Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
backward compat verification tests (#611)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
- Loading branch information
Showing
10 changed files
with
422 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| --- | ||
| --- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| name: Backward compatibility | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| push: | ||
| branches: ['main'] | ||
| pull_request: | ||
| branches: ['main'] | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| jobs: | ||
| verify: | ||
| name: Verify bundles | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| steps: | ||
| - name: Checkout source | ||
| uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | ||
| - name: Setup node | ||
| uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3 | ||
| with: | ||
| node-version: 16 | ||
| cache: npm | ||
| - name: Install CLI | ||
| run: npm install -g @sigstore/cli | ||
| - name: Verify bundles | ||
| run: | | ||
| for FILE in ./tests/bundles/*.sigstore; do | ||
| echo "Verifying ${FILE}" | ||
| sigstore verify $FILE | ||
| done | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| { | ||
| "mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.1", | ||
| "verificationMaterial": { | ||
| "x509CertificateChain": { | ||
| "certificates": [ | ||
| { | ||
| "rawBytes": "MIIC0TCCAlagAwIBAgIUYG0krKfpxgAyiFfpGwom6ZV8gvswCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjMwNzEyMTU1MDQyWhcNMjMwNzEyMTYwMDQyWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEifn8JllWlUWlUli6XqP5lPKiNs3Gh40mU1u6MI3cNg4xG3l3lZfWFB04bkacXdZaADFnnllMDnvGUj0jkaWdpaOCAXUwggFxMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUjLkFXnek2A9PdnQKqI3XNJKI43QwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERYnJpYW5AZGVoYW1lci5jb20wLAYKKwYBBAGDvzABAQQeaHR0cHM6Ly9naXRodWIuY29tL2xvZ2luL29hdXRoMC4GCisGAQQBg78wAQgEIAweaHR0cHM6Ly9naXRodWIuY29tL2xvZ2luL29hdXRoMIGKBgorBgEEAdZ5AgQCBHwEegB4AHYA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGJSswvXwAABAMARzBFAiEAhh/6GJGYk7xVORx1s5EHuDF9YqjH6I6D/q9PvccrfOACIAF0zFTNe1LBvwujVioaHFR2Xc9XQ1jgwKvZuhzUNQgvMAoGCCqGSM49BAMDA2kAMGYCMQCgCdlw++FDjyodwJ+LZYv+Bf3yRgH36kUbiv1QbCdJuVw7vyuo7MjmLjaHpCWCte4CMQDky0srHP5MWIiDSEFJuAiCYBRf20OpqVbEiisko9p6E1NXQnFskzt8ZQOTObree7I=" | ||
| } | ||
| ] | ||
| }, | ||
| "tlogEntries": [ | ||
| { | ||
| "logIndex": "27246114", | ||
| "logId": { | ||
| "keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0=" | ||
| }, | ||
| "kindVersion": { | ||
| "kind": "dsse", | ||
| "version": "0.0.1" | ||
| }, | ||
| "integratedTime": "1689177043", | ||
| "inclusionPromise": { | ||
| "signedEntryTimestamp": "MEUCIF292CBa66jdVseZvEVmO8VpgSe1SPeSizw13890ozlmAiEAz6ayTafdD9By++sYcBBFBEVQwJ2b5kmuoWq+sfU/V0E=" | ||
| }, | ||
| "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiYzg4YWNmM2VlNGRiZWY2MzM1NjY2YjE1OWU5NmM4MDJhYmI4ZTEwMTExZGZkMmFkYzhlMDJjZjE3NjBiNzA4YyJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6IjlkMGU3OTUyNmVhYzQ1ZTE0YmEzMzBlMTdmNzIwMDUzMWFjOWRkZmMyMGFkYTc0NDQzYjM2ZDYwNDI5MmUzMGMifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVZQ0lRRGNqY29ZelltYlRFNHNMMWVnck9BQ3dZUG9lbTg0cHlnRS9Jc1B0MElDQ0FJaEFQVHpvcE9jTzJkQUF3N2V0NnQyRkU1UXljbENLdy80UjIyeXd5cTRDM1M3IiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VNd1ZFTkRRV3hoWjBGM1NVSkJaMGxWV1Vjd2EzSkxabkI0WjBGNWFVWm1jRWQzYjIwMldsWTRaM1p6ZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwTmQwNTZSWGxOVkZVeFRVUlJlVmRvWTA1TmFrMTNUbnBGZVUxVVdYZE5SRkY1VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVnBabTQ0U214c1YyeFZWMnhWYkdrMldIRlFOV3hRUzJsT2N6TkhhRFF3YlZVeGRUWUtUVWt6WTA1bk5IaEhNMnd6YkZwbVYwWkNNRFJpYTJGaldHUmFZVUZFUm01dWJHeE5SRzUyUjFWcU1HcHJZVmRrY0dGUFEwRllWWGRuWjBaNFRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVnFUR3RHQ2xodVpXc3lRVGxRWkc1UlMzRkpNMWhPU2t0Sk5ETlJkMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMGgzV1VSV1VqQlNRVkZJTDBKQ1ZYZEZORVZTV1c1S2NGbFhOVUZhUjFadldWY3hiR05wTldwaU1qQjNURUZaUzB0M1dVSkNRVWRFZG5wQlFncEJVVkZsWVVoU01HTklUVFpNZVRsdVlWaFNiMlJYU1hWWk1qbDBUREo0ZGxveWJIVk1NamxvWkZoU2IwMURORWREYVhOSFFWRlJRbWMzT0hkQlVXZEZDa2xCZDJWaFNGSXdZMGhOTmt4NU9XNWhXRkp2WkZkSmRWa3lPWFJNTW5oMldqSnNkVXd5T1doa1dGSnZUVWxIUzBKbmIzSkNaMFZGUVdSYU5VRm5VVU1LUWtoM1JXVm5RalJCU0ZsQk0xUXdkMkZ6WWtoRlZFcHFSMUkwWTIxWFl6TkJjVXBMV0hKcVpWQkxNeTlvTkhCNVowTTRjRGR2TkVGQlFVZEtVM04zZGdwWWQwRkJRa0ZOUVZKNlFrWkJhVVZCYUdndk5rZEtSMWxyTjNoV1QxSjRNWE0xUlVoMVJFWTVXWEZxU0RaSk5rUXZjVGxRZG1OamNtWlBRVU5KUVVZd0NucEdWRTVsTVV4Q2RuZDFhbFpwYjJGSVJsSXlXR001V0ZFeGFtZDNTM1phZFdoNlZVNVJaM1pOUVc5SFEwTnhSMU5OTkRsQ1FVMUVRVEpyUVUxSFdVTUtUVkZEWjBOa2JIY3JLMFpFYW5sdlpIZEtLMHhhV1hZclFtWXplVkpuU0RNMmExVmlhWFl4VVdKRFpFcDFWbmMzZG5sMWJ6ZE5hbTFNYW1GSWNFTlhRd3AwWlRSRFRWRkVhM2t3YzNKSVVEVk5WMGxwUkZORlJrcDFRV2xEV1VKU1pqSXdUM0J4Vm1KRmFXbHphMjg1Y0RaRk1VNVlVVzVHYzJ0NmREaGFVVTlVQ2s5aWNtVmxOMGs5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIn1dfX0=" | ||
| } | ||
| ] | ||
| }, | ||
| "dsseEnvelope": { | ||
| "payload": "ewogICJfdHlwZSI6ICJodHRwczovL2luLXRvdG8uaW8vU3RhdGVtZW50L3YwLjEiLAogICJzdWJqZWN0IjogWwogICAgewogICAgICAibmFtZSI6ICJwa2c6bnBtL3NpZ3N0b3JlQDEuMC4wIiwKICAgICAgImRpZ2VzdCI6IHsKICAgICAgICAic2hhNTEyIjogIjdiZWE5ZjZlN2ZmMzdmNWZhYjBiMzZiZjA2MTIwMGZmZjAzMDk5ZmQyZmQ2OTZiOTFkMDRiYzVlNGYyMjVlYjlmZDZlMGNhZGNhZDU0YmE5ODBmNDNmYjM1MmE5OWU4ODEwYjRlMGFiZWI1YzBlZjJjZjkxMDhjZDFmMjU4YjM2IgogICAgICB9CiAgICB9CiAgXSwKICAicHJlZGljYXRlVHlwZSI6ICJodHRwczovL2dpdGh1Yi5jb20vbnBtL2F0dGVzdGF0aW9uL3RyZWUvbWFpbi9zcGVjcy9wdWJsaXNoL3YwLjEiLAogICJwcmVkaWNhdGUiOiB7CiAgICAibmFtZSI6ICJzaWdzdG9yZSIsCiAgICAidmVyc2lvbiI6ICIxLjAuMCIsCiAgICAicmVnaXN0cnkiOiAiaHR0cHM6Ly9yZWdpc3RyeS5ucG1qcy5vcmciCiAgfQp9Cg==", | ||
| "payloadType": "application/vnd.in-toto+json", | ||
| "signatures": [ | ||
| { | ||
| "sig": "MEYCIQDcjcoYzYmbTE4sL1egrOACwYPoem84pygE/IsPt0ICCAIhAPTzopOcO2dAAw7et6t2FE5QyclCKw/4R22ywyq4C3S7", | ||
| "keyid": "" | ||
| } | ||
| ] | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| { | ||
| "mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.1", | ||
| "verificationMaterial": { | ||
| "x509CertificateChain": { | ||
| "certificates": [ | ||
| { | ||
| "rawBytes": "MIIC0TCCAlagAwIBAgIUYG0krKfpxgAyiFfpGwom6ZV8gvswCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjMwNzEyMTU1MDQyWhcNMjMwNzEyMTYwMDQyWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEifn8JllWlUWlUli6XqP5lPKiNs3Gh40mU1u6MI3cNg4xG3l3lZfWFB04bkacXdZaADFnnllMDnvGUj0jkaWdpaOCAXUwggFxMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUjLkFXnek2A9PdnQKqI3XNJKI43QwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERYnJpYW5AZGVoYW1lci5jb20wLAYKKwYBBAGDvzABAQQeaHR0cHM6Ly9naXRodWIuY29tL2xvZ2luL29hdXRoMC4GCisGAQQBg78wAQgEIAweaHR0cHM6Ly9naXRodWIuY29tL2xvZ2luL29hdXRoMIGKBgorBgEEAdZ5AgQCBHwEegB4AHYA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGJSswvXwAABAMARzBFAiEAhh/6GJGYk7xVORx1s5EHuDF9YqjH6I6D/q9PvccrfOACIAF0zFTNe1LBvwujVioaHFR2Xc9XQ1jgwKvZuhzUNQgvMAoGCCqGSM49BAMDA2kAMGYCMQCgCdlw++FDjyodwJ+LZYv+Bf3yRgH36kUbiv1QbCdJuVw7vyuo7MjmLjaHpCWCte4CMQDky0srHP5MWIiDSEFJuAiCYBRf20OpqVbEiisko9p6E1NXQnFskzt8ZQOTObree7I=" | ||
| } | ||
| ] | ||
| }, | ||
| "tlogEntries": [ | ||
| { | ||
| "logIndex": "27246114", | ||
| "logId": { | ||
| "keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0=" | ||
| }, | ||
| "kindVersion": { | ||
| "kind": "dsse", | ||
| "version": "0.0.1" | ||
| }, | ||
| "integratedTime": "1689177043", | ||
| "inclusionPromise": { | ||
| "signedEntryTimestamp": "MEUCIF292CBa66jdVseZvEVmO8VpgSe1SPeSizw13890ozlmAiEAz6ayTafdD9By++sYcBBFBEVQwJ2b5kmuoWq+sfU/V0E=" | ||
| }, | ||
| "inclusionProof": { | ||
| "logIndex": "23082683", | ||
| "rootHash": "sY0DimUshCKvflFaqc4Kr0PNN6BBQaYzzHL3TBTDag8=", | ||
| "treeSize": "23082684", | ||
| "hashes": [ | ||
| "KTbwzBoZe6q3OtIjJVMDCX+ZubLF+h/oHR5nbSp/4XI=", | ||
| "W9kkikG+gMFBzNMBUmOvLoPAK9VBqfQJk6O3eABo/30=", | ||
| "o5bI718daK97sBtRS8YkTAUG1QCFqV6cEJxBLdO7qTo=", | ||
| "KsshcwGDtAMjwqXbXXoYOTexY+VRZH76vhE7UcmGZSU=", | ||
| "8X+AhH730I4ZwMJ2Ok5/jFgivBMb4LaJSZTFVNWFJsw=", | ||
| "Rc+Zrk5QhEjxEEhU5ZIWXxjKIfjgLPfmgaHgFcS9XVQ=", | ||
| "KogUJLvpcmdXfimriOQJFqUyHC8XqQopa5Nqgy2ljgM=", | ||
| "sG02NqDDd/scA9/gbZLYrDW659guUUf/7hAKDbb6ElY=", | ||
| "Hj0TEef/bwMHB10DPoFLu5+RSLTGJ5YRaQWqwwVIp0s=", | ||
| "aRtyVlt3GYDP4qaYrEAWqiGqcYDELxyk7Fl3icGXOoA=", | ||
| "ZdynT2d4F3NFQNBurFDaZBoYMVRjbQjlTnSL1hL67+s=", | ||
| "3VHoQOiS1wCTrX4dseLeo9UDNMc0XTYORE0i/Entn14=", | ||
| "rXEsmEJN4PEoTU8US4qVtdIsGB1MCiRlGOepoiC99kM=" | ||
| ], | ||
| "checkpoint": { | ||
| "envelope": "rekor.sigstore.dev - 2605736670972794746\n23082684\nsY0DimUshCKvflFaqc4Kr0PNN6BBQaYzzHL3TBTDag8=\nTimestamp: 1689177043498794794\n\n— rekor.sigstore.dev wNI9ajBGAiEAzRXIvYCfivN0Q2TpTfIYffpMK9kOBUfUY5yzgJODmDICIQDcbD3uMeDvwXVioehKzQal4t9cMHT1o+rEMBmePIkkuA==\n" | ||
| } | ||
| }, | ||
| "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiYzg4YWNmM2VlNGRiZWY2MzM1NjY2YjE1OWU5NmM4MDJhYmI4ZTEwMTExZGZkMmFkYzhlMDJjZjE3NjBiNzA4YyJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6IjlkMGU3OTUyNmVhYzQ1ZTE0YmEzMzBlMTdmNzIwMDUzMWFjOWRkZmMyMGFkYTc0NDQzYjM2ZDYwNDI5MmUzMGMifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVZQ0lRRGNqY29ZelltYlRFNHNMMWVnck9BQ3dZUG9lbTg0cHlnRS9Jc1B0MElDQ0FJaEFQVHpvcE9jTzJkQUF3N2V0NnQyRkU1UXljbENLdy80UjIyeXd5cTRDM1M3IiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VNd1ZFTkRRV3hoWjBGM1NVSkJaMGxWV1Vjd2EzSkxabkI0WjBGNWFVWm1jRWQzYjIwMldsWTRaM1p6ZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwTmQwNTZSWGxOVkZVeFRVUlJlVmRvWTA1TmFrMTNUbnBGZVUxVVdYZE5SRkY1VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVnBabTQ0U214c1YyeFZWMnhWYkdrMldIRlFOV3hRUzJsT2N6TkhhRFF3YlZVeGRUWUtUVWt6WTA1bk5IaEhNMnd6YkZwbVYwWkNNRFJpYTJGaldHUmFZVUZFUm01dWJHeE5SRzUyUjFWcU1HcHJZVmRrY0dGUFEwRllWWGRuWjBaNFRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVnFUR3RHQ2xodVpXc3lRVGxRWkc1UlMzRkpNMWhPU2t0Sk5ETlJkMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMGgzV1VSV1VqQlNRVkZJTDBKQ1ZYZEZORVZTV1c1S2NGbFhOVUZhUjFadldWY3hiR05wTldwaU1qQjNURUZaUzB0M1dVSkNRVWRFZG5wQlFncEJVVkZsWVVoU01HTklUVFpNZVRsdVlWaFNiMlJYU1hWWk1qbDBUREo0ZGxveWJIVk1NamxvWkZoU2IwMURORWREYVhOSFFWRlJRbWMzT0hkQlVXZEZDa2xCZDJWaFNGSXdZMGhOTmt4NU9XNWhXRkp2WkZkSmRWa3lPWFJNTW5oMldqSnNkVXd5T1doa1dGSnZUVWxIUzBKbmIzSkNaMFZGUVdSYU5VRm5VVU1LUWtoM1JXVm5RalJCU0ZsQk0xUXdkMkZ6WWtoRlZFcHFSMUkwWTIxWFl6TkJjVXBMV0hKcVpWQkxNeTlvTkhCNVowTTRjRGR2TkVGQlFVZEtVM04zZGdwWWQwRkJRa0ZOUVZKNlFrWkJhVVZCYUdndk5rZEtSMWxyTjNoV1QxSjRNWE0xUlVoMVJFWTVXWEZxU0RaSk5rUXZjVGxRZG1OamNtWlBRVU5KUVVZd0NucEdWRTVsTVV4Q2RuZDFhbFpwYjJGSVJsSXlXR001V0ZFeGFtZDNTM1phZFdoNlZVNVJaM1pOUVc5SFEwTnhSMU5OTkRsQ1FVMUVRVEpyUVUxSFdVTUtUVkZEWjBOa2JIY3JLMFpFYW5sdlpIZEtLMHhhV1hZclFtWXplVkpuU0RNMmExVmlhWFl4VVdKRFpFcDFWbmMzZG5sMWJ6ZE5hbTFNYW1GSWNFTlhRd3AwWlRSRFRWRkVhM2t3YzNKSVVEVk5WMGxwUkZORlJrcDFRV2xEV1VKU1pqSXdUM0J4Vm1KRmFXbHphMjg1Y0RaRk1VNVlVVzVHYzJ0NmREaGFVVTlVQ2s5aWNtVmxOMGs5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIn1dfX0=" | ||
| } | ||
| ] | ||
| }, | ||
| "dsseEnvelope": { | ||
| "payload": "ewogICJfdHlwZSI6ICJodHRwczovL2luLXRvdG8uaW8vU3RhdGVtZW50L3YwLjEiLAogICJzdWJqZWN0IjogWwogICAgewogICAgICAibmFtZSI6ICJwa2c6bnBtL3NpZ3N0b3JlQDEuMC4wIiwKICAgICAgImRpZ2VzdCI6IHsKICAgICAgICAic2hhNTEyIjogIjdiZWE5ZjZlN2ZmMzdmNWZhYjBiMzZiZjA2MTIwMGZmZjAzMDk5ZmQyZmQ2OTZiOTFkMDRiYzVlNGYyMjVlYjlmZDZlMGNhZGNhZDU0YmE5ODBmNDNmYjM1MmE5OWU4ODEwYjRlMGFiZWI1YzBlZjJjZjkxMDhjZDFmMjU4YjM2IgogICAgICB9CiAgICB9CiAgXSwKICAicHJlZGljYXRlVHlwZSI6ICJodHRwczovL2dpdGh1Yi5jb20vbnBtL2F0dGVzdGF0aW9uL3RyZWUvbWFpbi9zcGVjcy9wdWJsaXNoL3YwLjEiLAogICJwcmVkaWNhdGUiOiB7CiAgICAibmFtZSI6ICJzaWdzdG9yZSIsCiAgICAidmVyc2lvbiI6ICIxLjAuMCIsCiAgICAicmVnaXN0cnkiOiAiaHR0cHM6Ly9yZWdpc3RyeS5ucG1qcy5vcmciCiAgfQp9Cg==", | ||
| "payloadType": "application/vnd.in-toto+json", | ||
| "signatures": [ | ||
| { | ||
| "sig": "MEYCIQDcjcoYzYmbTE4sL1egrOACwYPoem84pygE/IsPt0ICCAIhAPTzopOcO2dAAw7et6t2FE5QyclCKw/4R22ywyq4C3S7", | ||
| "keyid": "" | ||
| } | ||
| ] | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| { | ||
| "mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.1", | ||
| "verificationMaterial": { | ||
| "x509CertificateChain": { | ||
| "certificates": [ | ||
| { | ||
| "rawBytes": "MIIC0DCCAlagAwIBAgIUcwS7EJUkkJRLXtp09HFl9aI4AFgwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjMwNzEyMTUzNDM3WhcNMjMwNzEyMTU0NDM3WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEW09Yp91u7xbv3KXIz65HS/jIVYmrw6N3bvp5La+XnF2ckwYZRNsxtBUtzNcy+h8IfACHNI/12Pv1hFNB20fQt6OCAXUwggFxMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUbczo/Gy7WrBpcumsA1Nj5qwx+30wHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERYnJpYW5AZGVoYW1lci5jb20wLAYKKwYBBAGDvzABAQQeaHR0cHM6Ly9naXRodWIuY29tL2xvZ2luL29hdXRoMC4GCisGAQQBg78wAQgEIAweaHR0cHM6Ly9naXRodWIuY29tL2xvZ2luL29hdXRoMIGKBgorBgEEAdZ5AgQCBHwEegB4AHYA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGJSr11AQAABAMARzBFAiEAl6IfHFtfVsRzhwCNbugBfTSFfdJNMwo6aLExH7NHcPwCIFjemoA2owdNBfc71JxSkYHvI5GNk1PHN8Ail5X2jV/sMAoGCCqGSM49BAMDA2gAMGUCMQDirqxh+AIE63+n3aliZcoqVcdYZ8FNjF+yb0p2ayXy17I/aTMd4ixV50gbiSCP1wUCMDFraT5wlzCNwtkUPkXrR6JqR62ySsk2x9X+1CbxYDD+MZjsL8qDC76PCEgS4DVGFw==" | ||
| }, | ||
| { | ||
| "rawBytes": "MIICGjCCAaGgAwIBAgIUALnViVfnU0brJasmRkHrn/UnfaQwCgYIKoZIzj0EAwMwKjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTAeFw0yMjA0MTMyMDA2MTVaFw0zMTEwMDUxMzU2NThaMDcxFTATBgNVBAoTDHNpZ3N0b3JlLmRldjEeMBwGA1UEAxMVc2lnc3RvcmUtaW50ZXJtZWRpYXRlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8RVS/ysH+NOvuDZyPIZtilgUF9NlarYpAd9HP1vBBH1U5CV77LSS7s0ZiH4nE7Hv7ptS6LvvR/STk798LVgMzLlJ4HeIfF3tHSaexLcYpSASr1kS0N/RgBJz/9jWCiXno3sweTAOBgNVHQ8BAf8EBAMCAQYwEwYDVR0lBAwwCgYIKwYBBQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0jBBgwFoAUWMAeX5FFpWapesyQoZMi0CrFxfowCgYIKoZIzj0EAwMDZwAwZAIwPCsQK4DYiZYDPIaDi5HFKnfxXx6ASSVmERfsynYBiX2X6SJRnZU84/9DZdnFvvxmAjBOt6QpBlc4J/0DxvkTCqpclvziL6BCCPnjdlIB3Pu3BxsPmygUY7Ii2zbdCdliiow=" | ||
| }, | ||
| { | ||
| "rawBytes": "MIIB9zCCAXygAwIBAgIUALZNAPFdxHPwjeDloDwyYChAO/4wCgYIKoZIzj0EAwMwKjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTAeFw0yMTEwMDcxMzU2NTlaFw0zMTEwMDUxMzU2NThaMCoxFTATBgNVBAoTDHNpZ3N0b3JlLmRldjERMA8GA1UEAxMIc2lnc3RvcmUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT7XeFT4rb3PQGwS4IajtLk3/OlnpgangaBclYpsYBr5i+4ynB07ceb3LP0OIOZdxexX69c5iVuyJRQ+Hz05yi+UF3uBWAlHpiS5sh0+H2GHE7SXrk1EC5m1Tr19L9gg92jYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRYwB5fkUWlZql6zJChkyLQKsXF+jAfBgNVHSMEGDAWgBRYwB5fkUWlZql6zJChkyLQKsXF+jAKBggqhkjOPQQDAwNpADBmAjEAj1nHeXZp+13NWBNa+EDsDP8G1WWg1tCMWP/WHPqpaVo0jhsweNFZgSs0eE7wYI4qAjEA2WB9ot98sIkoF3vZYdd3/VtWB5b9TNMea7Ix/stJ5TfcLLeABLE4BNJOsQ4vnBHJ" | ||
| } | ||
| ] | ||
| }, | ||
| "tlogEntries": [ | ||
| { | ||
| "logIndex": "27244980", | ||
| "logId": { | ||
| "keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0=" | ||
| }, | ||
| "kindVersion": { | ||
| "kind": "intoto", | ||
| "version": "0.0.2" | ||
| }, | ||
| "integratedTime": "1689176078", | ||
| "inclusionPromise": { | ||
| "signedEntryTimestamp": "MEUCID4z8rSAlY4afNX+wLH9zCcOoDReZDiXmToA4DCRRelqAiEAjn91T5cguMNkO3Vp2eHAHI850ul/P7Dq4FQr2wnrTAw=" | ||
| }, | ||
| "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjIiLCJraW5kIjoiaW50b3RvIiwic3BlYyI6eyJjb250ZW50Ijp7ImVudmVsb3BlIjp7InBheWxvYWRUeXBlIjoiYXBwbGljYXRpb24vdm5kLmluLXRvdG8ranNvbiIsInNpZ25hdHVyZXMiOlt7InB1YmxpY0tleSI6IkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVU13UkVORFFXeGhaMEYzU1VKQlowbFZZM2RUTjBWS1ZXdHJTbEpNV0hSd01EbElSbXc1WVVrMFFVWm5kME5uV1VsTGIxcEplbW93UlVGM1RYY0tUbnBGVmsxQ1RVZEJNVlZGUTJoTlRXTXliRzVqTTFKMlkyMVZkVnBIVmpKTlVqUjNTRUZaUkZaUlVVUkZlRlo2WVZka2VtUkhPWGxhVXpGd1ltNVNiQXBqYlRGc1drZHNhR1JIVlhkSWFHTk9UV3BOZDA1NlJYbE5WRlY2VGtSTk0xZG9ZMDVOYWsxM1RucEZlVTFVVlRCT1JFMHpWMnBCUVUxR2EzZEZkMWxJQ2t0dldrbDZhakJEUVZGWlNVdHZXa2w2YWpCRVFWRmpSRkZuUVVWWE1EbFpjRGt4ZFRkNFluWXpTMWhKZWpZMVNGTXZha2xXV1cxeWR6Wk9NMkoyY0RVS1RHRXJXRzVHTW1OcmQxbGFVazV6ZUhSQ1ZYUjZUbU41SzJnNFNXWkJRMGhPU1M4eE1sQjJNV2hHVGtJeU1HWlJkRFpQUTBGWVZYZG5aMFo0VFVFMFJ3cEJNVlZrUkhkRlFpOTNVVVZCZDBsSVowUkJWRUpuVGxaSVUxVkZSRVJCUzBKblozSkNaMFZHUWxGalJFRjZRV1JDWjA1V1NGRTBSVVpuVVZWaVkzcHZDaTlIZVRkWGNrSndZM1Z0YzBFeFRtbzFjWGQ0S3pNd2QwaDNXVVJXVWpCcVFrSm5kMFp2UVZVek9WQndlakZaYTBWYVlqVnhUbXB3UzBaWGFYaHBORmtLV2tRNGQwaDNXVVJXVWpCU1FWRklMMEpDVlhkRk5FVlNXVzVLY0ZsWE5VRmFSMVp2V1ZjeGJHTnBOV3BpTWpCM1RFRlpTMHQzV1VKQ1FVZEVkbnBCUWdwQlVWRmxZVWhTTUdOSVRUWk1lVGx1WVZoU2IyUlhTWFZaTWpsMFRESjRkbG95YkhWTU1qbG9aRmhTYjAxRE5FZERhWE5IUVZGUlFtYzNPSGRCVVdkRkNrbEJkMlZoU0ZJd1kwaE5Oa3g1T1c1aFdGSnZaRmRKZFZreU9YUk1NbmgyV2pKc2RVd3lPV2hrV0ZKdlRVbEhTMEpuYjNKQ1owVkZRV1JhTlVGblVVTUtRa2gzUldWblFqUkJTRmxCTTFRd2QyRnpZa2hGVkVwcVIxSTBZMjFYWXpOQmNVcExXSEpxWlZCTE15OW9OSEI1WjBNNGNEZHZORUZCUVVkS1UzSXhNUXBCVVVGQlFrRk5RVko2UWtaQmFVVkJiRFpKWmtoR2RHWldjMUo2YUhkRFRtSjFaMEptVkZOR1ptUktUazEzYnpaaFRFVjRTRGRPU0dOUWQwTkpSbXBsQ20xdlFUSnZkMlJPUW1aak56RktlRk5yV1VoMlNUVkhUbXN4VUVoT09FRnBiRFZZTW1wV0wzTk5RVzlIUTBOeFIxTk5ORGxDUVUxRVFUSm5RVTFIVlVNS1RWRkVhWEp4ZUdnclFVbEZOak1yYmpOaGJHbGFZMjl4Vm1Oa1dWbzRSazVxUml0NVlqQndNbUY1V0hreE4wa3ZZVlJOWkRScGVGWTFNR2RpYVZORFVBb3hkMVZEVFVSR2NtRlVOWGRzZWtOT2QzUnJWVkJyV0hKU05rcHhVall5ZVZOemF6SjRPVmdyTVVOaWVGbEVSQ3ROV21welREaHhSRU0zTmxCRFJXZFRDalJFVmtkR2R6MDlDaTB0TFMwdFJVNUVJRU5GVWxSSlJrbERRVlJGTFMwdExTMD0iLCJzaWciOiJUVVZWUTBsUlJERjFVV0ZNYzBOUGVrVjFaR2RYWkVWa1MzbGxaVVUxV1RrMk5tdHBWMmRETm5GVVZrVmpUMnd6WmtGSlowUk9RbWh4WmxkcGNGaHlNMVlyT1RsU2ExVkNNa0kyTWxWc1lqZHZkVE5ZYkU1T1dUbFFhM0l4U1VrOSJ9XX0sImhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJkNGJlNGVlZjVhY2ZhZjQ0NGYyMGFmNjIyMTA0Njk5ZWU0ODQ1MzIxMTdiOGFlZDBhYTBiNDRkY2ViNjEyY2UyIn0sInBheWxvYWRIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiOWQwZTc5NTI2ZWFjNDVlMTRiYTMzMGUxN2Y3MjAwNTMxYWM5ZGRmYzIwYWRhNzQ0NDNiMzZkNjA0MjkyZTMwYyJ9fX19" | ||
| } | ||
| ] | ||
| }, | ||
| "dsseEnvelope": { | ||
| "payload": "ewogICJfdHlwZSI6ICJodHRwczovL2luLXRvdG8uaW8vU3RhdGVtZW50L3YwLjEiLAogICJzdWJqZWN0IjogWwogICAgewogICAgICAibmFtZSI6ICJwa2c6bnBtL3NpZ3N0b3JlQDEuMC4wIiwKICAgICAgImRpZ2VzdCI6IHsKICAgICAgICAic2hhNTEyIjogIjdiZWE5ZjZlN2ZmMzdmNWZhYjBiMzZiZjA2MTIwMGZmZjAzMDk5ZmQyZmQ2OTZiOTFkMDRiYzVlNGYyMjVlYjlmZDZlMGNhZGNhZDU0YmE5ODBmNDNmYjM1MmE5OWU4ODEwYjRlMGFiZWI1YzBlZjJjZjkxMDhjZDFmMjU4YjM2IgogICAgICB9CiAgICB9CiAgXSwKICAicHJlZGljYXRlVHlwZSI6ICJodHRwczovL2dpdGh1Yi5jb20vbnBtL2F0dGVzdGF0aW9uL3RyZWUvbWFpbi9zcGVjcy9wdWJsaXNoL3YwLjEiLAogICJwcmVkaWNhdGUiOiB7CiAgICAibmFtZSI6ICJzaWdzdG9yZSIsCiAgICAidmVyc2lvbiI6ICIxLjAuMCIsCiAgICAicmVnaXN0cnkiOiAiaHR0cHM6Ly9yZWdpc3RyeS5ucG1qcy5vcmciCiAgfQp9Cg==", | ||
| "payloadType": "application/vnd.in-toto+json", | ||
| "signatures": [ | ||
| { | ||
| "sig": "MEUCIQD1uQaLsCOzEudgWdEdKyeeE5Y966kiWgC6qTVEcOl3fAIgDNBhqfWipXr3V+99RkUB2B62Ulb7ou3XlNNY9Pkr1II=", | ||
| "keyid": "" | ||
| } | ||
| ] | ||
| } | ||
| } |
Oops, something went wrong.