU+KeyrTWcSS73NBOzU= github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c= @@ -570,9 +626,13 @@ github.com/sigstore/rekor v1.3.4/go.mod h1:1GubPVO2yO+K0m0wt/3SHFqnilr/hWbsjSOe7 github.com/sigstore/sigstore v1.8.0 h1:sSRWXv1JiDsK4T2wNWVYcvKCgxcSrhQ/QUJxsfCO4OM= github.com/sigstore/sigstore v1.8.0/go.mod h1:l12B1gFlLIpBIVeqk/q1Lb+6YSOGNuN3xLExIjYH+qc= github.com/sigstore/sigstore/pkg/signature/kms/aws v1.7.6 h1:WzZExOcFanrFfCi7SUgkBtJicWnSNziBD9nSSQIrqhc= +github.com/sigstore/sigstore/pkg/signature/kms/aws v1.7.6/go.mod h1:3zOHOLHnCE6EXyVH+6Z/lC9O1RDsbmR045NQ1DogiHw= github.com/sigstore/sigstore/pkg/signature/kms/azure v1.7.6 h1:wsPt9kNXF1ZZyae2wO35NLsK+cjWqPGpuPaDdXzRe0g= +github.com/sigstore/sigstore/pkg/signature/kms/azure v1.7.6/go.mod h1:LH+ct6D77J8Ks6PXijMYYhmlQ1mbqKHbmy7+Sw5/Woc= github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.7.6 h1:aMVT9XXFQEnBtJ6szzanyAdKT5gFK4emN+jLSlFlOso= +github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.7.6/go.mod h1:Hwhlx8JSZJF1R27JlwW/Bl2h40reG3MfKANREtBI0L8= github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.7.6 h1:TdSHzcFtPJxbk4B+huWC6GDq7OpgHmLg18inRo9u70I= +github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.7.6/go.mod h1:/l/PzSbTOuIAtglOwUdlzzYvjIZ2WyaBpt5722JTmLY= github.com/sigstore/timestamp-authority v1.2.0 h1:Ffk10QsHxu6aLwySQ7WuaoWkD63QkmcKtozlEFot/VI= github.com/sigstore/timestamp-authority v1.2.0/go.mod h1:ojKaftH78Ovfow9DzuNl5WgTCEYSa4m5622UkKDHRXc= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= @@ -582,6 +642,7 @@ github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966/go.mod h1:s github.com/slsa-framework/slsa-github-generator v1.9.0 h1:bd0U773vhgq6grDqTKrY1ljQd7qpzZBKZHTYpWzwdRQ= github.com/slsa-framework/slsa-github-generator v1.9.0/go.mod h1:OlSBWGPJKiCF+UJDnp+RYVpCLMd7AsSvaMi/JBJUwyo= github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262 h1:unQFBIznI+VYD1/1fApl1A+9VcBk+9dcqGfnePY87LY= +github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262/go.mod h1:MyOHs9Po2fbM1LHej6sBUT8ozbxmMOFG+E+rx/GSGuc= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/assertions v1.1.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= @@ -645,10 +706,15 @@ github.com/xdg-go/stringprep v1.0.3/go.mod h1:W3f5j4i+9rC0kuIEJL0ky1VpHXQU3ocBgk github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/ysmood/fetchup v0.2.3 h1:ulX+SonA0Vma5zUFXtv52Kzip/xe7aj4vqT5AJwQ+ZQ= +github.com/ysmood/fetchup v0.2.3/go.mod h1:xhibcRKziSvol0H1/pj33dnKrYyI2ebIvz5cOOkYGns= github.com/ysmood/goob v0.4.0 h1:HsxXhyLBeGzWXnqVKtmT9qM7EuVs/XOgkX7T6r1o1AQ= +github.com/ysmood/goob v0.4.0/go.mod h1:u6yx7ZhS4Exf2MwciFr6nIM8knHQIE22lFpWHnfql18= github.com/ysmood/got v0.34.1 h1:IrV2uWLs45VXNvZqhJ6g2nIhY+pgIG1CUoOcqfXFl1s= +github.com/ysmood/got v0.34.1/go.mod h1:yddyjq/PmAf08RMLSwDjPyCvHvYed+WjHnQxpH851LM= github.com/ysmood/gson v0.7.3 h1:QFkWbTH8MxyUTKPkVWAENJhxqdBa4lYTQWqZCiLG6kE= +github.com/ysmood/gson v0.7.3/go.mod h1:3Kzs5zDl21g5F/BlLTNcuAGAYLKt2lV5G8D1zF3RNmg= github.com/ysmood/leakless v0.8.0 h1:BzLrVoiwxikpgEQR0Lk8NyBN5Cit2b1z+u0mgL4ZJak= +github.com/ysmood/leakless v0.8.0/go.mod h1:R8iAXPRaG97QJwqxs74RdwzcRHT1SWCGTNqY8q0JvMQ= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.30/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -656,6 +722,7 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zalando/go-keyring v0.2.2 h1:f0xmpYiSrHtSNAVgwip93Cg8tuF45HJM6rHq/A5RI/4= +github.com/zalando/go-keyring v0.2.2/go.mod h1:sI3evg9Wvpw3+n4SqplGSJUMwtDeROfD4nsFz4z9PG0= github.com/zeebo/errs v1.3.0 h1:hmiaKqgYZzcVgRL1Vkc1Mn2914BbzB0IBxs+ebeutGs= github.com/zeebo/errs v1.3.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4= go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= @@ -674,11 +741,13 @@ go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znn go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4= go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM= go.opentelemetry.io/otel/sdk v1.21.0 h1:FTt8qirL1EysG6sTQRZ5TokkU8d0ugCj8htOgThZXQ8= +go.opentelemetry.io/otel/sdk v1.21.0/go.mod h1:Nna6Yv7PWTdgJHVRD9hIYywQBRx7pbox6nwBnZIxl/E= go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc= go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= go.step.sm/crypto v0.38.0 h1:kRVtzOjplP5xDh9UlenXdDAtXWCfVL6GevZgpiom1Zg= go.step.sm/crypto v0.38.0/go.mod h1:0Cv9UB8sHqnsLO14FhboDE/OIN993c3G0ImOafTS2AI= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= @@ -1028,6 +1097,7 @@ google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 h1:wpZ8pe2x1Q3f2KyT5f8oP/fa9rHAKgFPr/HZdNuS+PQ= +google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:J7XzRzVy1+IPwWHZUzoD0IccYZIrXILAQpc+Qy9CMhY= google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 h1:JpwMPBpFN3uKhdaekDpiNlImDdkUAyiJ6ez/uxGaUSo= google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:0xJLfVdJqpAPl8tDg1ujOCGzx6LFLttXT5NhllGOXY4= google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f h1:ultW7fxlIvee4HYrtnaRPon9HpEgFk5zYpmfMgtKB5I= @@ -1094,6 +1164,7 @@ gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= +gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -1125,3 +1196,4 @@ sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77Vzej sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= software.sslmate.com/src/go-pkcs12 v0.2.0 h1:nlFkj7bTysH6VkC4fGphtjXRbezREPgrHuJG20hBGPE= +software.sslmate.com/src/go-pkcs12 v0.2.0/go.mod h1:23rNcYsMabIc1otwLpTkCCPwUq6kQsTyowttG/as0kQ= diff --git a/kccncna2023-demo/README.md b/kccncna2023-demo/README.md index 8eaaed1..30237ad 100644 --- a/kccncna2023-demo/README.md +++ b/kccncna2023-demo/README.md @@ -25,6 +25,17 @@ the build These two attestations are signed using cosign OIDC-based keyless signing, and uploaded to the public Rekor log. +### Verified Policies + +This demo verifies the following policies using the generated attestations: + +* [in-toto Layout] checks that the expected attestations were generated for each step +of the demo workflow. +* [SCAI policy] checks the attested attributes against the evidence indicated in the +SCAI Attribute Report. + +This verification flow is implemented in the [verification-flow.sh] script. + ### Additional Tools This demo makes use of the following additional tools: @@ -37,9 +48,12 @@ This demo makes use of the following additional tools: [Anchore SBOM generator]: https://github.com/anchore/sbom-action [attestation-verifier]: https://github.com/in-toto/attestation-verifier [demo workflow]: https://github.com/marcelamelara/private-data-objects/blob/intoto-kccncna2023-demo/.github/workflows/intoto-kccncna2023-demo.yml +[in-toto Layout]: ./policies/layout.yml [in-toto Maintainer Track talk]: https://kccncna2023.sched.com/event/1R2mx [SLSA generic Provenance generator]: https://github.com/slsa-framework/slsa-github-generator -[SLSA Provenance]: https://github.com/in-toto/attestation/blob/main/spec/predicates/provenance.md -[SCAI Attribute Report]: https://github.com/in-toto/attestation/blob/main/spec/predicates/scai.md +[SLSA Provenance]: https://github.com/in-toto/attestation/blob/v1.0.1/spec/predicates/provenance.md +[SCAI Attribute Report]: https://github.com/in-toto/attestation/v1.0.1/main/spec/predicates/scai.md +[SCAI policy]: ./policies/has-slsa.yml [scai-gen GitHub Actions]: https://github.com/in-toto/scai-demos/tree/main/.github/actions [strace]: https://strace.io/ +[verification-flow.sh]: ./verification-flow.sh diff --git a/kccncna2023-demo/attestations/build.452e628a.json b/kccncna2023-demo/attestations/build.452e628a.json new file mode 100644 index 0000000..5eaa780 --- /dev/null +++ b/kccncna2023-demo/attestations/build.452e628a.json @@ -0,0 +1 @@ +{"payloadType":"application/vnd.in-toto+json","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjAuMSIsInByZWRpY2F0ZVR5cGUiOiJodHRwczovL3Nsc2EuZGV2L3Byb3ZlbmFuY2UvdjAuMiIsInN1YmplY3QiOlt7Im5hbWUiOiJwZG9fY2xpZW50X3dhd2FrYSIsImRpZ2VzdCI6eyJzaGEyNTYiOiI5ZmI3ZWY1NTIyOThmOGZiYWQ4NDYwNGQwNjEwMGU3NjBiN2I4YzRjYjRkNmM0YjcyNzg2NWYxZjI4NWQwNmFjIn19XSwicHJlZGljYXRlIjp7ImJ1aWxkZXIiOnsiaWQiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Nsc2EzLnltbEByZWZzL3RhZ3MvdjEuNy4wIn0sImJ1aWxkVHlwZSI6Imh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvZ2VuZXJpY0B2MSIsImludm9jYXRpb24iOnsiY29uZmlnU291cmNlIjp7InVyaSI6ImdpdCtodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0c0ByZWZzL2hlYWRzL2dlbmVyYXRlLXN3c2MtYnVpbGQtbWV0YWRhdGEiLCJkaWdlc3QiOnsic2hhMSI6Ijg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUifSwiZW50cnlQb2ludCI6Ii5naXRodWIvd29ya2Zsb3dzL2NpLXN3c2MueWFtbCJ9LCJwYXJhbWV0ZXJzIjp7fSwiZW52aXJvbm1lbnQiOnsiZ2l0aHViX2FjdG9yIjoibWFyY2VsYW1lbGFyYSIsImdpdGh1Yl9hY3Rvcl9pZCI6IjkzNzk3ODk4IiwiZ2l0aHViX2Jhc2VfcmVmIjoiIiwiZ2l0aHViX2V2ZW50X25hbWUiOiJwdXNoIiwiZ2l0aHViX2V2ZW50X3BheWxvYWQiOnsiYWZ0ZXIiOiI4N2I3NDM3OGU4YzljY2YzMzVhMjdmZmNkYzE2NjM2OTkwMjU0ZTFlIiwiYmFzZV9yZWYiOm51bGwsImJlZm9yZSI6Ijg5ZWE1M2I4ODM1NzNjNjI5NWQ4ZWU2M2VkN2FhMWUwZDE0Yzc4ZTEiLCJjb21taXRzIjpbeyJhdXRob3IiOnsiZW1haWwiOiJtYXJjZWxhLm1lbGFyYUBpbnRlbC5jb20iLCJuYW1lIjoiTWFyY2VsYSBNZWxhcmEiLCJ1c2VybmFtZSI6Im1hcmNlbGFtZWxhcmEifSwiY29tbWl0dGVyIjp7ImVtYWlsIjoibWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tIiwibmFtZSI6Ik1hcmNlbGEgTWVsYXJhIiwidXNlcm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sImRpc3RpbmN0Ijp0cnVlLCJpZCI6Ijg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUiLCJtZXNzYWdlIjoiTWVyZ2Ugc3dzYyBtZXRhZGF0YSB3b3JrZmxvd3NcblxuU2lnbmVkLW9mZi1ieTogTWFyY2VsYSBNZWxhcmEgXHUwMDNjbWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tXHUwMDNlIiwidGltZXN0YW1wIjoiMjAyMy0wOC0yM1QxNjo1NToyMC0wNzowMCIsInRyZWVfaWQiOiIzNDY5OWE1NTQyMTBmZjkzZmM4NjBmNzBlNGExODNlNjY0YjM3MjVlIiwidXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29tbWl0Lzg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUifV0sImNvbXBhcmUiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9jb21wYXJlLzg5ZWE1M2I4ODM1Ny4uLjg3Yjc0Mzc4ZThjOSIsImNyZWF0ZWQiOmZhbHNlLCJkZWxldGVkIjpmYWxzZSwiZm9yY2VkIjpmYWxzZSwiaGVhZF9jb21taXQiOnsiYXV0aG9yIjp7ImVtYWlsIjoibWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tIiwibmFtZSI6Ik1hcmNlbGEgTWVsYXJhIiwidXNlcm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sImNvbW1pdHRlciI6eyJlbWFpbCI6Im1hcmNlbGEubWVsYXJhQGludGVsLmNvbSIsIm5hbWUiOiJNYXJjZWxhIE1lbGFyYSIsInVzZXJuYW1lIjoibWFyY2VsYW1lbGFyYSJ9LCJkaXN0aW5jdCI6dHJ1ZSwiaWQiOiI4N2I3NDM3OGU4YzljY2YzMzVhMjdmZmNkYzE2NjM2OTkwMjU0ZTFlIiwibWVzc2FnZSI6Ik1lcmdlIHN3c2MgbWV0YWRhdGEgd29ya2Zsb3dzXG5cblNpZ25lZC1vZmYtYnk6IE1hcmNlbGEgTWVsYXJhIFx1MDAzY21hcmNlbGEubWVsYXJhQGludGVsLmNvbVx1MDAzZSIsInRpbWVzdGFtcCI6IjIwMjMtMDgtMjNUMTY6NTU6MjAtMDc6MDAiLCJ0cmVlX2lkIjoiMzQ2OTlhNTU0MjEwZmY5M2ZjODYwZjcwZTRhMTgzZTY2NGIzNzI1ZSIsInVybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbW1pdC84N2I3NDM3OGU4YzljY2YzMzVhMjdmZmNkYzE2NjM2OTkwMjU0ZTFlIn0sInB1c2hlciI6eyJlbWFpbCI6Im1hcmNlbGEubWVsYXJhQGludGVsLmNvbSIsIm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sInJlZiI6InJlZnMvaGVhZHMvZ2VuZXJhdGUtc3dzYy1idWlsZC1tZXRhZGF0YSIsInJlcG9zaXRvcnkiOnsiYWxsb3dfZm9ya2luZyI6dHJ1ZSwiYXJjaGl2ZV91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMve2FyY2hpdmVfZm9ybWF0fXsvcmVmfSIsImFyY2hpdmVkIjpmYWxzZSwiYXNzaWduZWVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9hc3NpZ25lZXN7L3VzZXJ9IiwiYmxvYnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2dpdC9ibG9ic3svc2hhfSIsImJyYW5jaGVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9icmFuY2hlc3svYnJhbmNofSIsImNsb25lX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzLmdpdCIsImNvbGxhYm9yYXRvcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbGxhYm9yYXRvcnN7L2NvbGxhYm9yYXRvcn0iLCJjb21tZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29tbWVudHN7L251bWJlcn0iLCJjb21taXRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9jb21taXRzey9zaGF9IiwiY29tcGFyZV91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29tcGFyZS97YmFzZX0uLi57aGVhZH0iLCJjb250ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29udGVudHMveytwYXRofSIsImNvbnRyaWJ1dG9yc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29udHJpYnV0b3JzIiwiY3JlYXRlZF9hdCI6MTU4MDE1ODUzNCwiZGVmYXVsdF9icmFuY2giOiJtYWluIiwiZGVwbG95bWVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2RlcGxveW1lbnRzIiwiZGVzY3JpcHRpb24iOiJUaGUgUHJpdmF0ZSBEYXRhIE9iamVjdHMgbGFiIHByb3ZpZGVzIHRlY2hub2xvZ3kgZm9yIGNvbmZpZGVudGlhbGl0eS1wcmVzZXJ2aW5nLCBvZmYtY2hhaW4gc21hcnQgY29udHJhY3RzLiIsImRpc2FibGVkIjpmYWxzZSwiZG93bmxvYWRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9kb3dubG9hZHMiLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2V2ZW50cyIsImZvcmsiOnRydWUsImZvcmtzIjoxLCJmb3Jrc19jb3VudCI6MSwiZm9ya3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2ZvcmtzIiwiZnVsbF9uYW1lIjoibWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cyIsImdpdF9jb21taXRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvY29tbWl0c3svc2hhfSIsImdpdF9yZWZzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvcmVmc3svc2hhfSIsImdpdF90YWdzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvdGFnc3svc2hhfSIsImdpdF91cmwiOiJnaXQ6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMuZ2l0IiwiaGFzX2Rpc2N1c3Npb25zIjpmYWxzZSwiaGFzX2Rvd25sb2FkcyI6dHJ1ZSwiaGFzX2lzc3VlcyI6ZmFsc2UsImhhc19wYWdlcyI6ZmFsc2UsImhhc19wcm9qZWN0cyI6dHJ1ZSwiaGFzX3dpa2kiOnRydWUsImhvbWVwYWdlIjpudWxsLCJob29rc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvaG9va3MiLCJodG1sX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzIiwiaWQiOjIzNjU5MjkwOCwiaXNfdGVtcGxhdGUiOmZhbHNlLCJpc3N1ZV9jb21tZW50X3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9pc3N1ZXMvY29tbWVudHN7L251bWJlcn0iLCJpc3N1ZV9ldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2lzc3Vlcy9ldmVudHN7L251bWJlcn0iLCJpc3N1ZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2lzc3Vlc3svbnVtYmVyfSIsImtleXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2tleXN7L2tleV9pZH0iLCJsYWJlbHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2xhYmVsc3svbmFtZX0iLCJsYW5ndWFnZSI6IkMrKyIsImxhbmd1YWdlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvbGFuZ3VhZ2VzIiwibGljZW5zZSI6eyJrZXkiOiJhcGFjaGUtMi4wIiwibmFtZSI6IkFwYWNoZSBMaWNlbnNlIDIuMCIsIm5vZGVfaWQiOiJNRGM2VEdsalpXNXpaVEk9Iiwic3BkeF9pZCI6IkFwYWNoZS0yLjAiLCJ1cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL2xpY2Vuc2VzL2FwYWNoZS0yLjAifSwibWFzdGVyX2JyYW5jaCI6Im1haW4iLCJtZXJnZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL21lcmdlcyIsIm1pbGVzdG9uZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL21pbGVzdG9uZXN7L251bWJlcn0iLCJtaXJyb3JfdXJsIjpudWxsLCJuYW1lIjoicHJpdmF0ZS1kYXRhLW9iamVjdHMiLCJub2RlX2lkIjoiTURFd09sSmxjRzl6YVhSdmNua3lNelkxT1RJNU1EZz0iLCJub3RpZmljYXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9ub3RpZmljYXRpb25zez9zaW5jZSxhbGwscGFydGljaXBhdGluZ30iLCJvcGVuX2lzc3VlcyI6MCwib3Blbl9pc3N1ZXNfY291bnQiOjAsIm93bmVyIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvOTM3OTc4OTg/dj00IiwiZW1haWwiOiJtYXJjZWxhLm1lbGFyYUBpbnRlbC5jb20iLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2V2ZW50c3svcHJpdmFjeX0iLCJmb2xsb3dlcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2ZvbGxvd2VycyIsImZvbGxvd2luZ191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvZm9sbG93aW5ney9vdGhlcl91c2VyfSIsImdpc3RzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9naXN0c3svZ2lzdF9pZH0iLCJncmF2YXRhcl9pZCI6IiIsImh0bWxfdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEiLCJpZCI6OTM3OTc4OTgsImxvZ2luIjoibWFyY2VsYW1lbGFyYSIsIm5hbWUiOiJtYXJjZWxhbWVsYXJhIiwibm9kZV9pZCI6IlVfa2dET0JaYy1DZyIsIm9yZ2FuaXphdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL29yZ3MiLCJyZWNlaXZlZF9ldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3JlY2VpdmVkX2V2ZW50cyIsInJlcG9zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9yZXBvcyIsInNpdGVfYWRtaW4iOmZhbHNlLCJzdGFycmVkX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9zdGFycmVkey9vd25lcn17L3JlcG99Iiwic3Vic2NyaXB0aW9uc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvc3Vic2NyaXB0aW9ucyIsInR5cGUiOiJVc2VyIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhIn0sInByaXZhdGUiOmZhbHNlLCJwdWxsc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvcHVsbHN7L251bWJlcn0iLCJwdXNoZWRfYXQiOjE2OTI4MzQ5MjMsInJlbGVhc2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9yZWxlYXNlc3svaWR9Iiwic2l6ZSI6MzQzNiwic3NoX3VybCI6ImdpdEBnaXRodWIuY29tOm1hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMuZ2l0Iiwic3RhcmdhemVycyI6MCwic3RhcmdhemVyc19jb3VudCI6MCwic3RhcmdhemVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvc3RhcmdhemVycyIsInN0YXR1c2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9zdGF0dXNlcy97c2hhfSIsInN1YnNjcmliZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9zdWJzY3JpYmVycyIsInN1YnNjcmlwdGlvbl91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvc3Vic2NyaXB0aW9uIiwic3ZuX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzIiwidGFnc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvdGFncyIsInRlYW1zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy90ZWFtcyIsInRvcGljcyI6W10sInRyZWVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvdHJlZXN7L3NoYX0iLCJ1cGRhdGVkX2F0IjoiMjAyMi0wMS0xMVQwMTowNDozNFoiLCJ1cmwiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cyIsInZpc2liaWxpdHkiOiJwdWJsaWMiLCJ3YXRjaGVycyI6MCwid2F0Y2hlcnNfY291bnQiOjAsIndlYl9jb21taXRfc2lnbm9mZl9yZXF1aXJlZCI6ZmFsc2V9LCJzZW5kZXIiOnsiYXZhdGFyX3VybCI6Imh0dHBzOi8vYXZhdGFycy5naXRodWJ1c2VyY29udGVudC5jb20vdS85Mzc5Nzg5OD92PTQiLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2V2ZW50c3svcHJpdmFjeX0iLCJmb2xsb3dlcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2ZvbGxvd2VycyIsImZvbGxvd2luZ191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvZm9sbG93aW5ney9vdGhlcl91c2VyfSIsImdpc3RzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9naXN0c3svZ2lzdF9pZH0iLCJncmF2YXRhcl9pZCI6IiIsImh0bWxfdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEiLCJpZCI6OTM3OTc4OTgsImxvZ2luIjoibWFyY2VsYW1lbGFyYSIsIm5vZGVfaWQiOiJVX2tnRE9CWmMtQ2ciLCJvcmdhbml6YXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9vcmdzIiwicmVjZWl2ZWRfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9yZWNlaXZlZF9ldmVudHMiLCJyZXBvc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvcmVwb3MiLCJzaXRlX2FkbWluIjpmYWxzZSwic3RhcnJlZF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvc3RhcnJlZHsvb3duZXJ9ey9yZXBvfSIsInN1YnNjcmlwdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3N1YnNjcmlwdGlvbnMiLCJ0eXBlIjoiVXNlciIsInVybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYSJ9fSwiZ2l0aHViX2hlYWRfcmVmIjoiIiwiZ2l0aHViX3JlZiI6InJlZnMvaGVhZHMvZ2VuZXJhdGUtc3dzYy1idWlsZC1tZXRhZGF0YSIsImdpdGh1Yl9yZWZfdHlwZSI6ImJyYW5jaCIsImdpdGh1Yl9yZXBvc2l0b3J5X2lkIjoiMjM2NTkyOTA4IiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXIiOiJtYXJjZWxhbWVsYXJhIiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXJfaWQiOiI5Mzc5Nzg5OCIsImdpdGh1Yl9ydW5fYXR0ZW1wdCI6IjEiLCJnaXRodWJfcnVuX2lkIjoiNTk1NzY3MjU4MCIsImdpdGh1Yl9ydW5fbnVtYmVyIjoiMTAiLCJnaXRodWJfc2hhMSI6Ijg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUifX0sIm1ldGFkYXRhIjp7ImJ1aWxkSW52b2NhdGlvbklEIjoiNTk1NzY3MjU4MC0xIiwiY29tcGxldGVuZXNzIjp7InBhcmFtZXRlcnMiOnRydWUsImVudmlyb25tZW50IjpmYWxzZSwibWF0ZXJpYWxzIjpmYWxzZX0sInJlcHJvZHVjaWJsZSI6ZmFsc2V9LCJtYXRlcmlhbHMiOlt7InVyaSI6ImdpdCtodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0c0ByZWZzL2hlYWRzL2dlbmVyYXRlLXN3c2MtYnVpbGQtbWV0YWRhdGEiLCJkaWdlc3QiOnsic2hhMSI6Ijg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUifX1dfX0=","signatures":[{"keyid":"","sig":"MEUCIBtd37BUemlRGSAtupB5MUNpuoY3M8sjizO8vNoF/XRzAiEA6MbwPr+GkoQ7O/gAzGqMO3YVRfnOn2CSrme14Y/Vq7g=","cert":"-----BEGIN CERTIFICATE-----\nMIIHnjCCBySgAwIBAgIUdt3q/jeQLjQLrp9xhKPIodrsiFEwCgYIKoZIzj0EAwMw\nNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRl\ncm1lZGlhdGUwHhcNMjMwODI0MDAxMzQxWhcNMjMwODI0MDAyMzQxWjAAMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEB0TVhLF/u/aDcn+3ncIW2lfOKFn4iCY36NC3\nk/oPa8sJ8X25H//mhY8/6fNyUh4PzjIEyHPOcr8CAi8dWyuRFaOCBkMwggY/MA4G\nA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUYUr0\ngD1Frvh23NrGG+OeTrkO+fgwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4Y\nZD8wgYQGA1UdEQEB/wR6MHiGdmh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1l\nd29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvLmdpdGh1Yi93b3JrZmxvd3MvZ2Vu\nZXJhdG9yX2dlbmVyaWNfc2xzYTMueW1sQHJlZnMvdGFncy92MS43LjAwOQYKKwYB\nBAGDvzABAQQraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50\nLmNvbTASBgorBgEEAYO/MAECBARwdXNoMDYGCisGAQQBg78wAQMEKDg3Yjc0Mzc4\nZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUwMgYKKwYBBAGDvzABBAQk\nUERPIENJIHdpdGggU1cgc3VwcGx5IGNoYWluIG1ldGFkYXRhMDAGCisGAQQBg78w\nAQUEIm1hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMwNQYKKwYBBAGD\nvzABBgQncmVmcy9oZWFkcy9nZW5lcmF0ZS1zd3NjLWJ1aWxkLW1ldGFkYXRhMDsG\nCisGAQQBg78wAQgELQwraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJj\nb250ZW50LmNvbTCBhgYKKwYBBAGDvzABCQR4DHZodHRwczovL2dpdGh1Yi5jb20v\nc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29y\na2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Nsc2EzLnltbEByZWZzL3RhZ3MvdjEu\nNy4wMDgGCisGAQQBg78wAQoEKgwoZTU1Yjc2Y2U0MjEwODJkZmE0YjM0YTZhYzNj\nNWU1OWRlMGYzYmI1ODAdBgorBgEEAYO/MAELBA8MDWdpdGh1Yi1ob3N0ZWQwRQYK\nKwYBBAGDvzABDAQ3DDVodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9w\ncml2YXRlLWRhdGEtb2JqZWN0czA4BgorBgEEAYO/MAENBCoMKDg3Yjc0Mzc4ZThj\nOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUwNwYKKwYBBAGDvzABDgQpDCdy\nZWZzL2hlYWRzL2dlbmVyYXRlLXN3c2MtYnVpbGQtbWV0YWRhdGEwGQYKKwYBBAGD\nvzABDwQLDAkyMzY1OTI5MDgwMAYKKwYBBAGDvzABEAQiDCBodHRwczovL2dpdGh1\nYi5jb20vbWFyY2VsYW1lbGFyYTAYBgorBgEEAYO/MAERBAoMCDkzNzk3ODk4MIGM\nBgorBgEEAYO/MAESBH4MfGh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJh\nL3ByaXZhdGUtZGF0YS1vYmplY3RzLy5naXRodWIvd29ya2Zsb3dzL2NpLXN3c2Mu\neWFtbEByZWZzL2hlYWRzL2dlbmVyYXRlLXN3c2MtYnVpbGQtbWV0YWRhdGEwOAYK\nKwYBBAGDvzABEwQqDCg4N2I3NDM3OGU4YzljY2YzMzVhMjdmZmNkYzE2NjM2OTkw\nMjU0ZTFlMBQGCisGAQQBg78wARQEBgwEcHVzaDBoBgorBgEEAYO/MAEVBFoMWGh0\ndHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmpl\nY3RzL2FjdGlvbnMvcnVucy81OTU3NjcyNTgwL2F0dGVtcHRzLzEwFgYKKwYBBAGD\nvzABFgQIDAZwdWJsaWMwgYsGCisGAQQB1nkCBAIEfQR7AHkAdwDdPTBqxscRMmMZ\nHhyZZzcCokpeuN48rf+HinKALynujgAAAYok48Y6AAAEAwBIMEYCIQDlB6pBRLqz\nOVzWrWDyAKjqbj/+In4R1ZIV1ZpPBOibpgIhAOD0US5lEsq/jbd6+TFuCNGAwSmT\njLX6qaZM51mil8GAMAoGCCqGSM49BAMDA2gAMGUCMQCobhDekCwGfSHneSK9wVlo\nlm+5HAzWWCXP0MqB+z3BKrlncSTvfTtLT6Ai0uylV48CMBr+qUk5b34MOr3AfkFL\nwZPYsMpbWP4k8SXbi6NaBqwAAnAl3s+w3qbR/Nt2wtoPwA==\n-----END CERTIFICATE-----\n"}]} \ No newline at end of file diff --git a/kccncna2023-demo/attestations/build.e060fc8d.json b/kccncna2023-demo/attestations/build.e060fc8d.json deleted file mode 100644 index 8f2aee9..0000000 --- a/kccncna2023-demo/attestations/build.e060fc8d.json +++ /dev/null @@ -1 +0,0 @@ -{"payloadType":"application/vnd.in-toto+json","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjAuMSIsInByZWRpY2F0ZVR5cGUiOiJodHRwczovL3Nsc2EuZGV2L3Byb3ZlbmFuY2UvdjAuMiIsInN1YmplY3QiOlt7Im5hbWUiOiJwZG9fY2xpZW50X3dhd2FrYSIsImRpZ2VzdCI6eyJzaGEyNTYiOiIwMmMxY2E0Mjc0YTM0NmE3M2QwZTMyOTBmNzhlMWJjOGQ1Y2UxNjNkMWY0OGY1YWZkNTU5MTI3MmFiOWI0NTAwIn19XSwicHJlZGljYXRlIjp7ImJ1aWxkZXIiOnsiaWQiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Nsc2EzLnltbEByZWZzL3RhZ3MvdjEuNy4wIn0sImJ1aWxkVHlwZSI6Imh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvZ2VuZXJpY0B2MSIsImludm9jYXRpb24iOnsiY29uZmlnU291cmNlIjp7InVyaSI6ImdpdCtodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0c0ByZWZzL2hlYWRzL2ludG90by1rY2NuY25hMjAyMy1kZW1vIiwiZGlnZXN0Ijp7InNoYTEiOiJmMzJhNTJkNTllMWRlMWJjYmU3ZjY1NzFkM2FhOWExZWE3MTlhMjhhIn0sImVudHJ5UG9pbnQiOiIuZ2l0aHViL3dvcmtmbG93cy9pbnRvdG8ta2NjbmNuYTIwMjMtZGVtby55bWwifSwicGFyYW1ldGVycyI6e30sImVudmlyb25tZW50Ijp7ImdpdGh1Yl9hY3RvciI6Im1hcmNlbGFtZWxhcmEiLCJnaXRodWJfYWN0b3JfaWQiOiI5Mzc5Nzg5OCIsImdpdGh1Yl9iYXNlX3JlZiI6IiIsImdpdGh1Yl9ldmVudF9uYW1lIjoicHVzaCIsImdpdGh1Yl9ldmVudF9wYXlsb2FkIjp7ImFmdGVyIjoiZjMyYTUyZDU5ZTFkZTFiY2JlN2Y2NTcxZDNhYTlhMWVhNzE5YTI4YSIsImJhc2VfcmVmIjoicmVmcy9oZWFkcy9rdWJlY29uTkEyMy1pbnRvdG8tZGVtbyIsImJlZm9yZSI6IjAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAiLCJjb21taXRzIjpbXSwiY29tcGFyZSI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbXBhcmUvaW50b3RvLWtjY25jbmEyMDIzLWRlbW8iLCJjcmVhdGVkIjp0cnVlLCJkZWxldGVkIjpmYWxzZSwiZm9yY2VkIjpmYWxzZSwiaGVhZF9jb21taXQiOnsiYXV0aG9yIjp7ImVtYWlsIjoibWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tIiwibmFtZSI6Ik1hcmNlbGEgTWVsYXJhIiwidXNlcm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sImNvbW1pdHRlciI6eyJlbWFpbCI6Im1hcmNlbGEubWVsYXJhQGludGVsLmNvbSIsIm5hbWUiOiJNYXJjZWxhIE1lbGFyYSIsInVzZXJuYW1lIjoibWFyY2VsYW1lbGFyYSJ9LCJkaXN0aW5jdCI6dHJ1ZSwiaWQiOiJmMzJhNTJkNTllMWRlMWJjYmU3ZjY1NzFkM2FhOWExZWE3MTlhMjhhIiwibWVzc2FnZSI6IkFkZCBLdWJlQ29uIE5BICcyMyBkZW1vIGJ1aWxkIHdvcmtmbG93XG5cblNpZ25lZC1vZmYtYnk6IE1hcmNlbGEgTWVsYXJhIFx1MDAzY21hcmNlbGEubWVsYXJhQGludGVsLmNvbVx1MDAzZSIsInRpbWVzdGFtcCI6IjIwMjMtMTEtMDJUMTA6MTQ6MjAtMDc6MDAiLCJ0cmVlX2lkIjoiYjk0ODljNTZmZWJlOTE0ZGEzYzkwY2Y5ZDE0YjJlZWRhMWVjNTY1MyIsInVybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbW1pdC9mMzJhNTJkNTllMWRlMWJjYmU3ZjY1NzFkM2FhOWExZWE3MTlhMjhhIn0sInB1c2hlciI6eyJlbWFpbCI6Im1hcmNlbGEubWVsYXJhQGludGVsLmNvbSIsIm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sInJlZiI6InJlZnMvaGVhZHMvaW50b3RvLWtjY25jbmEyMDIzLWRlbW8iLCJyZXBvc2l0b3J5Ijp7ImFsbG93X2ZvcmtpbmciOnRydWUsImFyY2hpdmVfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3thcmNoaXZlX2Zvcm1hdH17L3JlZn0iLCJhcmNoaXZlZCI6ZmFsc2UsImFzc2lnbmVlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvYXNzaWduZWVzey91c2VyfSIsImJsb2JzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvYmxvYnN7L3NoYX0iLCJicmFuY2hlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvYnJhbmNoZXN7L2JyYW5jaH0iLCJjbG9uZV91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy5naXQiLCJjb2xsYWJvcmF0b3JzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9jb2xsYWJvcmF0b3Jzey9jb2xsYWJvcmF0b3J9IiwiY29tbWVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbW1lbnRzey9udW1iZXJ9IiwiY29tbWl0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29tbWl0c3svc2hhfSIsImNvbXBhcmVfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbXBhcmUve2Jhc2V9Li4ue2hlYWR9IiwiY29udGVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbnRlbnRzL3srcGF0aH0iLCJjb250cmlidXRvcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbnRyaWJ1dG9ycyIsImNyZWF0ZWRfYXQiOjE1ODAxNTg1MzQsImRlZmF1bHRfYnJhbmNoIjoibWFpbiIsImRlcGxveW1lbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9kZXBsb3ltZW50cyIsImRlc2NyaXB0aW9uIjoiVGhlIFByaXZhdGUgRGF0YSBPYmplY3RzIGxhYiBwcm92aWRlcyB0ZWNobm9sb2d5IGZvciBjb25maWRlbnRpYWxpdHktcHJlc2VydmluZywgb2ZmLWNoYWluIHNtYXJ0IGNvbnRyYWN0cy4iLCJkaXNhYmxlZCI6ZmFsc2UsImRvd25sb2Fkc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZG93bmxvYWRzIiwiZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9ldmVudHMiLCJmb3JrIjp0cnVlLCJmb3JrcyI6MSwiZm9ya3NfY291bnQiOjEsImZvcmtzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9mb3JrcyIsImZ1bGxfbmFtZSI6Im1hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMiLCJnaXRfY29tbWl0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZ2l0L2NvbW1pdHN7L3NoYX0iLCJnaXRfcmVmc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZ2l0L3JlZnN7L3NoYX0iLCJnaXRfdGFnc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZ2l0L3RhZ3N7L3NoYX0iLCJnaXRfdXJsIjoiZ2l0Oi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzLmdpdCIsImhhc19kaXNjdXNzaW9ucyI6ZmFsc2UsImhhc19kb3dubG9hZHMiOnRydWUsImhhc19pc3N1ZXMiOmZhbHNlLCJoYXNfcGFnZXMiOmZhbHNlLCJoYXNfcHJvamVjdHMiOnRydWUsImhhc193aWtpIjp0cnVlLCJob21lcGFnZSI6bnVsbCwiaG9va3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2hvb2tzIiwiaHRtbF91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cyIsImlkIjoyMzY1OTI5MDgsImlzX3RlbXBsYXRlIjpmYWxzZSwiaXNzdWVfY29tbWVudF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvaXNzdWVzL2NvbW1lbnRzey9udW1iZXJ9IiwiaXNzdWVfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9pc3N1ZXMvZXZlbnRzey9udW1iZXJ9IiwiaXNzdWVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9pc3N1ZXN7L251bWJlcn0iLCJrZXlzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9rZXlzey9rZXlfaWR9IiwibGFiZWxzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9sYWJlbHN7L25hbWV9IiwibGFuZ3VhZ2UiOiJDKysiLCJsYW5ndWFnZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2xhbmd1YWdlcyIsImxpY2Vuc2UiOnsia2V5IjoiYXBhY2hlLTIuMCIsIm5hbWUiOiJBcGFjaGUgTGljZW5zZSAyLjAiLCJub2RlX2lkIjoiTURjNlRHbGpaVzV6WlRJPSIsInNwZHhfaWQiOiJBcGFjaGUtMi4wIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9saWNlbnNlcy9hcGFjaGUtMi4wIn0sIm1hc3Rlcl9icmFuY2giOiJtYWluIiwibWVyZ2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9tZXJnZXMiLCJtaWxlc3RvbmVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9taWxlc3RvbmVzey9udW1iZXJ9IiwibWlycm9yX3VybCI6bnVsbCwibmFtZSI6InByaXZhdGUtZGF0YS1vYmplY3RzIiwibm9kZV9pZCI6Ik1ERXdPbEpsY0c5emFYUnZjbmt5TXpZMU9USTVNRGc9Iiwibm90aWZpY2F0aW9uc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvbm90aWZpY2F0aW9uc3s/c2luY2UsYWxsLHBhcnRpY2lwYXRpbmd9Iiwib3Blbl9pc3N1ZXMiOjAsIm9wZW5faXNzdWVzX2NvdW50IjowLCJvd25lciI6eyJhdmF0YXJfdXJsIjoiaHR0cHM6Ly9hdmF0YXJzLmdpdGh1YnVzZXJjb250ZW50LmNvbS91LzkzNzk3ODk4P3Y9NCIsImVtYWlsIjoibWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tIiwiZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9ldmVudHN7L3ByaXZhY3l9IiwiZm9sbG93ZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9mb2xsb3dlcnMiLCJmb2xsb3dpbmdfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2ZvbGxvd2luZ3svb3RoZXJfdXNlcn0iLCJnaXN0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvZ2lzdHN7L2dpc3RfaWR9IiwiZ3JhdmF0YXJfaWQiOiIiLCJodG1sX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhIiwiaWQiOjkzNzk3ODk4LCJsb2dpbiI6Im1hcmNlbGFtZWxhcmEiLCJuYW1lIjoibWFyY2VsYW1lbGFyYSIsIm5vZGVfaWQiOiJVX2tnRE9CWmMtQ2ciLCJvcmdhbml6YXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9vcmdzIiwicmVjZWl2ZWRfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9yZWNlaXZlZF9ldmVudHMiLCJyZXBvc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvcmVwb3MiLCJzaXRlX2FkbWluIjpmYWxzZSwic3RhcnJlZF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvc3RhcnJlZHsvb3duZXJ9ey9yZXBvfSIsInN1YnNjcmlwdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3N1YnNjcmlwdGlvbnMiLCJ0eXBlIjoiVXNlciIsInVybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYSJ9LCJwcml2YXRlIjpmYWxzZSwicHVsbHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3B1bGxzey9udW1iZXJ9IiwicHVzaGVkX2F0IjoxNjk4OTQ1NTQ1LCJyZWxlYXNlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvcmVsZWFzZXN7L2lkfSIsInNpemUiOjM0ODAsInNzaF91cmwiOiJnaXRAZ2l0aHViLmNvbTptYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzLmdpdCIsInN0YXJnYXplcnMiOjAsInN0YXJnYXplcnNfY291bnQiOjAsInN0YXJnYXplcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3N0YXJnYXplcnMiLCJzdGF0dXNlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvc3RhdHVzZXMve3NoYX0iLCJzdWJzY3JpYmVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvc3Vic2NyaWJlcnMiLCJzdWJzY3JpcHRpb25fdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3N1YnNjcmlwdGlvbiIsInN2bl91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cyIsInRhZ3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3RhZ3MiLCJ0ZWFtc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvdGVhbXMiLCJ0b3BpY3MiOltdLCJ0cmVlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvZ2l0L3RyZWVzey9zaGF9IiwidXBkYXRlZF9hdCI6IjIwMjItMDEtMTFUMDE6MDQ6MzRaIiwidXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMiLCJ2aXNpYmlsaXR5IjoicHVibGljIiwid2F0Y2hlcnMiOjAsIndhdGNoZXJzX2NvdW50IjowLCJ3ZWJfY29tbWl0X3NpZ25vZmZfcmVxdWlyZWQiOmZhbHNlfSwic2VuZGVyIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvOTM3OTc4OTg/dj00IiwiZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9ldmVudHN7L3ByaXZhY3l9IiwiZm9sbG93ZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9mb2xsb3dlcnMiLCJmb2xsb3dpbmdfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2ZvbGxvd2luZ3svb3RoZXJfdXNlcn0iLCJnaXN0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvZ2lzdHN7L2dpc3RfaWR9IiwiZ3JhdmF0YXJfaWQiOiIiLCJodG1sX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhIiwiaWQiOjkzNzk3ODk4LCJsb2dpbiI6Im1hcmNlbGFtZWxhcmEiLCJub2RlX2lkIjoiVV9rZ0RPQlpjLUNnIiwib3JnYW5pemF0aW9uc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvb3JncyIsInJlY2VpdmVkX2V2ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvcmVjZWl2ZWRfZXZlbnRzIiwicmVwb3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3JlcG9zIiwic2l0ZV9hZG1pbiI6ZmFsc2UsInN0YXJyZWRfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3N0YXJyZWR7L293bmVyfXsvcmVwb30iLCJzdWJzY3JpcHRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9zdWJzY3JpcHRpb25zIiwidHlwZSI6IlVzZXIiLCJ1cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEifX0sImdpdGh1Yl9oZWFkX3JlZiI6IiIsImdpdGh1Yl9yZWYiOiJyZWZzL2hlYWRzL2ludG90by1rY2NuY25hMjAyMy1kZW1vIiwiZ2l0aHViX3JlZl90eXBlIjoiYnJhbmNoIiwiZ2l0aHViX3JlcG9zaXRvcnlfaWQiOiIyMzY1OTI5MDgiLCJnaXRodWJfcmVwb3NpdG9yeV9vd25lciI6Im1hcmNlbGFtZWxhcmEiLCJnaXRodWJfcmVwb3NpdG9yeV9vd25lcl9pZCI6IjkzNzk3ODk4IiwiZ2l0aHViX3J1bl9hdHRlbXB0IjoiMSIsImdpdGh1Yl9ydW5faWQiOiI2NzM2MDUxMzQ5IiwiZ2l0aHViX3J1bl9udW1iZXIiOiIyIiwiZ2l0aHViX3NoYTEiOiJmMzJhNTJkNTllMWRlMWJjYmU3ZjY1NzFkM2FhOWExZWE3MTlhMjhhIn19LCJtZXRhZGF0YSI6eyJidWlsZEludm9jYXRpb25JRCI6IjY3MzYwNTEzNDktMSIsImNvbXBsZXRlbmVzcyI6eyJwYXJhbWV0ZXJzIjp0cnVlLCJlbnZpcm9ubWVudCI6ZmFsc2UsIm1hdGVyaWFscyI6ZmFsc2V9LCJyZXByb2R1Y2libGUiOmZhbHNlfSwibWF0ZXJpYWxzIjpbeyJ1cmkiOiJnaXQraHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHNAcmVmcy9oZWFkcy9pbnRvdG8ta2NjbmNuYTIwMjMtZGVtbyIsImRpZ2VzdCI6eyJzaGExIjoiZjMyYTUyZDU5ZTFkZTFiY2JlN2Y2NTcxZDNhYTlhMWVhNzE5YTI4YSJ9fV19fQ==","signatures":[{"keyid":"","sig":"MEQCIByuHkfkBkK5VwGWxNXi6mDZ8uQINXYdchAqOhxJVu8rAiAZDNbKKWv5k73pINPluH/OYXGVyHJhcJ84GJQfLquK2Q==","cert":"-----BEGIN CERTIFICATE-----\nMIIHuDCCBz6gAwIBAgIUEjL+iKMGHDZx40JCEI4XmLPIOjwwCgYIKoZIzj0EAwMw\nNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRl\ncm1lZGlhdGUwHhcNMjMxMTAyMTczOTQ3WhcNMjMxMTAyMTc0OTQ3WjAAMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEid/NZhyCdtz+W1WsJU/ECeWPY+WfKVVGm/yH\nOeOyF4teaUO8Ivwuk+tInihuNFXqARe6wz5FR4UmZekQjpXlLaOCBl0wggZZMA4G\nA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUu5vW\nz4Dh2uVQp3ywiFymVTGEKEYwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4Y\nZD8wgYQGA1UdEQEB/wR6MHiGdmh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1l\nd29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvLmdpdGh1Yi93b3JrZmxvd3MvZ2Vu\nZXJhdG9yX2dlbmVyaWNfc2xzYTMueW1sQHJlZnMvdGFncy92MS43LjAwOQYKKwYB\nBAGDvzABAQQraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50\nLmNvbTASBgorBgEEAYO/MAECBARwdXNoMDYGCisGAQQBg78wAQMEKGYzMmE1MmQ1\nOWUxZGUxYmNiZTdmNjU3MWQzYWE5YTFlYTcxOWEyOGEwTAYKKwYBBAGDvzABBAQ+\nUHJpdmF0ZSBEYXRhIE9iamVjdHMgKFBETykgYnVpbGQgd2l0aCBTVyBzdXBwbHkg\nY2hhaW4gbWV0YWRhdGEwMAYKKwYBBAGDvzABBQQibWFyY2VsYW1lbGFyYS9wcml2\nYXRlLWRhdGEtb2JqZWN0czAwBgorBgEEAYO/MAEGBCJyZWZzL2hlYWRzL2ludG90\nby1rY2NuY25hMjAyMy1kZW1vMDsGCisGAQQBg78wAQgELQwraHR0cHM6Ly90b2tl\nbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbTCBhgYKKwYBBAGDvzABCQR4\nDHZodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWIt\nZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Ns\nc2EzLnltbEByZWZzL3RhZ3MvdjEuNy4wMDgGCisGAQQBg78wAQoEKgwoZTU1Yjc2\nY2U0MjEwODJkZmE0YjM0YTZhYzNjNWU1OWRlMGYzYmI1ODAdBgorBgEEAYO/MAEL\nBA8MDWdpdGh1Yi1ob3N0ZWQwRQYKKwYBBAGDvzABDAQ3DDVodHRwczovL2dpdGh1\nYi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0czA4BgorBgEE\nAYO/MAENBCoMKGYzMmE1MmQ1OWUxZGUxYmNiZTdmNjU3MWQzYWE5YTFlYTcxOWEy\nOGEwMgYKKwYBBAGDvzABDgQkDCJyZWZzL2hlYWRzL2ludG90by1rY2NuY25hMjAy\nMy1kZW1vMBkGCisGAQQBg78wAQ8ECwwJMjM2NTkyOTA4MDAGCisGAQQBg78wARAE\nIgwgaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEwGAYKKwYBBAGDvzAB\nEQQKDAg5Mzc5Nzg5ODCBmAYKKwYBBAGDvzABEgSBiQyBhmh0dHBzOi8vZ2l0aHVi\nLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzLy5naXRodWIv\nd29ya2Zsb3dzL2ludG90by1rY2NuY25hMjAyMy1kZW1vLnltbEByZWZzL2hlYWRz\nL2ludG90by1rY2NuY25hMjAyMy1kZW1vMDgGCisGAQQBg78wARMEKgwoZjMyYTUy\nZDU5ZTFkZTFiY2JlN2Y2NTcxZDNhYTlhMWVhNzE5YTI4YTAUBgorBgEEAYO/MAEU\nBAYMBHB1c2gwaAYKKwYBBAGDvzABFQRaDFhodHRwczovL2dpdGh1Yi5jb20vbWFy\nY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9hY3Rpb25zL3J1bnMvNjcz\nNjA1MTM0OS9hdHRlbXB0cy8xMBYGCisGAQQBg78wARYECAwGcHVibGljMIGJBgor\nBgEEAdZ5AgQCBHsEeQB3AHUA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p\n7o4AAAGLkR6n2wAABAMARjBEAiAhDbI+6lM6YdPOT+nTdPmWcR2vdLnzsXaamtSO\nnSwxIQIgPnwdA67rLTX0wM6cBVcxBm9oQn42tgCO4XpekkImjfcwCgYIKoZIzj0E\nAwMDaAAwZQIwSirI2MYX96zWUQEhYFCwBsWfZ0FSVxbpW5i2d8jI7NJPbQC4Rxo/\naJMsKAD1UDD9AjEA/0Z4kErsI82eYxd9A+zfGrFKpKk5QoqiLGgSKVh4SdL6Khfv\n5O0s2Z1BwoAsyHTJ\n-----END CERTIFICATE-----\n"}]} \ No newline at end of file diff --git a/kccncna2023-demo/attestations/evidence-collection.1f575092.json b/kccncna2023-demo/attestations/evidence-collection.1f575092.json new file mode 100644 index 0000000..e8b2cd2 --- /dev/null +++ b/kccncna2023-demo/attestations/evidence-collection.1f575092.json @@ -0,0 +1 @@ +{"payloadType":"application/vnd.in-toto+json","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCJzdWJqZWN0IjpbeyJuYW1lIjoicGRvX2NsaWVudF93YXdha2EiLCJkaWdlc3QiOnsic2hhMjU2IjoiOWZiN2VmNTUyMjk4ZjhmYmFkODQ2MDRkMDYxMDBlNzYwYjdiOGM0Y2I0ZDZjNGI3Mjc4NjVmMWYyODVkMDZhYyJ9fV0sInByZWRpY2F0ZVR5cGUiOiJodHRwczovL2luLXRvdG8uaW8vYXR0ZXN0YXRpb24vc2NhaS9hdHRyaWJ1dGUtcmVwb3J0L3YwLjIiLCJwcmVkaWNhdGUiOnsiYXR0cmlidXRlcyI6W3siYXR0cmlidXRlIjoiSGFzU0JPTSIsImV2aWRlbmNlIjp7ImRpZ2VzdCI6eyJzaGEyNTYiOiJkOTVjMjAyZTBlNDAyMTQ0ZDYzNjM4MGU5ODJlYWZmNTRiZTU1OWI1NTU5OGZkMTgwNzFlOTZkNmYzYTdlYjAzIn0sImRvd25sb2FkTG9jYXRpb24iOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9zdWl0ZXMvMTU0MTc3MjYxNDIvYXJ0aWZhY3RzLzg4MDQwMzM5NSIsIm1lZGlhVHlwZSI6ImFwcGxpY2F0aW9uL3NwZHgranNvbiIsIm5hbWUiOiJwZG9fY2xpZW50X3dhd2FrYS5zcGR4Lmpzb24ifX0seyJhdHRyaWJ1dGUiOiJIYXNTTFNBIiwiZXZpZGVuY2UiOnsiZGlnZXN0Ijp7InNoYTI1NiI6Ijk0ZDE4NzE2ZWU0NDEyMTc1YzVkOWRhMWNlNTA5NDcxNTNlMDljNDc2MmY5MDQ0YWY2ZjJkNjgyOGIxMmZlNWIifSwiZG93bmxvYWRMb2NhdGlvbiI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL3N1aXRlcy8xNTQxNzcyNjE0Mi9hcnRpZmFjdHMvODgwNDAzMzkyL3Bkb19jbGllbnRfd2F3YWthLnNsc2EuaW50b3RvLmpzb25sIiwibWVkaWFUeXBlIjoiYXBwbGljYXRpb24vdm5kLmluLXRvdG8rZHNzZSIsIm5hbWUiOiJidWlsZC40NTJlNjI4YS5qc29uIn19XX19","signatures":[{"keyid":"1f57509240de3e7921e29a896553e7cf912441e17fe8cbd675457c7ba45bcee6","sig":"W5terKjmGajjJLl1mXNgPzIamE0omBDUkXzmrAVZMI51FTvv2a4ixCRAMSvT8qxcs/ZvqMXxMGQV5RR2x1aF1JkBLSP9nY7mQLcl7GYJ6E+KltLMgO3Bw9b4vXDp/JZ1y8Dby+rUEt0umehFJYj0Yl8/ndhWVK6QNMzrCDghK8TdZ8N1+HhyxewOYdP2i+yrM0Ll0Q0DiXO4r5SPGgGTY6BWe5Sjc2HNrt+J6fJcnXpvfCBlTAuG0pGNDbIS9jtimsh+AKAlpdcgJUPGpL3baTRW/1liyzVmtJtIrTl1kDDm/rzKmFi/OaMS6Vwm4RkaEkXaLPYpzz6pBaCHm8JxNJVjijtoTrNyuhEyHuvZW3o/p9/TmW9O6kyDc8Sybk5S8iWca0N3sLAfIsQw4968PHo4p7jf/bWWPFhSag2nIz4fKdiLXSzaDvxKtuuMfa6BG15j45Nwqq6qcKf2ZssYP4sjyuzYcJe912HFPPo8ZasQmFBcuBMhpu7NHU6yP/19"}]} \ No newline at end of file diff --git a/kccncna2023-demo/attestations/evidence-collection.keyid.json b/kccncna2023-demo/attestations/evidence-collection.keyid.json deleted file mode 100644 index a9e5bb9..0000000 --- a/kccncna2023-demo/attestations/evidence-collection.keyid.json +++ /dev/null @@ -1 +0,0 @@ -{"payloadType":"application/vnd.in-toto","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCAic3ViamVjdCI6W3sibmFtZSI6InBkb19jbGllbnRfd2F3YWthIiwgInVyaSI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbW1pdC80ZTA3YWZiYjM3ZTI0ZDUyODRjMjE2M2YzNjAzZDM3NGEwOTI2ODkwIiwgImRpZ2VzdCI6eyJzaGEyNTYiOiI5NTRmNjBjNWRlM2YzYjljMjFiOTExOGUyNWJlYzc5M2M0ZGU5MTZhYTMyYWYxNDBhY2M1NTAxZGIxODlkYjdiIn19XSwgInByZWRpY2F0ZVR5cGUiOiJodHRwczovL2luLXRvdG8uaW8vYXR0ZXN0YXRpb24vc2NhaS9hdHRyaWJ1dGUtcmVwb3J0L3YwLjIiLCAicHJlZGljYXRlIjp7ImF0dHJpYnV0ZXMiOlt7ImF0dHJpYnV0ZSI6Ikhhc1NCT00iLCAiZXZpZGVuY2UiOnsiZGlnZXN0Ijp7InNoYTI1NiI6IjkxZmI3ZWU4ODA3NzUyMGRmNGZiMjU2YzVkMDI5ZmYyYTE4ZWZmNzY3NGZhNWU1NDA0ZDJmZGY0ZGZkNDEzMmQifSwgImRvd25sb2FkTG9jYXRpb24iOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9hY3Rpb25zL3J1bnMvNjc0MDE4NTE4OSIsICJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi9qc29uIiwgIm5hbWUiOiJwZG9fY2xpZW50X3dhd2FrYS5zcGR4Lmpzb24ifX0sIHsiYXR0cmlidXRlIjoiSGFzU0xTQSIsICJldmlkZW5jZSI6eyJkaWdlc3QiOnsic2hhMjU2IjoiYTljMGVhYjFiYTA0M2U1YTUyOTAzYWRjMzNlYzAyNDFkZTIyMjhmZGVlOGQyNmZkMTJhNTAyNWRmOGE1ZjNiNiJ9LCAiZG93bmxvYWRMb2NhdGlvbiI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2FjdGlvbnMvcnVucy82NzQwMTg1MTg5IiwgIm1lZGlhVHlwZSI6ImFwcGxpY2F0aW9uL3ZuZC5pbi10b3RvLnByb3ZlbmFuY2UrZHNzZSIsICJuYW1lIjoicGRvX2NsaWVudF93YXdha2Euc2xzYS5pbnRvdG8uanNvbmwifX0sIHsiYXR0cmlidXRlIjoiTm9uSGVybWV0aWNCdWlsZCIsICJldmlkZW5jZSI6eyJkaWdlc3QiOnsic2hhMjU2IjoiZTkxNTY2YTM0ZWYxNzFlYTYyMDRkODc3NmIyMzQ5ZDVhOTZlMTA4MzNjYjY5MDViYjhiZWY3NDY5YTVhMzM0OCJ9LCAiZG93bmxvYWRMb2NhdGlvbiI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2FjdGlvbnMvcnVucy82NzQwMTg1MTg5IiwgIm1lZGlhVHlwZSI6InRleHQvcGxhaW4iLCAibmFtZSI6InN0cmFjZS5sb2cifX1dfX0=","signatures":[{"keyid":"","sig":"MEUCIQC6gF+QEE0Df7z520y4LLWC7xjNaYMIJL40h4sl/4otqgIgHfwfQsnqsWkM+rQqOV3PZXAt9NZFdUIbmILJqC0t9TM="}]} diff --git a/kccncna2023-demo/attestations/evidence-collection.scai.json b/kccncna2023-demo/attestations/evidence-collection.scai.json deleted file mode 100644 index 047453d..0000000 --- a/kccncna2023-demo/attestations/evidence-collection.scai.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "_type": "https://in-toto.io/Statement/v1", - "subject": [ - { - "name": "pdo_client_wawaka", - "uri": "https://github.com/marcelamelara/private-data-objects/commit/4e07afbb37e24d5284c2163f3603d374a0926890", - "digest": { - "sha256": "954f60c5de3f3b9c21b9118e25bec793c4de916aa32af140acc5501db189db7b" - } - } - ], - "predicateType": "https://in-toto.io/attestation/scai/attribute-report/v0.2", - "predicate": { - "attributes": [ - { - "attribute": "HasSBOM", - "evidence": { - "digest": { - "sha256": "91fb7ee88077520df4fb256c5d029ff2a18eff7674fa5e5404d2fdf4dfd4132d" - }, - "downloadLocation": "https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", - "mediaType": "application/json", - "name": "pdo_client_wawaka.spdx.json" - } - }, - { - "attribute": "HasSLSA", - "evidence": { - "digest": { - "sha256": "a9c0eab1ba043e5a52903adc33ec0241de2228fdee8d26fd12a5025df8a5f3b6" - }, - "downloadLocation": "https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", - "mediaType": "application/vnd.in-toto.provenance+dsse", - "name": "pdo_client_wawaka.slsa.intoto.jsonl" - } - }, - { - "attribute": "NonHermeticBuild", - "evidence": { - "digest": { - "sha256": "e91566a34ef171ea6204d8776b2349d5a96e10833cb6905bb8bef7469a5a3348" - }, - "downloadLocation": "https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", - "mediaType": "text/plain", - "name": "strace.log" - } - } - ] - } -} diff --git a/kccncna2023-demo/evidence-files/build.452e628a.json b/kccncna2023-demo/evidence-files/build.452e628a.json new file mode 100644 index 0000000..5eaa780 --- /dev/null +++ b/kccncna2023-demo/evidence-files/build.452e628a.json @@ -0,0 +1 @@ +{"payloadType":"application/vnd.in-toto+json","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjAuMSIsInByZWRpY2F0ZVR5cGUiOiJodHRwczovL3Nsc2EuZGV2L3Byb3ZlbmFuY2UvdjAuMiIsInN1YmplY3QiOlt7Im5hbWUiOiJwZG9fY2xpZW50X3dhd2FrYSIsImRpZ2VzdCI6eyJzaGEyNTYiOiI5ZmI3ZWY1NTIyOThmOGZiYWQ4NDYwNGQwNjEwMGU3NjBiN2I4YzRjYjRkNmM0YjcyNzg2NWYxZjI4NWQwNmFjIn19XSwicHJlZGljYXRlIjp7ImJ1aWxkZXIiOnsiaWQiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Nsc2EzLnltbEByZWZzL3RhZ3MvdjEuNy4wIn0sImJ1aWxkVHlwZSI6Imh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvZ2VuZXJpY0B2MSIsImludm9jYXRpb24iOnsiY29uZmlnU291cmNlIjp7InVyaSI6ImdpdCtodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0c0ByZWZzL2hlYWRzL2dlbmVyYXRlLXN3c2MtYnVpbGQtbWV0YWRhdGEiLCJkaWdlc3QiOnsic2hhMSI6Ijg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUifSwiZW50cnlQb2ludCI6Ii5naXRodWIvd29ya2Zsb3dzL2NpLXN3c2MueWFtbCJ9LCJwYXJhbWV0ZXJzIjp7fSwiZW52aXJvbm1lbnQiOnsiZ2l0aHViX2FjdG9yIjoibWFyY2VsYW1lbGFyYSIsImdpdGh1Yl9hY3Rvcl9pZCI6IjkzNzk3ODk4IiwiZ2l0aHViX2Jhc2VfcmVmIjoiIiwiZ2l0aHViX2V2ZW50X25hbWUiOiJwdXNoIiwiZ2l0aHViX2V2ZW50X3BheWxvYWQiOnsiYWZ0ZXIiOiI4N2I3NDM3OGU4YzljY2YzMzVhMjdmZmNkYzE2NjM2OTkwMjU0ZTFlIiwiYmFzZV9yZWYiOm51bGwsImJlZm9yZSI6Ijg5ZWE1M2I4ODM1NzNjNjI5NWQ4ZWU2M2VkN2FhMWUwZDE0Yzc4ZTEiLCJjb21taXRzIjpbeyJhdXRob3IiOnsiZW1haWwiOiJtYXJjZWxhLm1lbGFyYUBpbnRlbC5jb20iLCJuYW1lIjoiTWFyY2VsYSBNZWxhcmEiLCJ1c2VybmFtZSI6Im1hcmNlbGFtZWxhcmEifSwiY29tbWl0dGVyIjp7ImVtYWlsIjoibWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tIiwibmFtZSI6Ik1hcmNlbGEgTWVsYXJhIiwidXNlcm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sImRpc3RpbmN0Ijp0cnVlLCJpZCI6Ijg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUiLCJtZXNzYWdlIjoiTWVyZ2Ugc3dzYyBtZXRhZGF0YSB3b3JrZmxvd3NcblxuU2lnbmVkLW9mZi1ieTogTWFyY2VsYSBNZWxhcmEgXHUwMDNjbWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tXHUwMDNlIiwidGltZXN0YW1wIjoiMjAyMy0wOC0yM1QxNjo1NToyMC0wNzowMCIsInRyZWVfaWQiOiIzNDY5OWE1NTQyMTBmZjkzZmM4NjBmNzBlNGExODNlNjY0YjM3MjVlIiwidXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29tbWl0Lzg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUifV0sImNvbXBhcmUiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9jb21wYXJlLzg5ZWE1M2I4ODM1Ny4uLjg3Yjc0Mzc4ZThjOSIsImNyZWF0ZWQiOmZhbHNlLCJkZWxldGVkIjpmYWxzZSwiZm9yY2VkIjpmYWxzZSwiaGVhZF9jb21taXQiOnsiYXV0aG9yIjp7ImVtYWlsIjoibWFyY2VsYS5tZWxhcmFAaW50ZWwuY29tIiwibmFtZSI6Ik1hcmNlbGEgTWVsYXJhIiwidXNlcm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sImNvbW1pdHRlciI6eyJlbWFpbCI6Im1hcmNlbGEubWVsYXJhQGludGVsLmNvbSIsIm5hbWUiOiJNYXJjZWxhIE1lbGFyYSIsInVzZXJuYW1lIjoibWFyY2VsYW1lbGFyYSJ9LCJkaXN0aW5jdCI6dHJ1ZSwiaWQiOiI4N2I3NDM3OGU4YzljY2YzMzVhMjdmZmNkYzE2NjM2OTkwMjU0ZTFlIiwibWVzc2FnZSI6Ik1lcmdlIHN3c2MgbWV0YWRhdGEgd29ya2Zsb3dzXG5cblNpZ25lZC1vZmYtYnk6IE1hcmNlbGEgTWVsYXJhIFx1MDAzY21hcmNlbGEubWVsYXJhQGludGVsLmNvbVx1MDAzZSIsInRpbWVzdGFtcCI6IjIwMjMtMDgtMjNUMTY6NTU6MjAtMDc6MDAiLCJ0cmVlX2lkIjoiMzQ2OTlhNTU0MjEwZmY5M2ZjODYwZjcwZTRhMTgzZTY2NGIzNzI1ZSIsInVybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbW1pdC84N2I3NDM3OGU4YzljY2YzMzVhMjdmZmNkYzE2NjM2OTkwMjU0ZTFlIn0sInB1c2hlciI6eyJlbWFpbCI6Im1hcmNlbGEubWVsYXJhQGludGVsLmNvbSIsIm5hbWUiOiJtYXJjZWxhbWVsYXJhIn0sInJlZiI6InJlZnMvaGVhZHMvZ2VuZXJhdGUtc3dzYy1idWlsZC1tZXRhZGF0YSIsInJlcG9zaXRvcnkiOnsiYWxsb3dfZm9ya2luZyI6dHJ1ZSwiYXJjaGl2ZV91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMve2FyY2hpdmVfZm9ybWF0fXsvcmVmfSIsImFyY2hpdmVkIjpmYWxzZSwiYXNzaWduZWVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9hc3NpZ25lZXN7L3VzZXJ9IiwiYmxvYnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2dpdC9ibG9ic3svc2hhfSIsImJyYW5jaGVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9icmFuY2hlc3svYnJhbmNofSIsImNsb25lX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzLmdpdCIsImNvbGxhYm9yYXRvcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2NvbGxhYm9yYXRvcnN7L2NvbGxhYm9yYXRvcn0iLCJjb21tZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29tbWVudHN7L251bWJlcn0iLCJjb21taXRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9jb21taXRzey9zaGF9IiwiY29tcGFyZV91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29tcGFyZS97YmFzZX0uLi57aGVhZH0iLCJjb250ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29udGVudHMveytwYXRofSIsImNvbnRyaWJ1dG9yc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvY29udHJpYnV0b3JzIiwiY3JlYXRlZF9hdCI6MTU4MDE1ODUzNCwiZGVmYXVsdF9icmFuY2giOiJtYWluIiwiZGVwbG95bWVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2RlcGxveW1lbnRzIiwiZGVzY3JpcHRpb24iOiJUaGUgUHJpdmF0ZSBEYXRhIE9iamVjdHMgbGFiIHByb3ZpZGVzIHRlY2hub2xvZ3kgZm9yIGNvbmZpZGVudGlhbGl0eS1wcmVzZXJ2aW5nLCBvZmYtY2hhaW4gc21hcnQgY29udHJhY3RzLiIsImRpc2FibGVkIjpmYWxzZSwiZG93bmxvYWRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9kb3dubG9hZHMiLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2V2ZW50cyIsImZvcmsiOnRydWUsImZvcmtzIjoxLCJmb3Jrc19jb3VudCI6MSwiZm9ya3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2ZvcmtzIiwiZnVsbF9uYW1lIjoibWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cyIsImdpdF9jb21taXRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvY29tbWl0c3svc2hhfSIsImdpdF9yZWZzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvcmVmc3svc2hhfSIsImdpdF90YWdzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvdGFnc3svc2hhfSIsImdpdF91cmwiOiJnaXQ6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMuZ2l0IiwiaGFzX2Rpc2N1c3Npb25zIjpmYWxzZSwiaGFzX2Rvd25sb2FkcyI6dHJ1ZSwiaGFzX2lzc3VlcyI6ZmFsc2UsImhhc19wYWdlcyI6ZmFsc2UsImhhc19wcm9qZWN0cyI6dHJ1ZSwiaGFzX3dpa2kiOnRydWUsImhvbWVwYWdlIjpudWxsLCJob29rc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvaG9va3MiLCJodG1sX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzIiwiaWQiOjIzNjU5MjkwOCwiaXNfdGVtcGxhdGUiOmZhbHNlLCJpc3N1ZV9jb21tZW50X3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9pc3N1ZXMvY29tbWVudHN7L251bWJlcn0iLCJpc3N1ZV9ldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2lzc3Vlcy9ldmVudHN7L251bWJlcn0iLCJpc3N1ZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2lzc3Vlc3svbnVtYmVyfSIsImtleXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2tleXN7L2tleV9pZH0iLCJsYWJlbHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL2xhYmVsc3svbmFtZX0iLCJsYW5ndWFnZSI6IkMrKyIsImxhbmd1YWdlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvbGFuZ3VhZ2VzIiwibGljZW5zZSI6eyJrZXkiOiJhcGFjaGUtMi4wIiwibmFtZSI6IkFwYWNoZSBMaWNlbnNlIDIuMCIsIm5vZGVfaWQiOiJNRGM2VEdsalpXNXpaVEk9Iiwic3BkeF9pZCI6IkFwYWNoZS0yLjAiLCJ1cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL2xpY2Vuc2VzL2FwYWNoZS0yLjAifSwibWFzdGVyX2JyYW5jaCI6Im1haW4iLCJtZXJnZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL21lcmdlcyIsIm1pbGVzdG9uZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzL21pbGVzdG9uZXN7L251bWJlcn0iLCJtaXJyb3JfdXJsIjpudWxsLCJuYW1lIjoicHJpdmF0ZS1kYXRhLW9iamVjdHMiLCJub2RlX2lkIjoiTURFd09sSmxjRzl6YVhSdmNua3lNelkxT1RJNU1EZz0iLCJub3RpZmljYXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9ub3RpZmljYXRpb25zez9zaW5jZSxhbGwscGFydGljaXBhdGluZ30iLCJvcGVuX2lzc3VlcyI6MCwib3Blbl9pc3N1ZXNfY291bnQiOjAsIm93bmVyIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvOTM3OTc4OTg/dj00IiwiZW1haWwiOiJtYXJjZWxhLm1lbGFyYUBpbnRlbC5jb20iLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2V2ZW50c3svcHJpdmFjeX0iLCJmb2xsb3dlcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2ZvbGxvd2VycyIsImZvbGxvd2luZ191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvZm9sbG93aW5ney9vdGhlcl91c2VyfSIsImdpc3RzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9naXN0c3svZ2lzdF9pZH0iLCJncmF2YXRhcl9pZCI6IiIsImh0bWxfdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEiLCJpZCI6OTM3OTc4OTgsImxvZ2luIjoibWFyY2VsYW1lbGFyYSIsIm5hbWUiOiJtYXJjZWxhbWVsYXJhIiwibm9kZV9pZCI6IlVfa2dET0JaYy1DZyIsIm9yZ2FuaXphdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL29yZ3MiLCJyZWNlaXZlZF9ldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3JlY2VpdmVkX2V2ZW50cyIsInJlcG9zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9yZXBvcyIsInNpdGVfYWRtaW4iOmZhbHNlLCJzdGFycmVkX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9zdGFycmVkey9vd25lcn17L3JlcG99Iiwic3Vic2NyaXB0aW9uc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvc3Vic2NyaXB0aW9ucyIsInR5cGUiOiJVc2VyIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhIn0sInByaXZhdGUiOmZhbHNlLCJwdWxsc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvcHVsbHN7L251bWJlcn0iLCJwdXNoZWRfYXQiOjE2OTI4MzQ5MjMsInJlbGVhc2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9yZWxlYXNlc3svaWR9Iiwic2l6ZSI6MzQzNiwic3NoX3VybCI6ImdpdEBnaXRodWIuY29tOm1hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMuZ2l0Iiwic3RhcmdhemVycyI6MCwic3RhcmdhemVyc19jb3VudCI6MCwic3RhcmdhemVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvc3RhcmdhemVycyIsInN0YXR1c2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9zdGF0dXNlcy97c2hhfSIsInN1YnNjcmliZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9zdWJzY3JpYmVycyIsInN1YnNjcmlwdGlvbl91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvc3Vic2NyaXB0aW9uIiwic3ZuX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmplY3RzIiwidGFnc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL21hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMvdGFncyIsInRlYW1zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy90ZWFtcyIsInRvcGljcyI6W10sInRyZWVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cy9naXQvdHJlZXN7L3NoYX0iLCJ1cGRhdGVkX2F0IjoiMjAyMi0wMS0xMVQwMTowNDozNFoiLCJ1cmwiOiJodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0cyIsInZpc2liaWxpdHkiOiJwdWJsaWMiLCJ3YXRjaGVycyI6MCwid2F0Y2hlcnNfY291bnQiOjAsIndlYl9jb21taXRfc2lnbm9mZl9yZXF1aXJlZCI6ZmFsc2V9LCJzZW5kZXIiOnsiYXZhdGFyX3VybCI6Imh0dHBzOi8vYXZhdGFycy5naXRodWJ1c2VyY29udGVudC5jb20vdS85Mzc5Nzg5OD92PTQiLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2V2ZW50c3svcHJpdmFjeX0iLCJmb2xsb3dlcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL2ZvbGxvd2VycyIsImZvbGxvd2luZ191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvZm9sbG93aW5ney9vdGhlcl91c2VyfSIsImdpc3RzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9naXN0c3svZ2lzdF9pZH0iLCJncmF2YXRhcl9pZCI6IiIsImh0bWxfdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL21hcmNlbGFtZWxhcmEiLCJpZCI6OTM3OTc4OTgsImxvZ2luIjoibWFyY2VsYW1lbGFyYSIsIm5vZGVfaWQiOiJVX2tnRE9CWmMtQ2ciLCJvcmdhbml6YXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9vcmdzIiwicmVjZWl2ZWRfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYS9yZWNlaXZlZF9ldmVudHMiLCJyZXBvc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvcmVwb3MiLCJzaXRlX2FkbWluIjpmYWxzZSwic3RhcnJlZF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL21hcmNlbGFtZWxhcmEvc3RhcnJlZHsvb3duZXJ9ey9yZXBvfSIsInN1YnNjcmlwdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9tYXJjZWxhbWVsYXJhL3N1YnNjcmlwdGlvbnMiLCJ0eXBlIjoiVXNlciIsInVybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvbWFyY2VsYW1lbGFyYSJ9fSwiZ2l0aHViX2hlYWRfcmVmIjoiIiwiZ2l0aHViX3JlZiI6InJlZnMvaGVhZHMvZ2VuZXJhdGUtc3dzYy1idWlsZC1tZXRhZGF0YSIsImdpdGh1Yl9yZWZfdHlwZSI6ImJyYW5jaCIsImdpdGh1Yl9yZXBvc2l0b3J5X2lkIjoiMjM2NTkyOTA4IiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXIiOiJtYXJjZWxhbWVsYXJhIiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXJfaWQiOiI5Mzc5Nzg5OCIsImdpdGh1Yl9ydW5fYXR0ZW1wdCI6IjEiLCJnaXRodWJfcnVuX2lkIjoiNTk1NzY3MjU4MCIsImdpdGh1Yl9ydW5fbnVtYmVyIjoiMTAiLCJnaXRodWJfc2hhMSI6Ijg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUifX0sIm1ldGFkYXRhIjp7ImJ1aWxkSW52b2NhdGlvbklEIjoiNTk1NzY3MjU4MC0xIiwiY29tcGxldGVuZXNzIjp7InBhcmFtZXRlcnMiOnRydWUsImVudmlyb25tZW50IjpmYWxzZSwibWF0ZXJpYWxzIjpmYWxzZX0sInJlcHJvZHVjaWJsZSI6ZmFsc2V9LCJtYXRlcmlhbHMiOlt7InVyaSI6ImdpdCtodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9wcml2YXRlLWRhdGEtb2JqZWN0c0ByZWZzL2hlYWRzL2dlbmVyYXRlLXN3c2MtYnVpbGQtbWV0YWRhdGEiLCJkaWdlc3QiOnsic2hhMSI6Ijg3Yjc0Mzc4ZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUifX1dfX0=","signatures":[{"keyid":"","sig":"MEUCIBtd37BUemlRGSAtupB5MUNpuoY3M8sjizO8vNoF/XRzAiEA6MbwPr+GkoQ7O/gAzGqMO3YVRfnOn2CSrme14Y/Vq7g=","cert":"-----BEGIN CERTIFICATE-----\nMIIHnjCCBySgAwIBAgIUdt3q/jeQLjQLrp9xhKPIodrsiFEwCgYIKoZIzj0EAwMw\nNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRl\ncm1lZGlhdGUwHhcNMjMwODI0MDAxMzQxWhcNMjMwODI0MDAyMzQxWjAAMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEB0TVhLF/u/aDcn+3ncIW2lfOKFn4iCY36NC3\nk/oPa8sJ8X25H//mhY8/6fNyUh4PzjIEyHPOcr8CAi8dWyuRFaOCBkMwggY/MA4G\nA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUYUr0\ngD1Frvh23NrGG+OeTrkO+fgwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4Y\nZD8wgYQGA1UdEQEB/wR6MHiGdmh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1l\nd29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvLmdpdGh1Yi93b3JrZmxvd3MvZ2Vu\nZXJhdG9yX2dlbmVyaWNfc2xzYTMueW1sQHJlZnMvdGFncy92MS43LjAwOQYKKwYB\nBAGDvzABAQQraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50\nLmNvbTASBgorBgEEAYO/MAECBARwdXNoMDYGCisGAQQBg78wAQMEKDg3Yjc0Mzc4\nZThjOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUwMgYKKwYBBAGDvzABBAQk\nUERPIENJIHdpdGggU1cgc3VwcGx5IGNoYWluIG1ldGFkYXRhMDAGCisGAQQBg78w\nAQUEIm1hcmNlbGFtZWxhcmEvcHJpdmF0ZS1kYXRhLW9iamVjdHMwNQYKKwYBBAGD\nvzABBgQncmVmcy9oZWFkcy9nZW5lcmF0ZS1zd3NjLWJ1aWxkLW1ldGFkYXRhMDsG\nCisGAQQBg78wAQgELQwraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJj\nb250ZW50LmNvbTCBhgYKKwYBBAGDvzABCQR4DHZodHRwczovL2dpdGh1Yi5jb20v\nc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29y\na2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Nsc2EzLnltbEByZWZzL3RhZ3MvdjEu\nNy4wMDgGCisGAQQBg78wAQoEKgwoZTU1Yjc2Y2U0MjEwODJkZmE0YjM0YTZhYzNj\nNWU1OWRlMGYzYmI1ODAdBgorBgEEAYO/MAELBA8MDWdpdGh1Yi1ob3N0ZWQwRQYK\nKwYBBAGDvzABDAQ3DDVodHRwczovL2dpdGh1Yi5jb20vbWFyY2VsYW1lbGFyYS9w\ncml2YXRlLWRhdGEtb2JqZWN0czA4BgorBgEEAYO/MAENBCoMKDg3Yjc0Mzc4ZThj\nOWNjZjMzNWEyN2ZmY2RjMTY2MzY5OTAyNTRlMWUwNwYKKwYBBAGDvzABDgQpDCdy\nZWZzL2hlYWRzL2dlbmVyYXRlLXN3c2MtYnVpbGQtbWV0YWRhdGEwGQYKKwYBBAGD\nvzABDwQLDAkyMzY1OTI5MDgwMAYKKwYBBAGDvzABEAQiDCBodHRwczovL2dpdGh1\nYi5jb20vbWFyY2VsYW1lbGFyYTAYBgorBgEEAYO/MAERBAoMCDkzNzk3ODk4MIGM\nBgorBgEEAYO/MAESBH4MfGh0dHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJh\nL3ByaXZhdGUtZGF0YS1vYmplY3RzLy5naXRodWIvd29ya2Zsb3dzL2NpLXN3c2Mu\neWFtbEByZWZzL2hlYWRzL2dlbmVyYXRlLXN3c2MtYnVpbGQtbWV0YWRhdGEwOAYK\nKwYBBAGDvzABEwQqDCg4N2I3NDM3OGU4YzljY2YzMzVhMjdmZmNkYzE2NjM2OTkw\nMjU0ZTFlMBQGCisGAQQBg78wARQEBgwEcHVzaDBoBgorBgEEAYO/MAEVBFoMWGh0\ndHBzOi8vZ2l0aHViLmNvbS9tYXJjZWxhbWVsYXJhL3ByaXZhdGUtZGF0YS1vYmpl\nY3RzL2FjdGlvbnMvcnVucy81OTU3NjcyNTgwL2F0dGVtcHRzLzEwFgYKKwYBBAGD\nvzABFgQIDAZwdWJsaWMwgYsGCisGAQQB1nkCBAIEfQR7AHkAdwDdPTBqxscRMmMZ\nHhyZZzcCokpeuN48rf+HinKALynujgAAAYok48Y6AAAEAwBIMEYCIQDlB6pBRLqz\nOVzWrWDyAKjqbj/+In4R1ZIV1ZpPBOibpgIhAOD0US5lEsq/jbd6+TFuCNGAwSmT\njLX6qaZM51mil8GAMAoGCCqGSM49BAMDA2gAMGUCMQCobhDekCwGfSHneSK9wVlo\nlm+5HAzWWCXP0MqB+z3BKrlncSTvfTtLT6Ai0uylV48CMBr+qUk5b34MOr3AfkFL\nwZPYsMpbWP4k8SXbi6NaBqwAAnAl3s+w3qbR/Nt2wtoPwA==\n-----END CERTIFICATE-----\n"}]} \ No newline at end of file diff --git a/kccncna2023-demo/policies/has-slsa.yml b/kccncna2023-demo/policies/has-slsa.yml new file mode 100644 index 0000000..8cbf348 --- /dev/null +++ b/kccncna2023-demo/policies/has-slsa.yml @@ -0,0 +1,6 @@ +attestationID: "f7dbd9211f8c9ee70313454ddba0ffacec91139ff325b3ef90eccf706bd06ecf" +inspections: + - name: "build.452e628a.json" + expectedAttributes: + - rule: "assertion.attribute == 'HasSLSA' && predicateType == 'https://slsa.dev/provenance/v0.2'" + - rule: "predicate.buildType == 'https://github.com/slsa-framework/slsa-github-generator/generic@v1'" diff --git a/kccncna2023-demo/policies/layout.yml b/kccncna2023-demo/policies/layout.yml new file mode 100644 index 0000000..408006c --- /dev/null +++ b/kccncna2023-demo/policies/layout.yml @@ -0,0 +1,48 @@ +expires: "2024-10-10T12:23:22Z" +functionaries: + 1f57509240de3e7921e29a896553e7cf912441e17fe8cbd675457c7ba45bcee6: + keyType: "rsa" + scheme: "rsassa-pss-sha256" + keyIDHashAlgorithms: + - "sha256" + - "sha512" + keyVal: + public: "-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0o+jumXN3tE2Xqx1qKjC\ngzCCvAPoOlzQlg+7OLGHnJbQgDxOyhFYMNqJ6cztb26NettmEpPtLDSnM5fPvHuH\nPVoPctzLqE9MiXdD1C7RHbjeSaUBxJV6wSGdAGzNa+8oxxG1ex4H7KHOXD8Mo61o\nitzViEw8knQNDhKHA/JWMnnhX07J1wF+EBWHpBsquAxZMLwy9h4uSlJjbK6TVZS8\nzLEtChVHLqF71px3/rRLlx6gyvSfqsVUd86JDrZtC+MHiq72nnx6N7+4wmSFB6ZQ\naBJvEemP9f54KgSMPLH4fZ63noQKUj9dnOZ+N4f0SGRIIvhN03/LlVA9ifkJBQml\nLKbiNWGAk92+C6NEp2Tj7olNsQ1zOTLzC27CJSWlDq9hSiS7LuaZUy7Gb3acX6Zf\nGZkwYXpXQPp/vM66InJcr5/T1iW/XhtmCHiRd7T24R4qDvS+Xuqv9+pJtHemCUpz\nWhn7N5L7Hr/t0b0SIUNd1PZzD4+lKElcAt99vCVlKQmVAgMBAAE=\n-----END PUBLIC KEY-----" + keyID: "1f57509240de3e7921e29a896553e7cf912441e17fe8cbd675457c7ba45bcee6" + 452e628a9a052784761275fe2eed15d7c0c8c8599bf1977879f130a568af5d8c: + keyType: "ecdsa" + scheme: "ecdsa-sha2-nistp256" + keyIDHashAlgorithms: + - "sha256" + - "sha512" + keyVal: + public: "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEB0TVhLF/u/aDcn+3ncIW2lfOKFn4\niCY36NC3k/oPa8sJ8X25H//mhY8/6fNyUh4PzjIEyHPOcr8CAi8dWyuRFQ==\n-----END PUBLIC KEY-----" + keyID: "452e628a9a052784761275fe2eed15d7c0c8c8599bf1977879f130a568af5d8c" +steps: + - name: "build" + expectedMaterials: + - "ALLOW git+https://github.com/marcelamelara/private-data-objects@refs/heads/generate-swsc-build-metadata" + - "DISALLOW *" + expectedProducts: + - "CREATE pdo_client_wawaka" + - "DISALLOW *" + expectedPredicates: + - predicateType: "https://slsa.dev/provenance/v0.2" + expectedAttributes: + - rule: "predicate.builder.id == 'https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@refs/tags/v1.7.0'" + - rule: "predicate.invocation.configSource.uri == 'git+https://github.com/marcelamelara/private-data-objects@refs/heads/generate-swsc-build-metadata'" + - rule: "predicate.invocation.configSource.digest.sha1 == '87b74378e8c9ccf335a27ffcdc16636990254e1e'" + functionaries: + - "452e628a9a052784761275fe2eed15d7c0c8c8599bf1977879f130a568af5d8c" + - name: "evidence-collection" + expectedMaterials: + - "MATCH pdo_client_wawaka WITH products FROM build" + - "DISALLOW *" + expectedPredicates: + - predicateType: "https://in-toto.io/attestation/scai/attribute-report/v0.2" + expectedAttributes: + - rule: "size(predicate.attributes) >= 2" + - rule: "predicate.attributes.exists(a, a.attribute == 'HasSBOM')" + - rule: "predicate.attributes.exists(a, a.attribute == 'HasSLSA')" + functionaries: + - "1f57509240de3e7921e29a896553e7cf912441e17fe8cbd675457c7ba45bcee6" diff --git a/kccncna2023-demo/tlog-entries/pdo_client_wawaka.provenance.json b/kccncna2023-demo/tlog-entries/pdo_client_wawaka.provenance.json deleted file mode 100644 index 4537691..0000000 --- a/kccncna2023-demo/tlog-entries/pdo_client_wawaka.provenance.json +++ /dev/null @@ -1,21 +0,0 @@ -LogID: c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d -Attestation: {"_type":"https://in-toto.io/Statement/v0.1","predicateType":"https://slsa.dev/provenance/v0.2","subject":[{"name":"pdo_client_wawaka","digest":{"sha256":"954f60c5de3f3b9c21b9118e25bec793c4de916aa32af140acc5501db189db7b"}}],"predicate":{"builder":{"id":"https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@refs/tags/v1.7.0"},"buildType":"https://github.com/slsa-framework/slsa-github-generator/generic@v1","invocation":{"configSource":{"uri":"git+https://github.com/marcelamelara/private-data-objects@refs/heads/intoto-kccncna2023-demo","digest":{"sha1":"4e07afbb37e24d5284c2163f3603d374a0926890"},"entryPoint":".github/workflows/intoto-kccncna2023-demo.yml"},"parameters":{},"environment":{"github_actor":"marcelamelara","github_actor_id":"93797898","github_base_ref":"","github_event_name":"push","github_event_payload":{"after":"4e07afbb37e24d5284c2163f3603d374a0926890","base_ref":null,"before":"1b6e9168a1653126b5d7ddd5624c09ae28bfa8b0","commits":[{"author":{"email":"marcela.melara@intel.com","name":"Marcela Melara","username":"marcelamelara"},"committer":{"email":"marcela.melara@intel.com","name":"Marcela Melara","username":"marcelamelara"},"distinct":true,"id":"4e07afbb37e24d5284c2163f3603d374a0926890","message":"Fix signed attestation name\n\nSigned-off-by: Marcela Melara \u003cmarcela.melara@intel.com\u003e","timestamp":"2023-11-02T18:27:32-07:00","tree_id":"9f8903f7017d1ee513f0c420664c209f74fa4cba","url":"https://github.com/marcelamelara/private-data-objects/commit/4e07afbb37e24d5284c2163f3603d374a0926890"}],"compare":"https://github.com/marcelamelara/private-data-objects/compare/1b6e9168a165...4e07afbb37e2","created":false,"deleted":false,"forced":false,"head_commit":{"author":{"email":"marcela.melara@intel.com","name":"Marcela Melara","username":"marcelamelara"},"committer":{"email":"marcela.melara@intel.com","name":"Marcela Melara","username":"marcelamelara"},"distinct":true,"id":"4e07afbb37e24d5284c2163f3603d374a0926890","message":"Fix signed attestation name\n\nSigned-off-by: Marcela Melara \u003cmarcela.melara@intel.com\u003e","timestamp":"2023-11-02T18:27:32-07:00","tree_id":"9f8903f7017d1ee513f0c420664c209f74fa4cba","url":"https://github.com/marcelamelara/private-data-objects/commit/4e07afbb37e24d5284c2163f3603d374a0926890"},"pusher":{"email":"marcela.melara@intel.com","name":"marcelamelara"},"ref":"refs/heads/intoto-kccncna2023-demo","repository":{"allow_forking":true,"archive_url":"https://api.github.com/repos/marcelamelara/private-data-objects/{archive_format}{/ref}","archived":false,"assignees_url":"https://api.github.com/repos/marcelamelara/private-data-objects/assignees{/user}","blobs_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/blobs{/sha}","branches_url":"https://api.github.com/repos/marcelamelara/private-data-objects/branches{/branch}","clone_url":"https://github.com/marcelamelara/private-data-objects.git","collaborators_url":"https://api.github.com/repos/marcelamelara/private-data-objects/collaborators{/collaborator}","comments_url":"https://api.github.com/repos/marcelamelara/private-data-objects/comments{/number}","commits_url":"https://api.github.com/repos/marcelamelara/private-data-objects/commits{/sha}","compare_url":"https://api.github.com/repos/marcelamelara/private-data-objects/compare/{base}...{head}","contents_url":"https://api.github.com/repos/marcelamelara/private-data-objects/contents/{+path}","contributors_url":"https://api.github.com/repos/marcelamelara/private-data-objects/contributors","created_at":1580158534,"default_branch":"main","deployments_url":"https://api.github.com/repos/marcelamelara/private-data-objects/deployments","description":"The Private Data Objects lab provides technology for confidentiality-preserving, off-chain smart contracts.","disabled":false,"downloads_url":"https://api.github.com/repos/marcelamelara/private-data-objects/downloads","events_url":"https://api.github.com/repos/marcelamelara/private-data-objects/events","fork":true,"forks":1,"forks_count":1,"forks_url":"https://api.github.com/repos/marcelamelara/private-data-objects/forks","full_name":"marcelamelara/private-data-objects","git_commits_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/commits{/sha}","git_refs_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/refs{/sha}","git_tags_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/tags{/sha}","git_url":"git://github.com/marcelamelara/private-data-objects.git","has_discussions":false,"has_downloads":true,"has_issues":false,"has_pages":false,"has_projects":true,"has_wiki":true,"homepage":null,"hooks_url":"https://api.github.com/repos/marcelamelara/private-data-objects/hooks","html_url":"https://github.com/marcelamelara/private-data-objects","id":236592908,"is_template":false,"issue_comment_url":"https://api.github.com/repos/marcelamelara/private-data-objects/issues/comments{/number}","issue_events_url":"https://api.github.com/repos/marcelamelara/private-data-objects/issues/events{/number}","issues_url":"https://api.github.com/repos/marcelamelara/private-data-objects/issues{/number}","keys_url":"https://api.github.com/repos/marcelamelara/private-data-objects/keys{/key_id}","labels_url":"https://api.github.com/repos/marcelamelara/private-data-objects/labels{/name}","language":"C++","languages_url":"https://api.github.com/repos/marcelamelara/private-data-objects/languages","license":{"key":"apache-2.0","name":"Apache License 2.0","node_id":"MDc6TGljZW5zZTI=","spdx_id":"Apache-2.0","url":"https://api.github.com/licenses/apache-2.0"},"master_branch":"main","merges_url":"https://api.github.com/repos/marcelamelara/private-data-objects/merges","milestones_url":"https://api.github.com/repos/marcelamelara/private-data-objects/milestones{/number}","mirror_url":null,"name":"private-data-objects","node_id":"MDEwOlJlcG9zaXRvcnkyMzY1OTI5MDg=","notifications_url":"https://api.github.com/repos/marcelamelara/private-data-objects/notifications{?since,all,participating}","open_issues":0,"open_issues_count":0,"owner":{"avatar_url":"https://avatars.githubusercontent.com/u/93797898?v=4","email":"marcela.melara@intel.com","events_url":"https://api.github.com/users/marcelamelara/events{/privacy}","followers_url":"https://api.github.com/users/marcelamelara/followers","following_url":"https://api.github.com/users/marcelamelara/following{/other_user}","gists_url":"https://api.github.com/users/marcelamelara/gists{/gist_id}","gravatar_id":"","html_url":"https://github.com/marcelamelara","id":93797898,"login":"marcelamelara","name":"marcelamelara","node_id":"U_kgDOBZc-Cg","organizations_url":"https://api.github.com/users/marcelamelara/orgs","received_events_url":"https://api.github.com/users/marcelamelara/received_events","repos_url":"https://api.github.com/users/marcelamelara/repos","site_admin":false,"starred_url":"https://api.github.com/users/marcelamelara/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/marcelamelara/subscriptions","type":"User","url":"https://api.github.com/users/marcelamelara"},"private":false,"pulls_url":"https://api.github.com/repos/marcelamelara/private-data-objects/pulls{/number}","pushed_at":1698974855,"releases_url":"https://api.github.com/repos/marcelamelara/private-data-objects/releases{/id}","size":3479,"ssh_url":"git@github.com:marcelamelara/private-data-objects.git","stargazers":0,"stargazers_count":0,"stargazers_url":"https://api.github.com/repos/marcelamelara/private-data-objects/stargazers","statuses_url":"https://api.github.com/repos/marcelamelara/private-data-objects/statuses/{sha}","subscribers_url":"https://api.github.com/repos/marcelamelara/private-data-objects/subscribers","subscription_url":"https://api.github.com/repos/marcelamelara/private-data-objects/subscription","svn_url":"https://github.com/marcelamelara/private-data-objects","tags_url":"https://api.github.com/repos/marcelamelara/private-data-objects/tags","teams_url":"https://api.github.com/repos/marcelamelara/private-data-objects/teams","topics":[],"trees_url":"https://api.github.com/repos/marcelamelara/private-data-objects/git/trees{/sha}","updated_at":"2022-01-11T01:04:34Z","url":"https://github.com/marcelamelara/private-data-objects","visibility":"public","watchers":0,"watchers_count":0,"web_commit_signoff_required":false},"sender":{"avatar_url":"https://avatars.githubusercontent.com/u/93797898?v=4","events_url":"https://api.github.com/users/marcelamelara/events{/privacy}","followers_url":"https://api.github.com/users/marcelamelara/followers","following_url":"https://api.github.com/users/marcelamelara/following{/other_user}","gists_url":"https://api.github.com/users/marcelamelara/gists{/gist_id}","gravatar_id":"","html_url":"https://github.com/marcelamelara","id":93797898,"login":"marcelamelara","node_id":"U_kgDOBZc-Cg","organizations_url":"https://api.github.com/users/marcelamelara/orgs","received_events_url":"https://api.github.com/users/marcelamelara/received_events","repos_url":"https://api.github.com/users/marcelamelara/repos","site_admin":false,"starred_url":"https://api.github.com/users/marcelamelara/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/marcelamelara/subscriptions","type":"User","url":"https://api.github.com/users/marcelamelara"}},"github_head_ref":"","github_ref":"refs/heads/intoto-kccncna2023-demo","github_ref_type":"branch","github_repository_id":"236592908","github_repository_owner":"marcelamelara","github_repository_owner_id":"93797898","github_run_attempt":"1","github_run_id":"6740185189","github_run_number":"5","github_sha1":"4e07afbb37e24d5284c2163f3603d374a0926890"}},"metadata":{"buildInvocationID":"6740185189-1","completeness":{"parameters":true,"environment":false,"materials":false},"reproducible":false},"materials":[{"uri":"git+https://github.com/marcelamelara/private-data-objects@refs/heads/intoto-kccncna2023-demo","digest":{"sha1":"4e07afbb37e24d5284c2163f3603d374a0926890"}}]}} -Index: 47212639 -IntegratedTime: 2023-11-03T01:47:24Z -UUID: 24296fb24b8ad77ac67df9169ecdd6759b6894daeeafeb95e5398ad34e50418a1e94c6ae9cf7e7d0 -Body: { - "IntotoObj": { - "content": { - "hash": { - "algorithm": "sha256", - "value": "a9c0eab1ba043e5a52903adc33ec0241de2228fdee8d26fd12a5025df8a5f3b6" - }, - "payloadHash": { - "algorithm": "sha256", - "value": "75d64033e57a6d1d0f6abbfae527e56cc3741ce0d020946baa7d04520b572c3a" - } - }, - "publicKey": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUh1VENDQnorZ0F3SUJBZ0lVWkUySkJhaGxWTUQ0QTFScjBHMXpIZlZXMWE0d0NnWUlLb1pJemowRUF3TXcKTnpFVk1CTUdBMVVFQ2hNTWMybG5jM1J2Y21VdVpHVjJNUjR3SEFZRFZRUURFeFZ6YVdkemRHOXlaUzFwYm5SbApjbTFsWkdsaGRHVXdIaGNOTWpNeE1UQXpNREUwTnpJMFdoY05Nak14TVRBek1ERTFOekkwV2pBQU1Ga3dFd1lICktvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVKTEcwcFl5eG5GT3N5SXVhM1NaWFl0dVVDbitrQWpYM2Exa3cKYzVBUk9rL1JHQkxXeE5GSytXQUliR2hrekFDeXZuQ3lpNXFIbER0TUkrY0QzWFZOT3FPQ0JsNHdnZ1phTUE0RwpBMVVkRHdFQi93UUVBd0lIZ0RBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREF6QWRCZ05WSFE0RUZnUVUxYWlnCjB5NlQrblJiS0hwZ1dDTGtZOGxJSW00d0h3WURWUjBqQkJnd0ZvQVUzOVBwejFZa0VaYjVxTmpwS0ZXaXhpNFkKWkQ4d2dZUUdBMVVkRVFFQi93UjZNSGlHZG1oMGRIQnpPaTh2WjJsMGFIVmlMbU52YlM5emJITmhMV1p5WVcxbApkMjl5YXk5emJITmhMV2RwZEdoMVlpMW5aVzVsY21GMGIzSXZMbWRwZEdoMVlpOTNiM0pyWm14dmQzTXZaMlZ1ClpYSmhkRzl5WDJkbGJtVnlhV05mYzJ4ellUTXVlVzFzUUhKbFpuTXZkR0ZuY3k5Mk1TNDNMakF3T1FZS0t3WUIKQkFHRHZ6QUJBUVFyYUhSMGNITTZMeTkwYjJ0bGJpNWhZM1JwYjI1ekxtZHBkR2gxWW5WelpYSmpiMjUwWlc1MApMbU52YlRBU0Jnb3JCZ0VFQVlPL01BRUNCQVJ3ZFhOb01EWUdDaXNHQVFRQmc3OHdBUU1FS0RSbE1EZGhabUppCk16ZGxNalJrTlRJNE5HTXlNVFl6WmpNMk1ETmtNemMwWVRBNU1qWTRPVEF3VEFZS0t3WUJCQUdEdnpBQkJBUSsKVUhKcGRtRjBaU0JFWVhSaElFOWlhbVZqZEhNZ0tGQkVUeWtnWW5WcGJHUWdkMmwwYUNCVFZ5QnpkWEJ3YkhrZwpZMmhoYVc0Z2JXVjBZV1JoZEdFd01BWUtLd1lCQkFHRHZ6QUJCUVFpYldGeVkyVnNZVzFsYkdGeVlTOXdjbWwyCllYUmxMV1JoZEdFdGIySnFaV04wY3pBd0Jnb3JCZ0VFQVlPL01BRUdCQ0p5WldaekwyaGxZV1J6TDJsdWRHOTAKYnkxclkyTnVZMjVoTWpBeU15MWtaVzF2TURzR0Npc0dBUVFCZzc4d0FRZ0VMUXdyYUhSMGNITTZMeTkwYjJ0bApiaTVoWTNScGIyNXpMbWRwZEdoMVluVnpaWEpqYjI1MFpXNTBMbU52YlRDQmhnWUtLd1lCQkFHRHZ6QUJDUVI0CkRIWm9kSFJ3Y3pvdkwyZHBkR2gxWWk1amIyMHZjMnh6WVMxbWNtRnRaWGR2Y21zdmMyeHpZUzFuYVhSb2RXSXQKWjJWdVpYSmhkRzl5THk1bmFYUm9kV0l2ZDI5eWEyWnNiM2R6TDJkbGJtVnlZWFJ2Y2w5blpXNWxjbWxqWDNOcwpjMkV6TG5sdGJFQnlaV1p6TDNSaFozTXZkakV1Tnk0d01EZ0dDaXNHQVFRQmc3OHdBUW9FS2d3b1pUVTFZamMyClkyVTBNakV3T0RKa1ptRTBZak0wWVRaaFl6TmpOV1UxT1dSbE1HWXpZbUkxT0RBZEJnb3JCZ0VFQVlPL01BRUwKQkE4TURXZHBkR2gxWWkxb2IzTjBaV1F3UlFZS0t3WUJCQUdEdnpBQkRBUTNERFZvZEhSd2N6b3ZMMmRwZEdoMQpZaTVqYjIwdmJXRnlZMlZzWVcxbGJHRnlZUzl3Y21sMllYUmxMV1JoZEdFdGIySnFaV04wY3pBNEJnb3JCZ0VFCkFZTy9NQUVOQkNvTUtEUmxNRGRoWm1KaU16ZGxNalJrTlRJNE5HTXlNVFl6WmpNMk1ETmtNemMwWVRBNU1qWTQKT1RBd01nWUtLd1lCQkFHRHZ6QUJEZ1FrRENKeVpXWnpMMmhsWVdSekwybHVkRzkwYnkxclkyTnVZMjVoTWpBeQpNeTFrWlcxdk1Ca0dDaXNHQVFRQmc3OHdBUThFQ3d3Sk1qTTJOVGt5T1RBNE1EQUdDaXNHQVFRQmc3OHdBUkFFCklnd2dhSFIwY0hNNkx5OW5hWFJvZFdJdVkyOXRMMjFoY21ObGJHRnRaV3hoY21Fd0dBWUtLd1lCQkFHRHZ6QUIKRVFRS0RBZzVNemM1TnpnNU9EQ0JtQVlLS3dZQkJBR0R2ekFCRWdTQmlReUJobWgwZEhCek9pOHZaMmwwYUhWaQpMbU52YlM5dFlYSmpaV3hoYldWc1lYSmhMM0J5YVhaaGRHVXRaR0YwWVMxdlltcGxZM1J6THk1bmFYUm9kV0l2CmQyOXlhMlpzYjNkekwybHVkRzkwYnkxclkyTnVZMjVoTWpBeU15MWtaVzF2TG5sdGJFQnlaV1p6TDJobFlXUnoKTDJsdWRHOTBieTFyWTJOdVkyNWhNakF5TXkxa1pXMXZNRGdHQ2lzR0FRUUJnNzh3QVJNRUtnd29OR1V3TjJGbQpZbUl6TjJVeU5HUTFNamcwWXpJeE5qTm1Nell3TTJRek56UmhNRGt5TmpnNU1EQVVCZ29yQmdFRUFZTy9NQUVVCkJBWU1CSEIxYzJnd2FBWUtLd1lCQkFHRHZ6QUJGUVJhREZob2RIUndjem92TDJkcGRHaDFZaTVqYjIwdmJXRnkKWTJWc1lXMWxiR0Z5WVM5d2NtbDJZWFJsTFdSaGRHRXRiMkpxWldOMGN5OWhZM1JwYjI1ekwzSjFibk12TmpjMApNREU0TlRFNE9TOWhkSFJsYlhCMGN5OHhNQllHQ2lzR0FRUUJnNzh3QVJZRUNBd0djSFZpYkdsak1JR0tCZ29yCkJnRUVBZFo1QWdRQ0JId0VlZ0I0QUhZQTNUMHdhc2JIRVRKakdSNGNtV2MzQXFKS1hyamVQSzMvaDRweWdDOHAKN280QUFBR0xrdDBWcndBQUJBTUFSekJGQWlCR20yLzNZbDhTZ2VqR0p4V0tneTNZV21rcXhCY3l4a3dxdExMSgpjUGIxWkFJaEFMLzM1Tm1GbklNWVpSak04RGRHckQ3Y1FqSFJIbFlVOXBkRHIzcWh6REo3TUFvR0NDcUdTTTQ5CkJBTURBMmdBTUdVQ01RQ1htVWFzUWRXVUVRTzcweCtnZUlneFNyaXd5KzRMSUZMVUN5b1MyM205MDBBTlpLK0QKV2RDTXo4aUhjWlN4ZGhzQ01HVUtFU3BUbGFCcWhwVzV5b0RtbVB2b1FQU3FSRVlsazQzTHEyS1BJU3ZzSkE1WAo2RWNqWE0veHYyTGpnUXRHc3c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" - } -} - diff --git a/kccncna2023-demo/tlog-entries/pdo_client_wawaka.scai.json b/kccncna2023-demo/tlog-entries/pdo_client_wawaka.scai.json deleted file mode 100644 index 565ced6..0000000 --- a/kccncna2023-demo/tlog-entries/pdo_client_wawaka.scai.json +++ /dev/null @@ -1,21 +0,0 @@ -LogID: c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d -Attestation: {"_type":"https://in-toto.io/Statement/v1", "subject":[{"name":"pdo_client_wawaka", "uri":"https://github.com/marcelamelara/private-data-objects/commit/4e07afbb37e24d5284c2163f3603d374a0926890", "digest":{"sha256":"954f60c5de3f3b9c21b9118e25bec793c4de916aa32af140acc5501db189db7b"}}], "predicateType":"https://in-toto.io/attestation/scai/attribute-report/v0.2", "predicate":{"attributes":[{"attribute":"HasSBOM", "evidence":{"digest":{"sha256":"91fb7ee88077520df4fb256c5d029ff2a18eff7674fa5e5404d2fdf4dfd4132d"}, "downloadLocation":"https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", "mediaType":"application/json", "name":"pdo_client_wawaka.spdx.json"}}, {"attribute":"HasSLSA", "evidence":{"digest":{"sha256":"a9c0eab1ba043e5a52903adc33ec0241de2228fdee8d26fd12a5025df8a5f3b6"}, "downloadLocation":"https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", "mediaType":"application/vnd.in-toto.provenance+dsse", "name":"pdo_client_wawaka.slsa.intoto.jsonl"}}, {"attribute":"NonHermeticBuild", "evidence":{"digest":{"sha256":"e91566a34ef171ea6204d8776b2349d5a96e10833cb6905bb8bef7469a5a3348"}, "downloadLocation":"https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189", "mediaType":"text/plain", "name":"strace.log"}}]}} -Index: 47431571 -IntegratedTime: 2023-11-03T23:39:36Z -UUID: 24296fb24b8ad77ab2803f68cbf3f73ef6d4c4a0dce5b13e0d86db9f9548fd77de522002a8a8c97c -Body: { - "IntotoObj": { - "content": { - "hash": { - "algorithm": "sha256", - "value": "82e1c9e17eb3d3e4176b1e7c14a866199cac81b4554987ab603c342a113d43b8" - }, - "payloadHash": { - "algorithm": "sha256", - "value": "fc500f2816b3b1711e4f3772fa0c8a03edfe449bb58761a7d1844fa3bb1a65ed" - } - }, - "publicKey": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUgzekNDQjJTZ0F3SUJBZ0lVUmV6K01WTTZVQXJwYmRGYW0rOWhRb1NBWmM0d0NnWUlLb1pJemowRUF3TXcKTnpFVk1CTUdBMVVFQ2hNTWMybG5jM1J2Y21VdVpHVjJNUjR3SEFZRFZRUURFeFZ6YVdkemRHOXlaUzFwYm5SbApjbTFsWkdsaGRHVXdIaGNOTWpNeE1UQXpNak16T1RNMldoY05Nak14TVRBek1qTTBPVE0yV2pBQU1Ga3dFd1lICktvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVvbHlEeWF5Zjd6d2QyS2xXNVpCdDFOYkRGSjRnVFFRUkd2MnAKUWwreldGL3VQakhrMk1MOXhJOGVCcVA1VDRYN3F6NDBqTURRU0ErR3crQjY0QnN3U3FPQ0JvTXdnZ1ovTUE0RwpBMVVkRHdFQi93UUVBd0lIZ0RBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREF6QWRCZ05WSFE0RUZnUVVuR0RxCmdxNWgranlCNGdHTnZHeDRVc2lYeU44d0h3WURWUjBqQkJnd0ZvQVUzOVBwejFZa0VaYjVxTmpwS0ZXaXhpNFkKWkQ4d2daY0dBMVVkRVFFQi93U0JqRENCaVlhQmhtaDBkSEJ6T2k4dloybDBhSFZpTG1OdmJTOXRZWEpqWld4aApiV1ZzWVhKaEwzQnlhWFpoZEdVdFpHRjBZUzF2WW1wbFkzUnpMeTVuYVhSb2RXSXZkMjl5YTJac2IzZHpMMmx1CmRHOTBieTFyWTJOdVkyNWhNakF5TXkxa1pXMXZMbmx0YkVCeVpXWnpMMmhsWVdSekwybHVkRzkwYnkxclkyTnUKWTI1aE1qQXlNeTFrWlcxdk1Ea0dDaXNHQVFRQmc3OHdBUUVFSzJoMGRIQnpPaTh2ZEc5clpXNHVZV04wYVc5dQpjeTVuYVhSb2RXSjFjMlZ5WTI5dWRHVnVkQzVqYjIwd0VnWUtLd1lCQkFHRHZ6QUJBZ1FFY0hWemFEQTJCZ29yCkJnRUVBWU8vTUFFREJDZzBaVEEzWVdaaVlqTTNaVEkwWkRVeU9EUmpNakUyTTJZek5qQXpaRE0zTkdFd09USTIKT0Rrd01Fd0dDaXNHQVFRQmc3OHdBUVFFUGxCeWFYWmhkR1VnUkdGMFlTQlBZbXBsWTNSeklDaFFSRThwSUdKMQphV3hrSUhkcGRHZ2dVMWNnYzNWd2NHeDVJR05vWVdsdUlHMWxkR0ZrWVhSaE1EQUdDaXNHQVFRQmc3OHdBUVVFCkltMWhjbU5sYkdGdFpXeGhjbUV2Y0hKcGRtRjBaUzFrWVhSaExXOWlhbVZqZEhNd01BWUtLd1lCQkFHRHZ6QUIKQmdRaWNtVm1jeTlvWldGa2N5OXBiblJ2ZEc4dGEyTmpibU51WVRJd01qTXRaR1Z0YnpBN0Jnb3JCZ0VFQVlPLwpNQUVJQkMwTUsyaDBkSEJ6T2k4dmRHOXJaVzR1WVdOMGFXOXVjeTVuYVhSb2RXSjFjMlZ5WTI5dWRHVnVkQzVqCmIyMHdnWmdHQ2lzR0FRUUJnNzh3QVFrRWdZa01nWVpvZEhSd2N6b3ZMMmRwZEdoMVlpNWpiMjB2YldGeVkyVnMKWVcxbGJHRnlZUzl3Y21sMllYUmxMV1JoZEdFdGIySnFaV04wY3k4dVoybDBhSFZpTDNkdmNtdG1iRzkzY3k5cApiblJ2ZEc4dGEyTmpibU51WVRJd01qTXRaR1Z0Ynk1NWJXeEFjbVZtY3k5b1pXRmtjeTlwYm5SdmRHOHRhMk5qCmJtTnVZVEl3TWpNdFpHVnRiekE0QmdvckJnRUVBWU8vTUFFS0JDb01LRFJsTURkaFptSmlNemRsTWpSa05USTQKTkdNeU1UWXpaak0yTUROa016YzBZVEE1TWpZNE9UQXdIUVlLS3dZQkJBR0R2ekFCQ3dRUERBMW5hWFJvZFdJdAphRzl6ZEdWa01FVUdDaXNHQVFRQmc3OHdBUXdFTnd3MWFIUjBjSE02THk5bmFYUm9kV0l1WTI5dEwyMWhjbU5sCmJHRnRaV3hoY21FdmNISnBkbUYwWlMxa1lYUmhMVzlpYW1WamRITXdPQVlLS3dZQkJBR0R2ekFCRFFRcURDZzAKWlRBM1lXWmlZak0zWlRJMFpEVXlPRFJqTWpFMk0yWXpOakF6WkRNM05HRXdPVEkyT0Rrd01ESUdDaXNHQVFRQgpnNzh3QVE0RUpBd2ljbVZtY3k5b1pXRmtjeTlwYm5SdmRHOHRhMk5qYm1OdVlUSXdNak10WkdWdGJ6QVpCZ29yCkJnRUVBWU8vTUFFUEJBc01DVEl6TmpVNU1qa3dPREF3QmdvckJnRUVBWU8vTUFFUUJDSU1JR2gwZEhCek9pOHYKWjJsMGFIVmlMbU52YlM5dFlYSmpaV3hoYldWc1lYSmhNQmdHQ2lzR0FRUUJnNzh3QVJFRUNnd0lPVE0zT1RjNApPVGd3Z1pnR0Npc0dBUVFCZzc4d0FSSUVnWWtNZ1lab2RIUndjem92TDJkcGRHaDFZaTVqYjIwdmJXRnlZMlZzCllXMWxiR0Z5WVM5d2NtbDJZWFJsTFdSaGRHRXRiMkpxWldOMGN5OHVaMmwwYUhWaUwzZHZjbXRtYkc5M2N5OXAKYm5SdmRHOHRhMk5qYm1OdVlUSXdNak10WkdWdGJ5NTViV3hBY21WbWN5OW9aV0ZrY3k5cGJuUnZkRzh0YTJOagpibU51WVRJd01qTXRaR1Z0YnpBNEJnb3JCZ0VFQVlPL01BRVRCQ29NS0RSbE1EZGhabUppTXpkbE1qUmtOVEk0Ck5HTXlNVFl6WmpNMk1ETmtNemMwWVRBNU1qWTRPVEF3RkFZS0t3WUJCQUdEdnpBQkZBUUdEQVJ3ZFhOb01HZ0cKQ2lzR0FRUUJnNzh3QVJVRVdneFlhSFIwY0hNNkx5OW5hWFJvZFdJdVkyOXRMMjFoY21ObGJHRnRaV3hoY21FdgpjSEpwZG1GMFpTMWtZWFJoTFc5aWFtVmpkSE12WVdOMGFXOXVjeTl5ZFc1ekx6WTNOREF4T0RVeE9Ea3ZZWFIwClpXMXdkSE12TWpBV0Jnb3JCZ0VFQVlPL01BRVdCQWdNQm5CMVlteHBZekNCaWdZS0t3WUJCQUhXZVFJRUFnUjgKQkhvQWVBQjJBTjA5TUdyR3h4RXlZeGtlSEpsbk53S2lTbDY0M2p5dC80ZUtjb0F2S2U2T0FBQUJpNWVPYjRnQQpBQVFEQUVjd1JRSWdLRkdGRDYzQUVNWWJaUnlUcmhCclFBd2UrK3BXMGRGLzFPSnhFUkVraUZRQ0lRQ1RnNHo4CmxKOU05N2d3eEhDTXFWYVlBSFlwcy9yY2FqemxBQnh4NFNwdGNEQUtCZ2dxaGtqT1BRUURBd05wQURCbUFqRUEKb3k1Z2JXY1pxQmtRNXBDSzZTNGQxaDRZZ3NUdER5Sk52RkhzNWRhMHF3enU2N0Q5bURTZ21PUFBabElCc0xJKwpBakVBdkp4RXMrY2I2VDR4OSs5ajBaOEg4bjM5ekVQa0VsOFZncHE2a2NOUWJRUDAvcXd3SnFla09Wb1ZaYytqCk1OUUcKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" - } -} - diff --git a/kccncna2023-demo/verification-flow.sh b/kccncna2023-demo/verification-flow.sh index 7e10ec0..64a48d8 100755 --- a/kccncna2023-demo/verification-flow.sh +++ b/kccncna2023-demo/verification-flow.sh @@ -1,19 +1,10 @@ printf "in-toto KubeCon + CloudNativeCon NA 2023 demo (verification flow only)\n\n" -# From: https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189/job/18354917647 -SLSA_UUID="24296fb24b8ad77ac67df9169ecdd6759b6894daeeafeb95e5398ad34e50418a1e94c6ae9cf7e7d0" +printf "DISCLAIMER: This verification flow is only for demo purposes.\n" +printf "A production verification flow includes retrieving and validating the identities/keys of attestation signers, which is not shown in this demo.\n\n" -# From: https://github.com/marcelamelara/private-data-objects/actions/runs/6740185189/job/18354917925 -SCAI_UUID="24296fb24b8ad77ab2803f68cbf3f73ef6d4c4a0dce5b13e0d86db9f9548fd77de522002a8a8c97c" +printf "Verifying ITE-10 Layout\n\n" +attestation-verifier --attestations-directory ./attestations --layout ./policies/layout.yml -printf "Retrieving transparency log entries from Rekor\n\n" -rekor-cli get --uuid $SLSA_UUID > tlog-entries/pdo_client_wawaka.provenance.json -rekor-cli get --uuid $SCAI_UUID > tlog-entries/pdo_client_wawaka.scai.json - -printf "Obtaining public keys Rekor log entries\n\n" -scai-gen rekor tlog-entries/pdo_client_wawaka.provenance.json > functionaries/slsa.cert.pem -#scai-gen rekor tlog-entries/pdo_client_wawaka.scai.json > functionaries/scai.cert.pem - -printf "Obtaining functionary info\n\n" -in-toto-golang key layout functionaries/slsa.cert.pem > functionaries/slsa.func -#in-toto-golang key layout functionaries/scai.cert.pem > functionaries/scai.func +printf "\nVerifying SCAI evidence\n\n" +scai-gen check evidence --policy-file ./policies/has-slsa.yml --evidence-dir ./evidence-files ./attestations/evidence-collection.1f575092.json diff --git a/scai-gen/cmd/rekor.go b/scai-gen/cmd/rekor.go index 452347f..3110b7e 100644 --- a/scai-gen/cmd/rekor.go +++ b/scai-gen/cmd/rekor.go @@ -9,6 +9,7 @@ import ( "os" "strings" + "github.com/in-toto/scai-demos/scai-gen/fileio" "github.com/spf13/cobra" ) @@ -19,7 +20,18 @@ var rekorCmd = &cobra.Command{ RunE: parseRekorEntry, } -func parseRekorEntry(cmd *cobra.Command, args []string) error { +func init() { + rekorCmd.Flags().StringVarP( + &outFile, + "out-file", + "o", + "", + "Filename to write out the JSON-encoded object", + ) + reportCmd.MarkFlagRequired("out-file") //nolint:errcheck +} + +func parseRekorEntry(_ *cobra.Command, args []string) error { fmt.Println("EXPERIMENTAL FEATURE. DO NOT USE IN PRODUCTION.") entryFile := args[0] @@ -49,9 +61,13 @@ func parseRekorEntry(cmd *cobra.Command, args []string) error { return fmt.Errorf("error decoding base64-encoded public key: %w", err) } - // lazy - fmt.Println(string(pkPem)) - return nil + // dedup + // ensure the out directory exists + if err = fileio.CreateOutDir(outFile); err != nil { + return fmt.Errorf("error creating output directory for file %s: %w", outFile, err) + } + + return os.WriteFile(outFile, pkPem, 0644) //nolint:gosec } } From 8fffd40f84a60209400f9dc2309c71bd38be9fc6 Mon Sep 17 00:00:00 2001 From: Marcela Melara Date: Tue, 16 Jan 2024 11:44:14 -0800 Subject: [PATCH 3/3] Remove experimental code for calls to Rekor Signed-off-by: Marcela Melara --- scai-gen/cmd/rekor.go | 75 ------------------------------------------- scai-gen/cmd/root.go | 1 - 2 files changed, 76 deletions(-) delete mode 100644 scai-gen/cmd/rekor.go diff --git a/scai-gen/cmd/rekor.go b/scai-gen/cmd/rekor.go deleted file mode 100644 index 3110b7e..0000000 --- a/scai-gen/cmd/rekor.go +++ /dev/null @@ -1,75 +0,0 @@ -// adapted from https://github.com/slsa-framework/slsa-github-generator/blob/main/signing/sigstore/fulcio.go -// and https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/generic/attest.go -package cmd - -import ( - "bufio" - "encoding/base64" - "fmt" - "os" - "strings" - - "github.com/in-toto/scai-demos/scai-gen/fileio" - "github.com/spf13/cobra" -) - -var rekorCmd = &cobra.Command{ - Use: "rekor", - Args: cobra.ExactArgs(1), - Short: "Parses a Rekor log entry to extract info needed to verify signed in-toto Attestations", - RunE: parseRekorEntry, -} - -func init() { - rekorCmd.Flags().StringVarP( - &outFile, - "out-file", - "o", - "", - "Filename to write out the JSON-encoded object", - ) - reportCmd.MarkFlagRequired("out-file") //nolint:errcheck -} - -func parseRekorEntry(_ *cobra.Command, args []string) error { - fmt.Println("EXPERIMENTAL FEATURE. DO NOT USE IN PRODUCTION.") - - entryFile := args[0] - readFile, err := os.Open(entryFile) - if err != nil { - return fmt.Errorf("error reading file: %w", err) - } - - fileScanner := bufio.NewScanner(readFile) - fileScanner.Split(bufio.ScanLines) - var fileLines [][]byte - - for fileScanner.Scan() { - fileLines = append(fileLines, fileScanner.Bytes()) - } - - readFile.Close() - - for _, line := range fileLines { - lineStr := string(line) - if strings.Contains(lineStr, "publicKey") { - pkB64Raw := strings.TrimPrefix(lineStr, " \"publicKey\": ") - pkB64 := strings.Trim(pkB64Raw, "\"") - - pkPem, err := base64.StdEncoding.DecodeString(pkB64) - if err != nil { - return fmt.Errorf("error decoding base64-encoded public key: %w", err) - } - - // dedup - // ensure the out directory exists - if err = fileio.CreateOutDir(outFile); err != nil { - return fmt.Errorf("error creating output directory for file %s: %w", outFile, err) - } - - return os.WriteFile(outFile, pkPem, 0644) //nolint:gosec - } - } - - return nil -} diff --git a/scai-gen/cmd/root.go b/scai-gen/cmd/root.go index bc04bd4..f606a75 100644 --- a/scai-gen/cmd/root.go +++ b/scai-gen/cmd/root.go @@ -23,7 +23,6 @@ func init() { rootCmd.AddCommand(reportCmd) rootCmd.AddCommand(checkCmd) rootCmd.AddCommand(sigstoreCmd) - rootCmd.AddCommand(rekorCmd) } // Execute adds all child commands to the root command and sets flags appropriately.