diff --git a/src/trust/sigstore/mod.rs b/src/trust/sigstore/mod.rs index b4a27d1712..81954a9891 100644 --- a/src/trust/sigstore/mod.rs +++ b/src/trust/sigstore/mod.rs @@ -61,8 +61,21 @@ pub struct SigstoreTrustRoot { } impl SigstoreTrustRoot { - /// Constructs a new trust repository established by a [tough::Repository]. - pub async fn new(checkout_dir: Option) -> Result { + /// Constructs a new trust root from a [`tough::Repository`]. + async fn from_tough( + repository: &tough::Repository, + checkout_dir: Option, + ) -> Result { + let trusted_root = { + let data = Self::fetch_target(&repository, &checkout_dir, "trusted_root.json").await?; + serde_json::from_slice(&data[..])? + }; + + Ok(Self { trusted_root }) + } + + /// Constructs a new trust root backed by the Sigstore Public Good Instance. + pub async fn new(cache_dir: Option) -> Result { // These are statically defined and should always parse correctly. let metadata_base = url::Url::parse(constants::SIGSTORE_METADATA_BASE)?; let target_base = url::Url::parse(constants::SIGSTORE_TARGET_BASE)?; @@ -77,12 +90,7 @@ impl SigstoreTrustRoot { .await .map_err(Box::new)?; - let trusted_root = { - let data = Self::fetch_target(&repository, &checkout_dir, "trusted_root.json").await?; - serde_json::from_slice(&data[..])? - }; - - Ok(Self { trusted_root }) + Self::from_tough(&repository, cache_dir).await } async fn fetch_target( @@ -242,3 +250,130 @@ fn is_timerange_valid(range: Option<&TimeRange>, allow_expired: bool) -> bool { (_, Some(end)) => now <= end, } } + +#[cfg(test)] +mod tests { + use super::*; + use std::fs; + use std::path::Path; + use std::time::SystemTime; + use tempfile::TempDir; + + fn verify(root: &SigstoreTrustRoot, cache_dir: Option<&Path>) { + if let Some(cache_dir) = cache_dir { + assert!( + cache_dir.join("trusted_root.json").exists(), + "the trusted root was not cached" + ); + } + + assert!( + root.fulcio_certs().is_ok_and(|v| !v.is_empty()), + "no Fulcio certs established" + ); + assert!( + root.rekor_keys().is_ok_and(|v| !v.is_empty()), + "no Rekor keys established" + ); + assert!( + root.ctfe_keys().is_ok_and(|v| !v.is_empty()), + "no CTFE keys established" + ); + } + + macro_rules! impl_test { + ($name:ident, cache=$cache:literal $(,setup=$setup:expr)? $(,verify=$verify:expr)?) => { + #[test] + fn $name() -> Result<()> { + let rt = tokio::runtime::Builder::new_current_thread() + .enable_all() + .build()?; + + let cache_dir = if $cache { + let tmp = TempDir::new().expect("cannot create temp cache dir"); + Some(tmp.into_path()) + } else { + None + }; + let cache_dir_borrowed = cache_dir.as_ref().map(|p| p.as_path()); + + $( + $setup(cache_dir_borrowed); + )? + + let root = rt + .block_on(SigstoreTrustRoot::new(cache_dir.clone())) + .expect("failed to create trust root"); + + verify(&root, cache_dir_borrowed); + + $($verify(&root, cache_dir_borrowed);)? + + Ok(()) + } + } + } + + impl_test!(no_local_cache, cache = false); + impl_test!( + current_local_cache, + cache = true, + verify = |_, cache_dir: Option<&Path>| { + assert!( + cache_dir.unwrap().join("trusted_root.json").exists(), + "TUF cache was requested but not used" + ); + } + ); + impl_test!( + outdated_local_cache, + cache = true, + setup = |cache_dir: Option<&Path>| { + fs::write( + cache_dir.unwrap().join("trusted_root.json"), + b"fake trusted root", + ) + .expect("cannot write file to cache dir"); + }, + verify = |_, cache_dir: Option<&Path>| { + let data = fs::read(cache_dir.unwrap().join("trusted_root.json")) + .expect("cannot read trusted_root.json from cache"); + + assert_ne!( + data, b"fake trusted root", + "TUF cache was not properly updated" + ); + } + ); + + #[test] + fn test_is_timerange_valid() { + fn range_from(start: i64, end: i64) -> TimeRange { + let base = chrono::Utc::now(); + let start: SystemTime = (base + chrono::TimeDelta::seconds(start)).into(); + let end: SystemTime = (base + chrono::TimeDelta::seconds(end)).into(); + + TimeRange { + start: Some(start.into()), + end: Some(end.into()), + } + } + + assert!(is_timerange_valid(None, true)); + assert!(is_timerange_valid(None, false)); + + // Test lower bound conditions + + // Valid: 1 ago, 1 from now + assert!(is_timerange_valid(Some(&range_from(-1, 1)), false)); + // Invalid: 1 from now, 1 from now + assert!(!is_timerange_valid(Some(&range_from(1, 1)), false)); + + // Test upper bound conditions + + // Invalid: 1 ago, 1 ago + assert!(!is_timerange_valid(Some(&range_from(-1, -1)), false)); + // Valid: 1 ago, 1 ago + assert!(is_timerange_valid(Some(&range_from(-1, -1)), true)) + } +} diff --git a/tests/data/repository/1.registry.npmjs.org.json b/tests/data/repository/1.registry.npmjs.org.json deleted file mode 100644 index 1c8ec2165b..0000000000 --- a/tests/data/repository/1.registry.npmjs.org.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "signed": { - "_type": "targets", - "spec_version": "1.0", - "version": 1, - "expires": "2024-09-29T16:47:20Z", - "targets": { - "registry.npmjs.org/keys.json": { - "length": 1017, - "hashes": { - "sha256": "7a8ec9678ad824cdccaa7a6dc0961caf8f8df61bc7274189122c123446248426", - "sha512": "881a853ee92d8cf513b07c164fea36b22a7305c256125bdfffdc5c65a4205c4c3fc2b5bcc98964349167ea68d40b8cd02551fcaa870a30d4601ba1caf6f63699" - } - } - } - }, - "signatures": [ - { - "keyid": "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600", - "sig": "3044022059bf01a64dd2793d5b630e26d7b6e455b0d6d8b47c23049ae856a122e5cec2ab022068b99b8bb39457e53d500f698cb43f9e640958ed26e5d3a47c29619df61889bc" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/1.root.json b/tests/data/repository/1.root.json deleted file mode 100644 index 4ca0da87fe..0000000000 --- a/tests/data/repository/1.root.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "signed": { - "_type": "root", - "spec_version": "1.0", - "version": 1, - "expires": "2024-09-29T16:47:17Z", - "keys": { - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXMZ7rD8tWDE4lK/+naJN7INMxNC7\nbMMANDqTQE7WpzyzffWOg59hc/MwbvJtvuxhO9mEu3GD3Cn0HffFlmVRiA==\n-----END PUBLIC KEY-----\n" - } - }, - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEL3vL/VeaH6nBbo4rekyO4cc/QthS\n+nlyJXCXSnyIMAtLmVTa8Pf0qG6YIVaR0TmLkyk9YoSVsZakxuMTuaEwrg==\n-----END PUBLIC KEY-----\n" - } - } - }, - "roles": { - "root": { - "keyids": [ - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda" - ], - "threshold": 1 - }, - "snapshot": { - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1 - }, - "targets": { - "keyids": [ - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda" - ], - "threshold": 1 - }, - "timestamp": { - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1 - } - }, - "consistent_snapshot": true - }, - "signatures": [ - { - "keyid": "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda", - "sig": "304602210085927cdb96e1d9d0876bfc26b6ceea7421a54f959e30b9af3e12d31f6c750543022100dde611b58a1f2b9fb26c43767138c68f4422cdeb898c8b63f3f0193791030d12" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/1.snapshot.json b/tests/data/repository/1.snapshot.json deleted file mode 100644 index fcb179878c..0000000000 --- a/tests/data/repository/1.snapshot.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "signed": { - "_type": "snapshot", - "spec_version": "1.0", - "version": 1, - "expires": "2024-04-19T16:47:48Z", - "meta": { - "registry.npmjs.org.json": { - "length": 713, - "hashes": { - "sha256": "17b361687dbb401c2d51d7ce21688d13547eae7f8e7b2183b7dd6d94fa675705", - "sha512": "3f60a08cdbab650ece48ded43b54943dc816580fdb2f5a2a20c30e878eb2489ab817f0308666cac80da03d75d6f5b71959431b1ba7794335fece8a4ed635eb4d" - }, - "version": 1 - }, - "targets.json": { - "length": 4518, - "hashes": { - "sha256": "cc62e5fb1644717c7429c82b6a1cbd085008f9a2e07aad38573f8fdf9d55386c", - "sha512": "5709bc76bc35da403a9a0a5ec96890db49e797c986eda9e5f7973938dbccad96838c8136617c91f5218cfd919d93745d3942ca6d50a52b5fd0e662e6876b395f" - }, - "version": 1 - } - } - }, - "signatures": [ - { - "keyid": "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600", - "sig": "304602210082d244d5dab0c20ee07b3229964beffaa8bb0bdf4c5107e2f764619878d124a2022100e7c50116ef636c41348ec49a7502f1c98037238b9c717ee781b62c5154f5a1f0" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/1.targets.json b/tests/data/repository/1.targets.json deleted file mode 100644 index 6844bad771..0000000000 --- a/tests/data/repository/1.targets.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "signed": { - "_type": "targets", - "spec_version": "1.0", - "version": 1, - "expires": "2024-09-29T16:47:20Z", - "targets": { - "artifact.pub": { - "length": 177, - "hashes": { - "sha256": "59ebf97a9850aecec4bc39c1f5c1dc46e6490a6b5fd2a6cacdcac0c3a6fc4cbf", - "sha512": "308fd1d1d95d7f80aa33b837795251cc3e886792982275e062409e13e4e236ffc34d676682aa96fdc751414de99c864bf132dde71581fa651c6343905e3bf988" - }, - "custom": { - "sigstore": { - "status": "Active", - "usage": "Unknown" - } - } - }, - "ctfe.pub": { - "length": 177, - "hashes": { - "sha256": "7fcb94a5d0ed541260473b990b99a6c39864c1fb16f3f3e594a5a3cebbfe138a", - "sha512": "4b20747d1afe2544238ad38cc0cc3010921b177d60ac743767e0ef675b915489bd01a36606c0ff83c06448622d7160f0d866c83d20f0c0f44653dcc3f9aa0bd4" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstore.dev/test", - "usage": "CTFE" - } - } - }, - "ctfe_2022.pub": { - "length": 178, - "hashes": { - "sha256": "270488a309d22e804eeb245493e87c667658d749006b9fee9cc614572d4fbbdc", - "sha512": "e83fa4f427b24ee7728637fad1b4aa45ebde2ba02751fa860694b1bb16059a490328f9985e51cc70e4d237545315a1bc866dc4fdeef2f6248d99cc7a6077bf85" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstore.dev/2022", - "usage": "CTFE" - } - } - }, - "fulcio.crt.pem": { - "length": 744, - "hashes": { - "sha256": "f360c53b2e13495a628b9b8096455badcb6d375b185c4816d95a5d746ff29908", - "sha512": "0713252a7fd17f7f3ab12f88a64accf2eb14b8ad40ca711d7fe8b4ecba3b24db9e9dffadb997b196d3867b8f9ff217faf930d80e4dab4e235c7fc3f07be69224" - }, - "custom": { - "sigstore": { - "status": "Expired", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "fulcio_intermediate_v1.crt.pem": { - "length": 789, - "hashes": { - "sha256": "f8cbecf186db7714624a5f4e99da31a917cbef70a94dd6921f5c3ca969dfe30a", - "sha512": "0f99f47dbc26c5f1e3cba0bfd9af4245a26e5cb735d6ef005792ec7e603f66fdb897de985973a6e50940ca7eff5e1849719e967b5ad2dac74a29115a41cf6f21" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "fulcio_v1.crt.pem": { - "length": 740, - "hashes": { - "sha256": "f989aa23def87c549404eadba767768d2a3c8d6d30a8b793f9f518a8eafd2cf5", - "sha512": "f2e33a6dc208cee1f51d33bbea675ab0f0ced269617497985f9a0680689ee7073e4b6f8fef64c91bda590d30c129b3070dddce824c05bc165ac9802f0705cab6" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "rekor.pub": { - "length": 178, - "hashes": { - "sha256": "dce5ef715502ec9f3cdfd11f8cc384b31a6141023d3e7595e9908a81cb6241bd", - "sha512": "0ae7705e02db33e814329746a4a0e5603c5bdcd91c96d072158d71011a2695788866565a2fec0fe363eb72cbcaeda39e54c5fe8d416daf9f3101fdba4217ef35" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://rekor.sigstore.dev", - "usage": "Rekor" - } - } - }, - "trusted_root.json": { - "length": 4567, - "hashes": { - "sha256": "cec894ad77f79b1cb324150f6363012bcef7492954f3ab9134f932e6aa2e2e20", - "sha512": "08be2fd75c19e654caad30852847c566f97e6245f2bbcc54d347d6bdec7e879135e3395b5633b9e3b85d739fdb9b4eb8c09ddc70495792bc2ea65c8caf770d27" - } - } - }, - "delegations": { - "keys": { - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXMZ7rD8tWDE4lK/+naJN7INMxNC7\nbMMANDqTQE7WpzyzffWOg59hc/MwbvJtvuxhO9mEu3GD3Cn0HffFlmVRiA==\n-----END PUBLIC KEY-----\n" - } - } - }, - "roles": [ - { - "name": "registry.npmjs.org", - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1, - "terminating": true, - "paths": [ - "registry.npmjs.org/*" - ] - } - ] - } - }, - "signatures": [ - { - "keyid": "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda", - "sig": "304402201662b260e99e59f7271bd9e3fb01aa47a399bef8c5ec808bea6d40ae2d93625d022042fd2a275d84196dc50e17ca9c9408a34349372410febc7217415b11eb978bbb" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/2.registry.npmjs.org.json b/tests/data/repository/2.registry.npmjs.org.json deleted file mode 100644 index d53f15267b..0000000000 --- a/tests/data/repository/2.registry.npmjs.org.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "signed": { - "_type": "targets", - "spec_version": "1.0", - "version": 2, - "expires": "2028-09-29T21:10:55Z", - "targets": { - "registry.npmjs.org/keys.json": { - "length": 1017, - "hashes": { - "sha256": "7a8ec9678ad824cdccaa7a6dc0961caf8f8df61bc7274189122c123446248426", - "sha512": "881a853ee92d8cf513b07c164fea36b22a7305c256125bdfffdc5c65a4205c4c3fc2b5bcc98964349167ea68d40b8cd02551fcaa870a30d4601ba1caf6f63699" - } - } - } - }, - "signatures": [ - { - "keyid": "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600", - "sig": "3045022057b9fc8afd9feaf45cf3173d3420fdcd6b68c22e4ef7b47e80a6887e1f20246c0221009f39c42fac630ab354c5197288c9a82ab6d46a59b423f81fff719da57cff16ab" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/2.root.json b/tests/data/repository/2.root.json deleted file mode 100644 index f848d7d846..0000000000 --- a/tests/data/repository/2.root.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "signed": { - "_type": "root", - "spec_version": "1.0", - "version": 2, - "expires": "2028-09-29T21:10:11Z", - "keys": { - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXMZ7rD8tWDE4lK/+naJN7INMxNC7\nbMMANDqTQE7WpzyzffWOg59hc/MwbvJtvuxhO9mEu3GD3Cn0HffFlmVRiA==\n-----END PUBLIC KEY-----\n" - } - }, - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEL3vL/VeaH6nBbo4rekyO4cc/QthS\n+nlyJXCXSnyIMAtLmVTa8Pf0qG6YIVaR0TmLkyk9YoSVsZakxuMTuaEwrg==\n-----END PUBLIC KEY-----\n" - } - } - }, - "roles": { - "root": { - "keyids": [ - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda" - ], - "threshold": 1 - }, - "snapshot": { - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1 - }, - "targets": { - "keyids": [ - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda" - ], - "threshold": 1 - }, - "timestamp": { - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1 - } - }, - "consistent_snapshot": true - }, - "signatures": [ - { - "keyid": "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda", - "sig": "3045022057bbd23dd9f69f8280c5e5d2b0a0b1ace98d6d8efa0f59ef0a3190188f6e2c89022100b39e6c24091c4271d2b8b4cfa75e6120638b276fbffddda8da5bca1778c8f08c" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/2.snapshot.json b/tests/data/repository/2.snapshot.json deleted file mode 100644 index 6c1e4dd147..0000000000 --- a/tests/data/repository/2.snapshot.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "signed": { - "_type": "snapshot", - "spec_version": "1.0", - "version": 2, - "expires": "2028-04-19T21:11:16Z", - "meta": { - "registry.npmjs.org.json": { - "length": 715, - "hashes": { - "sha256": "4dc55b2b468b0d1c9629c457c5cfce2cc1c330c59c5a7cf71cb7549f1ef76f1d", - "sha512": "278f4b6112db9d4bd9366e1717cf710ad7eacf44605fd4f894c3374fc5dff850a1a03c24c4a885d050a4ac1a86fa6929537fae12d8c2864c8e0c239b382d5556" - }, - "version": 2 - }, - "targets.json": { - "length": 4120, - "hashes": { - "sha256": "095d093de09350cec021828f49361688b5dd692486ad7bfb03d4150b3269ef8a", - "sha512": "97b9c75f49fb41eaf2f33c5f58b125febc3bbecd4c97f6edd0901423a231e4d0c5760d4780bc180a364d7198b5e0710f07ee0abf84dcd163fe3348d6bce26fab" - }, - "version": 2 - } - } - }, - "signatures": [ - { - "keyid": "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600", - "sig": "3044022013bf1032cf0a37d9f88ab9d33d0abb7a932efd95fadbc354fc21a807c7be29ef0220677e651c3e67e0728591faa20c5a09b8a16953038c3ceeffb7d9cfec766b3245" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/2.targets.json b/tests/data/repository/2.targets.json deleted file mode 100644 index dea42487f0..0000000000 --- a/tests/data/repository/2.targets.json +++ /dev/null @@ -1,135 +0,0 @@ -{ - "signed": { - "_type": "targets", - "spec_version": "1.0", - "version": 2, - "expires": "2028-09-29T21:10:55Z", - "targets": { - "ctfe.pub": { - "length": 775, - "hashes": { - "sha256": "bd7a6812a1f239dfddbbb19d36c7423d21510da56d466ba5018401959cd66037", - "sha512": "b861189e48df51186a39612230fba6b02af951f7b35ad9375e8ca182d0e085d470e26d69f7cd4d7450a0f223991e8e5a4ddf8f1968caa15255de8e37035af43a" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstage.dev/test", - "usage": "CTFE" - } - } - }, - "ctfe_2022.pub": { - "length": 178, - "hashes": { - "sha256": "910d899c7763563095a0fe684c8477573fedc19a78586de6ecfbfd8f289f5423", - "sha512": "ab975a75600fc366a837536d0dcba841b755552d21bb114498ff8ac9d2403f76643f5b91269bce5d124a365514719a3edee9dcc2b046cb173f51af659911fcd3" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstage.dev/2022", - "usage": "CTFE" - } - } - }, - "ctfe_2022_2.pub": { - "length": 178, - "hashes": { - "sha256": "7054b4f15f969daca1c242bb9e77527abaf0b9acf9818a2a35144e4b32b20dc6", - "sha512": "3d035f94e1b14ac84627a28afdbed9a34861fb84239f76d73aa1a99f52262bfd95c4fa0ee71f1fd7e3bfb998d89cd5e0f0eafcff9fa7fa87c6e23484fc1e0cec" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstage.dev/2022-2", - "usage": "CTFE" - } - } - }, - "fulcio.crt.pem": { - "length": 741, - "hashes": { - "sha256": "0e6b0442485ad552bea5f62f11c29e2acfda35307d7538430b4cc1dbef49bff1", - "sha512": "c69ae618883a0c89c282c0943a1ad0c16b0a7788f74e47a1adefc631dac48a0c4449d8c3de7455ae7d772e43c4a87e341f180b0614a46a86006969f8a7b84532" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstage.dev", - "usage": "Fulcio" - } - } - }, - "fulcio_intermediate.crt.pem": { - "length": 790, - "hashes": { - "sha256": "782868913fe13c385105ddf33e827191386f58da40a931f2075a7e27b1b6ac7b", - "sha512": "90659875a02f73d1026055427c6d857c556e410e23748ff88aeb493227610fd2f5fbdd95ef2a21565f91438dfb3e073f50c4c9dd06f9a601b5d9b064d5cb60b4" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstage.dev", - "usage": "Fulcio" - } - } - }, - "rekor.pub": { - "length": 178, - "hashes": { - "sha256": "1d80b8f72505a43e65e6e125247cd508f61b459dc457c1d1bcb78d96e1760959", - "sha512": "09ab08698a67354a95d3b8897d9ce7eaef05f06f5ed5f0202d79c228579858ecc5816b7e1b7cc6786abe7d6aaa758e1fcb05900cb749235186c3bf9522d6d7ce" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://rekor.sigstage.dev", - "usage": "Rekor" - } - } - }, - "trusted_root.json": { - "length": 4521, - "hashes": { - "sha256": "6494317303d0e04509a30b239bf8290057164fba67072b6f89ddf1032273a78b", - "sha512": "fa2ca05656176f993fd616fa8586f3deeaacfb891dfb6f58e02b26073cb0233a52b7e66338d0053c8549f551485581141094c2de40ca812d8ac47a128bf84963" - } - } - }, - "delegations": { - "keys": { - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXMZ7rD8tWDE4lK/+naJN7INMxNC7\nbMMANDqTQE7WpzyzffWOg59hc/MwbvJtvuxhO9mEu3GD3Cn0HffFlmVRiA==\n-----END PUBLIC KEY-----\n" - } - } - }, - "roles": [ - { - "name": "registry.npmjs.org", - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1, - "terminating": true, - "paths": [ - "registry.npmjs.org/*" - ] - } - ] - } - }, - "signatures": [ - { - "keyid": "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda", - "sig": "304502210090b089087d1b17b2517c464b7774d76d3ea558ffca874eed63ccbee8f6bc3b76022022b56f551bcd0ac8a9c35cd0724ac5b00b4984544cbf812f47f276a9b48db8db" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/registry.npmjs.org.json b/tests/data/repository/registry.npmjs.org.json deleted file mode 100644 index d53f15267b..0000000000 --- a/tests/data/repository/registry.npmjs.org.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "signed": { - "_type": "targets", - "spec_version": "1.0", - "version": 2, - "expires": "2028-09-29T21:10:55Z", - "targets": { - "registry.npmjs.org/keys.json": { - "length": 1017, - "hashes": { - "sha256": "7a8ec9678ad824cdccaa7a6dc0961caf8f8df61bc7274189122c123446248426", - "sha512": "881a853ee92d8cf513b07c164fea36b22a7305c256125bdfffdc5c65a4205c4c3fc2b5bcc98964349167ea68d40b8cd02551fcaa870a30d4601ba1caf6f63699" - } - } - } - }, - "signatures": [ - { - "keyid": "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600", - "sig": "3045022057b9fc8afd9feaf45cf3173d3420fdcd6b68c22e4ef7b47e80a6887e1f20246c0221009f39c42fac630ab354c5197288c9a82ab6d46a59b423f81fff719da57cff16ab" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/root.json b/tests/data/repository/root.json deleted file mode 100644 index f848d7d846..0000000000 --- a/tests/data/repository/root.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "signed": { - "_type": "root", - "spec_version": "1.0", - "version": 2, - "expires": "2028-09-29T21:10:11Z", - "keys": { - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXMZ7rD8tWDE4lK/+naJN7INMxNC7\nbMMANDqTQE7WpzyzffWOg59hc/MwbvJtvuxhO9mEu3GD3Cn0HffFlmVRiA==\n-----END PUBLIC KEY-----\n" - } - }, - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEL3vL/VeaH6nBbo4rekyO4cc/QthS\n+nlyJXCXSnyIMAtLmVTa8Pf0qG6YIVaR0TmLkyk9YoSVsZakxuMTuaEwrg==\n-----END PUBLIC KEY-----\n" - } - } - }, - "roles": { - "root": { - "keyids": [ - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda" - ], - "threshold": 1 - }, - "snapshot": { - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1 - }, - "targets": { - "keyids": [ - "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda" - ], - "threshold": 1 - }, - "timestamp": { - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1 - } - }, - "consistent_snapshot": true - }, - "signatures": [ - { - "keyid": "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda", - "sig": "3045022057bbd23dd9f69f8280c5e5d2b0a0b1ace98d6d8efa0f59ef0a3190188f6e2c89022100b39e6c24091c4271d2b8b4cfa75e6120638b276fbffddda8da5bca1778c8f08c" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/snapshot.json b/tests/data/repository/snapshot.json deleted file mode 100644 index 6c1e4dd147..0000000000 --- a/tests/data/repository/snapshot.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "signed": { - "_type": "snapshot", - "spec_version": "1.0", - "version": 2, - "expires": "2028-04-19T21:11:16Z", - "meta": { - "registry.npmjs.org.json": { - "length": 715, - "hashes": { - "sha256": "4dc55b2b468b0d1c9629c457c5cfce2cc1c330c59c5a7cf71cb7549f1ef76f1d", - "sha512": "278f4b6112db9d4bd9366e1717cf710ad7eacf44605fd4f894c3374fc5dff850a1a03c24c4a885d050a4ac1a86fa6929537fae12d8c2864c8e0c239b382d5556" - }, - "version": 2 - }, - "targets.json": { - "length": 4120, - "hashes": { - "sha256": "095d093de09350cec021828f49361688b5dd692486ad7bfb03d4150b3269ef8a", - "sha512": "97b9c75f49fb41eaf2f33c5f58b125febc3bbecd4c97f6edd0901423a231e4d0c5760d4780bc180a364d7198b5e0710f07ee0abf84dcd163fe3348d6bce26fab" - }, - "version": 2 - } - } - }, - "signatures": [ - { - "keyid": "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600", - "sig": "3044022013bf1032cf0a37d9f88ab9d33d0abb7a932efd95fadbc354fc21a807c7be29ef0220677e651c3e67e0728591faa20c5a09b8a16953038c3ceeffb7d9cfec766b3245" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/targets.json b/tests/data/repository/targets.json deleted file mode 100644 index dea42487f0..0000000000 --- a/tests/data/repository/targets.json +++ /dev/null @@ -1,135 +0,0 @@ -{ - "signed": { - "_type": "targets", - "spec_version": "1.0", - "version": 2, - "expires": "2028-09-29T21:10:55Z", - "targets": { - "ctfe.pub": { - "length": 775, - "hashes": { - "sha256": "bd7a6812a1f239dfddbbb19d36c7423d21510da56d466ba5018401959cd66037", - "sha512": "b861189e48df51186a39612230fba6b02af951f7b35ad9375e8ca182d0e085d470e26d69f7cd4d7450a0f223991e8e5a4ddf8f1968caa15255de8e37035af43a" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstage.dev/test", - "usage": "CTFE" - } - } - }, - "ctfe_2022.pub": { - "length": 178, - "hashes": { - "sha256": "910d899c7763563095a0fe684c8477573fedc19a78586de6ecfbfd8f289f5423", - "sha512": "ab975a75600fc366a837536d0dcba841b755552d21bb114498ff8ac9d2403f76643f5b91269bce5d124a365514719a3edee9dcc2b046cb173f51af659911fcd3" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstage.dev/2022", - "usage": "CTFE" - } - } - }, - "ctfe_2022_2.pub": { - "length": 178, - "hashes": { - "sha256": "7054b4f15f969daca1c242bb9e77527abaf0b9acf9818a2a35144e4b32b20dc6", - "sha512": "3d035f94e1b14ac84627a28afdbed9a34861fb84239f76d73aa1a99f52262bfd95c4fa0ee71f1fd7e3bfb998d89cd5e0f0eafcff9fa7fa87c6e23484fc1e0cec" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstage.dev/2022-2", - "usage": "CTFE" - } - } - }, - "fulcio.crt.pem": { - "length": 741, - "hashes": { - "sha256": "0e6b0442485ad552bea5f62f11c29e2acfda35307d7538430b4cc1dbef49bff1", - "sha512": "c69ae618883a0c89c282c0943a1ad0c16b0a7788f74e47a1adefc631dac48a0c4449d8c3de7455ae7d772e43c4a87e341f180b0614a46a86006969f8a7b84532" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstage.dev", - "usage": "Fulcio" - } - } - }, - "fulcio_intermediate.crt.pem": { - "length": 790, - "hashes": { - "sha256": "782868913fe13c385105ddf33e827191386f58da40a931f2075a7e27b1b6ac7b", - "sha512": "90659875a02f73d1026055427c6d857c556e410e23748ff88aeb493227610fd2f5fbdd95ef2a21565f91438dfb3e073f50c4c9dd06f9a601b5d9b064d5cb60b4" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstage.dev", - "usage": "Fulcio" - } - } - }, - "rekor.pub": { - "length": 178, - "hashes": { - "sha256": "1d80b8f72505a43e65e6e125247cd508f61b459dc457c1d1bcb78d96e1760959", - "sha512": "09ab08698a67354a95d3b8897d9ce7eaef05f06f5ed5f0202d79c228579858ecc5816b7e1b7cc6786abe7d6aaa758e1fcb05900cb749235186c3bf9522d6d7ce" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://rekor.sigstage.dev", - "usage": "Rekor" - } - } - }, - "trusted_root.json": { - "length": 4521, - "hashes": { - "sha256": "6494317303d0e04509a30b239bf8290057164fba67072b6f89ddf1032273a78b", - "sha512": "fa2ca05656176f993fd616fa8586f3deeaacfb891dfb6f58e02b26073cb0233a52b7e66338d0053c8549f551485581141094c2de40ca812d8ac47a128bf84963" - } - } - }, - "delegations": { - "keys": { - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXMZ7rD8tWDE4lK/+naJN7INMxNC7\nbMMANDqTQE7WpzyzffWOg59hc/MwbvJtvuxhO9mEu3GD3Cn0HffFlmVRiA==\n-----END PUBLIC KEY-----\n" - } - } - }, - "roles": [ - { - "name": "registry.npmjs.org", - "keyids": [ - "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600" - ], - "threshold": 1, - "terminating": true, - "paths": [ - "registry.npmjs.org/*" - ] - } - ] - } - }, - "signatures": [ - { - "keyid": "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda", - "sig": "304502210090b089087d1b17b2517c464b7774d76d3ea558ffca874eed63ccbee8f6bc3b76022022b56f551bcd0ac8a9c35cd0724ac5b00b4984544cbf812f47f276a9b48db8db" - } - ] -} \ No newline at end of file diff --git a/tests/data/repository/targets/6494317303d0e04509a30b239bf8290057164fba67072b6f89ddf1032273a78b.trusted_root.json b/tests/data/repository/targets/6494317303d0e04509a30b239bf8290057164fba67072b6f89ddf1032273a78b.trusted_root.json deleted file mode 100644 index 6a1c1f5a40..0000000000 --- a/tests/data/repository/targets/6494317303d0e04509a30b239bf8290057164fba67072b6f89ddf1032273a78b.trusted_root.json +++ /dev/null @@ -1,86 +0,0 @@ -{ - "mediaType": "application/vnd.dev.sigstore.trustedroot+json;version=0.1", - "tlogs": [ - { - "baseUrl": "https://rekor.sigstage.dev", - "hashAlgorithm": "SHA2_256", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDODRU688UYGuy54mNUlaEBiQdTE9nYLr0lg6RXowI/QV/RE1azBn4Eg5/2uTOMbhB1/gfcHzijzFi9Tk+g1Prg==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "2021-01-12T11:53:27.000Z" - } - }, - "logId": { - "keyId": "0y8wo8MtY5wrdiIFohx7sHeI5oKDpK5vQhGHI6G+pJY=" - } - } - ], - "certificateAuthorities": [ - { - "subject": { - "organization": "sigstore.dev", - "commonName": "sigstore" - }, - "uri": "https://fulcio.sigstage.dev", - "certChain": { - "certificates": [ - { - "rawBytes": "MIIB9jCCAXugAwIBAgITDdEJvluliE0AzYaIE4jTMdnFTzAKBggqhkjOPQQDAzAqMRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxETAPBgNVBAMTCHNpZ3N0b3JlMB4XDTIyMDMyNTE2NTA0NloXDTMyMDMyMjE2NTA0NVowKjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMo9BUNk9QIYisYysC24+2OytoV72YiLonYcqR3yeVnYziPt7Xv++CYE8yoCTiwedUECCWKOcvQKRCJZb9ht4Hzy+VvBx36hK+C6sECCSR0x6pPSiz+cTk1f788ZjBlUZaNjMGEwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP9CMrpofas6cK/cDNQa4j6Hj2ZlMB8GA1UdIwQYMBaAFP9CMrpofas6cK/cDNQa4j6Hj2ZlMAoGCCqGSM49BAMDA2kAMGYCMQD+kojuzMwztNay9Ibzjuk//ZL5m6T2OCsm45l1lY004pcb984L926BowodoirFMcMCMQDIJtFHhP/1D3a+M3dAGomOb6O4CmTry3TTPbPsAFnv22YA0Y+P21NVoxKDjdu0tkw=" - }, - { - "rawBytes": "MIICGTCCAaCgAwIBAgITJta/okfgHvjabGm1BOzuhrwA1TAKBggqhkjOPQQDAzAqMRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxETAPBgNVBAMTCHNpZ3N0b3JlMB4XDTIyMDQxNDIxMzg0MFoXDTMyMDMyMjE2NTA0NVowNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASosAySWJQ/tK5r8T5aHqavk0oI+BKQbnLLdmOMRXHQF/4Hx9KtNfpcdjH9hNKQSBxSlLFFN3tvFCco0qFBzWYwZtsYsBe1l91qYn/9VHFTaEVwYQWIJEEvrs0fvPuAqjajezB5MA4GA1UdDwEB/wQEAwIBBjATBgNVHSUEDDAKBggrBgEFBQcDAzASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRxhjCmFHxib/n31vQFGn9f/+tvrDAfBgNVHSMEGDAWgBT/QjK6aH2rOnCv3AzUGuI+h49mZTAKBggqhkjOPQQDAwNnADBkAjAM1lbKkcqQlE/UspMTbWNo1y2TaJ44tx3l/FJFceTSdDZ+0W1OHHeU4twie/lq8XgCMHQxgEv26xNNiAGyPXbkYgrDPvbOqp0UeWX4mJnLSrBr3aN/KX1SBrKQu220FmVL0Q==" - } - ] - }, - "validFor": { - "start": "2022-03-25T16:50:46.000Z" - } - } - ], - "ctlogs": [ - { - "baseUrl": "https://ctfe.sigstage.dev/test", - "hashAlgorithm": "SHA2_256", - "publicKey": { - "rawBytes": "MIICCgKCAgEA27A2MPQXm0I0v7/Ly5BIauDjRZF5Jor9vU+QheoE2UIIsZHcyYq3slHzSSHy2lLj1ZD2d91CtJ492ZXqnBmsr4TwZ9jQ05tW2mGIRI8u2DqN8LpuNYZGz/f9SZrjhQQmUttqWmtu3UoLfKz6NbNXUnoo+NhZFcFRLXJ8VporVhuiAmL7zqT53cXR3yQfFPCUDeGnRksnlhVIAJc3AHZZSHQJ8DEXMhh35TVv2nYhTI3rID7GwjXXw4ocz7RGDD37ky6p39Tl5NB71gT1eSqhZhGHEYHIPXraEBd5+3w9qIuLWlp5Ej/K6Mu4ELioXKCUimCbwy+Cs8UhHFlqcyg4AysOHJwIadXIa8LsY51jnVSGrGOEBZevopmQPNPtyfFY3dmXSS+6Z3RD2Gd6oDnNGJzpSyEk410Ag5uvNDfYzJLCWX9tU8lIxNwdFYmIwpd89HijyRyoGnoJ3entd63cvKfuuix5r+GHyKp1Xm1L5j5AWM6P+z0xigwkiXnt+adexAl1J9wdDxv/pUFEESRF4DG8DFGVtbdH6aR1A5/vD4krO4tC1QYUSeyL5Mvsw8WRqIFHcXtgybtxylljvNcGMV1KXQC8UFDmpGZVDSHx6v3e/BHMrZ7gjoCCfVMZ/cFcQi0W2AIHPYEMH/C95J2r4XbHMRdYXpovpOoT5Ca78gsCAwEAAQ==", - "keyDetails": "PKCS1_RSA_PKCS1V5", - "validFor": { - "start": "2021-03-14T00:00:00.000Z" - } - }, - "logId": { - "keyId": "s9AOb93xWxr+a4ztxJnxxJCX7VZ0V3IF4jTu/OoL84A=" - } - }, - { - "baseUrl": "https://ctfe.sigstage.dev/2022", - "hashAlgorithm": "SHA2_256", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEh99xuRi6slBFd8VUJoK/rLigy4bYeSYWO/fE6Br7r0D8NpMI94+A63LR/WvLxpUUGBpY8IJA3iU2telag5CRpA==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "2022-07-01T00:00:00.000Z" - } - }, - "logId": { - "keyId": "++JKOMQt7SJ3ynUHnCfnDhcKP8/58J4TueMqXuk3HmA=" - } - }, - { - "baseUrl": "https://ctfe.sigstage.dev/2022-2", - "hashAlgorithm": "SHA2_256", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8gEDKNme8AnXuPBgHjrtXdS6miHqc24CRblNEOFpiJRngeq8Ko73Y+K18yRYVf1DXD4AVLwvKyzdNdl5n0jUSQ==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "2022-07-01T00:00:00.000Z" - } - }, - "logId": { - "keyId": "KzC83GiIyeLh2CYpXnQfSDkxlgLynDPLXkNA/rKshno=" - } - } - ], - "timestampAuthorities": [] -} diff --git a/tests/data/repository/targets/fa2ca05656176f993fd616fa8586f3deeaacfb891dfb6f58e02b26073cb0233a52b7e66338d0053c8549f551485581141094c2de40ca812d8ac47a128bf84963.trusted_root.json b/tests/data/repository/targets/fa2ca05656176f993fd616fa8586f3deeaacfb891dfb6f58e02b26073cb0233a52b7e66338d0053c8549f551485581141094c2de40ca812d8ac47a128bf84963.trusted_root.json deleted file mode 100644 index 6a1c1f5a40..0000000000 --- a/tests/data/repository/targets/fa2ca05656176f993fd616fa8586f3deeaacfb891dfb6f58e02b26073cb0233a52b7e66338d0053c8549f551485581141094c2de40ca812d8ac47a128bf84963.trusted_root.json +++ /dev/null @@ -1,86 +0,0 @@ -{ - "mediaType": "application/vnd.dev.sigstore.trustedroot+json;version=0.1", - "tlogs": [ - { - "baseUrl": "https://rekor.sigstage.dev", - "hashAlgorithm": "SHA2_256", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDODRU688UYGuy54mNUlaEBiQdTE9nYLr0lg6RXowI/QV/RE1azBn4Eg5/2uTOMbhB1/gfcHzijzFi9Tk+g1Prg==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "2021-01-12T11:53:27.000Z" - } - }, - "logId": { - "keyId": "0y8wo8MtY5wrdiIFohx7sHeI5oKDpK5vQhGHI6G+pJY=" - } - } - ], - "certificateAuthorities": [ - { - "subject": { - "organization": "sigstore.dev", - "commonName": "sigstore" - }, - "uri": "https://fulcio.sigstage.dev", - "certChain": { - "certificates": [ - { - "rawBytes": "MIIB9jCCAXugAwIBAgITDdEJvluliE0AzYaIE4jTMdnFTzAKBggqhkjOPQQDAzAqMRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxETAPBgNVBAMTCHNpZ3N0b3JlMB4XDTIyMDMyNTE2NTA0NloXDTMyMDMyMjE2NTA0NVowKjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMo9BUNk9QIYisYysC24+2OytoV72YiLonYcqR3yeVnYziPt7Xv++CYE8yoCTiwedUECCWKOcvQKRCJZb9ht4Hzy+VvBx36hK+C6sECCSR0x6pPSiz+cTk1f788ZjBlUZaNjMGEwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP9CMrpofas6cK/cDNQa4j6Hj2ZlMB8GA1UdIwQYMBaAFP9CMrpofas6cK/cDNQa4j6Hj2ZlMAoGCCqGSM49BAMDA2kAMGYCMQD+kojuzMwztNay9Ibzjuk//ZL5m6T2OCsm45l1lY004pcb984L926BowodoirFMcMCMQDIJtFHhP/1D3a+M3dAGomOb6O4CmTry3TTPbPsAFnv22YA0Y+P21NVoxKDjdu0tkw=" - }, - { - "rawBytes": "MIICGTCCAaCgAwIBAgITJta/okfgHvjabGm1BOzuhrwA1TAKBggqhkjOPQQDAzAqMRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxETAPBgNVBAMTCHNpZ3N0b3JlMB4XDTIyMDQxNDIxMzg0MFoXDTMyMDMyMjE2NTA0NVowNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASosAySWJQ/tK5r8T5aHqavk0oI+BKQbnLLdmOMRXHQF/4Hx9KtNfpcdjH9hNKQSBxSlLFFN3tvFCco0qFBzWYwZtsYsBe1l91qYn/9VHFTaEVwYQWIJEEvrs0fvPuAqjajezB5MA4GA1UdDwEB/wQEAwIBBjATBgNVHSUEDDAKBggrBgEFBQcDAzASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRxhjCmFHxib/n31vQFGn9f/+tvrDAfBgNVHSMEGDAWgBT/QjK6aH2rOnCv3AzUGuI+h49mZTAKBggqhkjOPQQDAwNnADBkAjAM1lbKkcqQlE/UspMTbWNo1y2TaJ44tx3l/FJFceTSdDZ+0W1OHHeU4twie/lq8XgCMHQxgEv26xNNiAGyPXbkYgrDPvbOqp0UeWX4mJnLSrBr3aN/KX1SBrKQu220FmVL0Q==" - } - ] - }, - "validFor": { - "start": "2022-03-25T16:50:46.000Z" - } - } - ], - "ctlogs": [ - { - "baseUrl": "https://ctfe.sigstage.dev/test", - "hashAlgorithm": "SHA2_256", - "publicKey": { - "rawBytes": "MIICCgKCAgEA27A2MPQXm0I0v7/Ly5BIauDjRZF5Jor9vU+QheoE2UIIsZHcyYq3slHzSSHy2lLj1ZD2d91CtJ492ZXqnBmsr4TwZ9jQ05tW2mGIRI8u2DqN8LpuNYZGz/f9SZrjhQQmUttqWmtu3UoLfKz6NbNXUnoo+NhZFcFRLXJ8VporVhuiAmL7zqT53cXR3yQfFPCUDeGnRksnlhVIAJc3AHZZSHQJ8DEXMhh35TVv2nYhTI3rID7GwjXXw4ocz7RGDD37ky6p39Tl5NB71gT1eSqhZhGHEYHIPXraEBd5+3w9qIuLWlp5Ej/K6Mu4ELioXKCUimCbwy+Cs8UhHFlqcyg4AysOHJwIadXIa8LsY51jnVSGrGOEBZevopmQPNPtyfFY3dmXSS+6Z3RD2Gd6oDnNGJzpSyEk410Ag5uvNDfYzJLCWX9tU8lIxNwdFYmIwpd89HijyRyoGnoJ3entd63cvKfuuix5r+GHyKp1Xm1L5j5AWM6P+z0xigwkiXnt+adexAl1J9wdDxv/pUFEESRF4DG8DFGVtbdH6aR1A5/vD4krO4tC1QYUSeyL5Mvsw8WRqIFHcXtgybtxylljvNcGMV1KXQC8UFDmpGZVDSHx6v3e/BHMrZ7gjoCCfVMZ/cFcQi0W2AIHPYEMH/C95J2r4XbHMRdYXpovpOoT5Ca78gsCAwEAAQ==", - "keyDetails": "PKCS1_RSA_PKCS1V5", - "validFor": { - "start": "2021-03-14T00:00:00.000Z" - } - }, - "logId": { - "keyId": "s9AOb93xWxr+a4ztxJnxxJCX7VZ0V3IF4jTu/OoL84A=" - } - }, - { - "baseUrl": "https://ctfe.sigstage.dev/2022", - "hashAlgorithm": "SHA2_256", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEh99xuRi6slBFd8VUJoK/rLigy4bYeSYWO/fE6Br7r0D8NpMI94+A63LR/WvLxpUUGBpY8IJA3iU2telag5CRpA==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "2022-07-01T00:00:00.000Z" - } - }, - "logId": { - "keyId": "++JKOMQt7SJ3ynUHnCfnDhcKP8/58J4TueMqXuk3HmA=" - } - }, - { - "baseUrl": "https://ctfe.sigstage.dev/2022-2", - "hashAlgorithm": "SHA2_256", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8gEDKNme8AnXuPBgHjrtXdS6miHqc24CRblNEOFpiJRngeq8Ko73Y+K18yRYVf1DXD4AVLwvKyzdNdl5n0jUSQ==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "2022-07-01T00:00:00.000Z" - } - }, - "logId": { - "keyId": "KzC83GiIyeLh2CYpXnQfSDkxlgLynDPLXkNA/rKshno=" - } - } - ], - "timestampAuthorities": [] -} diff --git a/tests/data/repository/targets/registry.npmjs.org/7a8ec9678ad824cdccaa7a6dc0961caf8f8df61bc7274189122c123446248426.keys.json b/tests/data/repository/targets/registry.npmjs.org/7a8ec9678ad824cdccaa7a6dc0961caf8f8df61bc7274189122c123446248426.keys.json deleted file mode 100644 index f5667a5f0e..0000000000 --- a/tests/data/repository/targets/registry.npmjs.org/7a8ec9678ad824cdccaa7a6dc0961caf8f8df61bc7274189122c123446248426.keys.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "keys": [ - { - "keyId": "SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA", - "keyUsage": "npm:signatures", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1Olb3zMAFFxXKHiIkQO5cJ3Yhl5i6UPp+IhuteBJbuHcA5UogKo0EWtlWwW6KSaKoTNEYL7JlCQiVnkhBktUgg==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "1999-01-01T00:00:00.000Z" - } - } - }, - { - "keyId": "SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA", - "keyUsage": "npm:attestations", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1Olb3zMAFFxXKHiIkQO5cJ3Yhl5i6UPp+IhuteBJbuHcA5UogKo0EWtlWwW6KSaKoTNEYL7JlCQiVnkhBktUgg==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "2022-12-01T00:00:00.000Z" - } - } - } - ] -} diff --git a/tests/data/repository/targets/registry.npmjs.org/881a853ee92d8cf513b07c164fea36b22a7305c256125bdfffdc5c65a4205c4c3fc2b5bcc98964349167ea68d40b8cd02551fcaa870a30d4601ba1caf6f63699.keys.json b/tests/data/repository/targets/registry.npmjs.org/881a853ee92d8cf513b07c164fea36b22a7305c256125bdfffdc5c65a4205c4c3fc2b5bcc98964349167ea68d40b8cd02551fcaa870a30d4601ba1caf6f63699.keys.json deleted file mode 100644 index f5667a5f0e..0000000000 --- a/tests/data/repository/targets/registry.npmjs.org/881a853ee92d8cf513b07c164fea36b22a7305c256125bdfffdc5c65a4205c4c3fc2b5bcc98964349167ea68d40b8cd02551fcaa870a30d4601ba1caf6f63699.keys.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "keys": [ - { - "keyId": "SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA", - "keyUsage": "npm:signatures", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1Olb3zMAFFxXKHiIkQO5cJ3Yhl5i6UPp+IhuteBJbuHcA5UogKo0EWtlWwW6KSaKoTNEYL7JlCQiVnkhBktUgg==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "1999-01-01T00:00:00.000Z" - } - } - }, - { - "keyId": "SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA", - "keyUsage": "npm:attestations", - "publicKey": { - "rawBytes": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1Olb3zMAFFxXKHiIkQO5cJ3Yhl5i6UPp+IhuteBJbuHcA5UogKo0EWtlWwW6KSaKoTNEYL7JlCQiVnkhBktUgg==", - "keyDetails": "PKIX_ECDSA_P256_SHA_256", - "validFor": { - "start": "2022-12-01T00:00:00.000Z" - } - } - } - ] -} diff --git a/tests/data/repository/timestamp.json b/tests/data/repository/timestamp.json deleted file mode 100644 index 4b4a4dec2c..0000000000 --- a/tests/data/repository/timestamp.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "signed": { - "_type": "timestamp", - "spec_version": "1.0", - "version": 2, - "expires": "2028-04-12T21:11:28Z", - "meta": { - "snapshot.json": { - "length": 1039, - "hashes": { - "sha256": "b480856ab72c80fe10902ffac69ec10340e827e02b2bd114d6f141de910a96c5", - "sha512": "da06f65c1ee242d63820ba646fb1b4037fe355460309d89f98a923d1d009e7d46f11d4272a0d8e07829734baea655f7692d8c23383d6044b4f72263a4dbf3057" - }, - "version": 2 - } - } - }, - "signatures": [ - { - "keyid": "314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600", - "sig": "3044022040e243b1bc8edb798df66803c2460471a4129704421d59f55c825dc549493f840220267e4684875d4803ae0948140af32fc9f560453efb84d9728ee66619e8767d8c" - } - ] -} \ No newline at end of file