Skip to content

Commit

Permalink
Merge pull request #491 from sigstore/add-tuf-root-for-staging
Browse files Browse the repository at this point in the history
Use tuf cdn, add staging
  • Loading branch information
loosebazooka authored Sep 7, 2023
2 parents 96a4da9 + e466407 commit 4d7833c
Show file tree
Hide file tree
Showing 12 changed files with 101 additions and 336 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ public Builder usePublicGoodInstance() {
}
try {
tufMirror(
new URL("https://storage.googleapis.com/sigstore-tuf-root/"),
new URL("https://tuf-repo-cdn.sigstore.dev"),
Path.of(
Resources.getResource("dev/sigstore/tuf/sigstore-tuf-root/root.json").getPath()));
} catch (MalformedURLException e) {
Expand All @@ -81,6 +81,27 @@ public Builder usePublicGoodInstance() {
return this;
}

public Builder useStagingInstance() {
if (remoteMirror != null || trustedRoot != null) {
throw new IllegalStateException(
"Using staging after configuring remoteMirror and trustedRoot");
}
try {
tufMirror(
new URL("https://tuf-repo-cdn.sigstage.dev"),
Path.of(
Resources.getResource("dev/sigstore/tuf/tuf-root-staging/root.json").getPath()));
} catch (MalformedURLException e) {
throw new AssertionError(e);
}
tufCacheLocation =
Path.of(System.getProperty("user.home"))
.resolve(".sigstore-java")
.resolve("staging")
.resolve("root");
return this;
}

public Builder tufMirror(URL mirror, Path trustedRoot) {
this.remoteMirror = mirror;
this.trustedRoot = trustedRoot;
Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
@@ -1,87 +1,65 @@
{
"signatures": [
{
"keyid": "baf73fa38311c699f6b2583a6493afb3e3974b333ed61c4a370d0787e2012093",
"sig": "2f8194ea672740abe0bd38464f35af43ec6de5c8ef8fa43c49525e2bf9ae4dcd243c8f95d1975ea2137e58b7c0e305280ac940fe617b8ac2e37290f4059e6f04"
}
],
"signed": {
"_type": "root",
"consistent_snapshot": false,
"expires": "2032-04-28T20:21:11Z",
"keys": {
"26599e08a9fe425a8863c9a4bc2b87ba0d55a9540695eb49b8d267f5578f6bc0": {
"keyid_hash_algorithms": [
"sha256",
"sha512"
],
"keytype": "ed25519",
"keyval": {
"public": "6625fa57e94e34a2f27a3c486eb88dc69da0162e425a5f16d1b5c9d4dad79aca"
},
"scheme": "ed25519"
},
"baf73fa38311c699f6b2583a6493afb3e3974b333ed61c4a370d0787e2012093": {
"keyid_hash_algorithms": [
"sha256",
"sha512"
],
"keytype": "ed25519",
"keyval": {
"public": "f10da95f3c08b4906e366e1a9a1222659793bce03ce80a3c448fbedeb8974ef6"
},
"scheme": "ed25519"
},
"da02af6aec8ca4c93d4558b83b81ce7deb0ea4566879d017ccfb087a3a031321": {
"keyid_hash_algorithms": [
"sha256",
"sha512"
],
"keytype": "ed25519",
"keyval": {
"public": "e66efde4c3db6bfdac5fc4e3f54260f2655afa2aa9167da5b135e4986aeadf5a"
},
"scheme": "ed25519"
},
"dbb3cc3a3752fd0a51066f840075262b1fd28d93c3098975e4773f669943507e": {
"keyid_hash_algorithms": [
"sha256",
"sha512"
],
"keytype": "ed25519",
"keyval": {
"public": "2af53c16edb6db039cc209b56f8fdbbff9e77a23516823b0f560134803f3a072"
},
"scheme": "ed25519"
}
},
"roles": {
"root": {
"keyids": [
"baf73fa38311c699f6b2583a6493afb3e3974b333ed61c4a370d0787e2012093"
],
"threshold": 1
},
"snapshot": {
"keyids": [
"da02af6aec8ca4c93d4558b83b81ce7deb0ea4566879d017ccfb087a3a031321"
],
"threshold": 1
},
"targets": {
"keyids": [
"dbb3cc3a3752fd0a51066f840075262b1fd28d93c3098975e4773f669943507e"
],
"threshold": 1
},
"timestamp": {
"keyids": [
"26599e08a9fe425a8863c9a4bc2b87ba0d55a9540695eb49b8d267f5578f6bc0"
],
"threshold": 1
}
},
"spec_version": "1.0",
"version": 1
}
"signed": {
"_type": "root",
"spec_version": "1.0",
"version": 3,
"expires": "2029-02-17T23:05:14Z",
"keys": {
"314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600": {
"keytype": "ecdsa-sha2-nistp256",
"scheme": "ecdsa-sha2-nistp256",
"keyid_hash_algorithms": [
"sha256",
"sha512"
],
"keyval": {
"public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXMZ7rD8tWDE4lK/+naJN7INMxNC7\nbMMANDqTQE7WpzyzffWOg59hc/MwbvJtvuxhO9mEu3GD3Cn0HffFlmVRiA==\n-----END PUBLIC KEY-----\n"
}
},
"c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda": {
"keytype": "ecdsa-sha2-nistp256",
"scheme": "ecdsa-sha2-nistp256",
"keyid_hash_algorithms": [
"sha256",
"sha512"
],
"keyval": {
"public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEL3vL/VeaH6nBbo4rekyO4cc/QthS\n+nlyJXCXSnyIMAtLmVTa8Pf0qG6YIVaR0TmLkyk9YoSVsZakxuMTuaEwrg==\n-----END PUBLIC KEY-----\n"
}
}
},
"roles": {
"root": {
"keyids": [
"c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda"
],
"threshold": 1
},
"snapshot": {
"keyids": [
"314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600"
],
"threshold": 1
},
"targets": {
"keyids": [
"c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda"
],
"threshold": 1
},
"timestamp": {
"keyids": [
"314ae73abd3012fc73bfcc3783e31d03852716597642b891d6a33155c4baf600"
],
"threshold": 1
}
},
"consistent_snapshot": true
},
"signatures": [
{
"keyid": "c8e09a68b5821b75462ae0df52151c81deb7f1838246dc1da8c34cc91ec12bda",
"sig": "3045022061a67fc07a5dd88f0087f394d4d3ef15237115d2ee24261f2d35db07715da097022100a0efc621c0b0ba697ae75827e579dd90eef30f7bc5fdbef2c44338f791a67eeb"
}
]
}

This file was deleted.

This file was deleted.

This file was deleted.

Loading

0 comments on commit 4d7833c

Please sign in to comment.