From a6ff3f37e18c0ee7cdef0401e15fae275d978fcc Mon Sep 17 00:00:00 2001 From: Appu Goundan Date: Wed, 27 Dec 2023 10:55:17 -0500 Subject: [PATCH] Rework trusted root injection While this will allow anyone to inject a trustedRoot instead of using sigstore public good, its been primarily included to allow conformance to inject alt trusted roots Signed-off-by: Appu Goundan --- .github/workflows/conformance.yml | 2 +- .../src/main/java/dev/sigstore/cli/Sign.java | 5 +- .../main/java/dev/sigstore/cli/Verify.java | 15 +- .../java/dev/sigstore/KeylessVerifier.java | 18 +- .../dev/sigstore/TrustedRootProvider.java | 57 +++++++ .../dev/sigstore/VerificationMaterial.java | 68 -------- .../main/resources/dev/sigstore/tuf/README.md | 20 +-- .../dev/sigstore/tuf/production/ctfe.pub | 4 - .../dev/sigstore/tuf/production/ctfe_2022.pub | 4 - .../sigstore/tuf/production/fulcio_v1.crt.pem | 13 -- .../dev/sigstore/tuf/production/rekor.pub | 4 - .../tuf/sigstore-tuf-root/5.root.json | 156 ------------------ .../tuf/sigstore-tuf-root/5.targets.json | 125 -------------- .../tuf/sigstore-tuf-root/69.snapshot.json | 56 ------- .../tuf/sigstore-tuf-root/snapshot.json | 56 ------- .../tuf/sigstore-tuf-root/targets.json | 125 -------------- ...80e4dab4e235c7fc3f07be69224.fulcio.crt.pem | 13 -- ...54c5fe8d416daf9f3101fdba4217ef35.rekor.pub | 4 - ...15a41cf6f21.fulcio_intermediate_v1.crt.pem | 14 -- ...d749006b9fee9cc614572d4fbbdc.ctfe_2022.pub | 4 - ...2dde71581fa651c6343905e3bf988.artifact.pub | 4 - ...0d866c83d20f0c0f44653dcc3f9aa0bd4.ctfe.pub | 4 - ...90a6b5fd2a6cacdcac0c3a6fc4cbf.artifact.pub | 4 - ...39864c1fb16f3f3e594a5a3cebbfe138a.ctfe.pub | 4 - ...1a6141023d3e7595e9908a81cb6241bd.rekor.pub | 4 - ...c4fdeef2f6248d99cc7a6077bf85.ctfe_2022.pub | 4 - ...4c05bc165ac9802f0705cab6.fulcio_v1.crt.pem | 13 -- ...75b185c4816d95a5d746ff29908.fulcio.crt.pem | 13 -- ...ca969dfe30a.fulcio_intermediate_v1.crt.pem | 14 -- ...30a8b793f9f518a8eafd2cf5.fulcio_v1.crt.pem | 13 -- .../tuf/sigstore-tuf-root/timestamp.json | 24 --- .../dev/sigstore/tuf/staging/ctfe.pub | 13 -- .../dev/sigstore/tuf/staging/ctfe_2022.pub | 4 - .../dev/sigstore/tuf/staging/ctfe_2022_2.pub | 4 - .../dev/sigstore/tuf/staging/fulcio.crt.pem | 13 -- .../dev/sigstore/tuf/staging/rekor.pub | 4 - 36 files changed, 88 insertions(+), 814 deletions(-) create mode 100644 sigstore-java/src/main/java/dev/sigstore/TrustedRootProvider.java delete mode 100644 sigstore-java/src/main/java/dev/sigstore/VerificationMaterial.java delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe_2022.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/production/fulcio_v1.crt.pem delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/production/rekor.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/5.root.json delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/5.targets.json delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/69.snapshot.json delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/snapshot.json delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets.json delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0713252a7fd17f7f3ab12f88a64accf2eb14b8ad40ca711d7fe8b4ecba3b24db9e9dffadb997b196d3867b8f9ff217faf930d80e4dab4e235c7fc3f07be69224.fulcio.crt.pem delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0ae7705e02db33e814329746a4a0e5603c5bdcd91c96d072158d71011a2695788866565a2fec0fe363eb72cbcaeda39e54c5fe8d416daf9f3101fdba4217ef35.rekor.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0f99f47dbc26c5f1e3cba0bfd9af4245a26e5cb735d6ef005792ec7e603f66fdb897de985973a6e50940ca7eff5e1849719e967b5ad2dac74a29115a41cf6f21.fulcio_intermediate_v1.crt.pem delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/270488a309d22e804eeb245493e87c667658d749006b9fee9cc614572d4fbbdc.ctfe_2022.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/308fd1d1d95d7f80aa33b837795251cc3e886792982275e062409e13e4e236ffc34d676682aa96fdc751414de99c864bf132dde71581fa651c6343905e3bf988.artifact.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/4b20747d1afe2544238ad38cc0cc3010921b177d60ac743767e0ef675b915489bd01a36606c0ff83c06448622d7160f0d866c83d20f0c0f44653dcc3f9aa0bd4.ctfe.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/59ebf97a9850aecec4bc39c1f5c1dc46e6490a6b5fd2a6cacdcac0c3a6fc4cbf.artifact.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/7fcb94a5d0ed541260473b990b99a6c39864c1fb16f3f3e594a5a3cebbfe138a.ctfe.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/dce5ef715502ec9f3cdfd11f8cc384b31a6141023d3e7595e9908a81cb6241bd.rekor.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/e83fa4f427b24ee7728637fad1b4aa45ebde2ba02751fa860694b1bb16059a490328f9985e51cc70e4d237545315a1bc866dc4fdeef2f6248d99cc7a6077bf85.ctfe_2022.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f2e33a6dc208cee1f51d33bbea675ab0f0ced269617497985f9a0680689ee7073e4b6f8fef64c91bda590d30c129b3070dddce824c05bc165ac9802f0705cab6.fulcio_v1.crt.pem delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f360c53b2e13495a628b9b8096455badcb6d375b185c4816d95a5d746ff29908.fulcio.crt.pem delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f8cbecf186db7714624a5f4e99da31a917cbef70a94dd6921f5c3ca969dfe30a.fulcio_intermediate_v1.crt.pem delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f989aa23def87c549404eadba767768d2a3c8d6d30a8b793f9f518a8eafd2cf5.fulcio_v1.crt.pem delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/timestamp.json delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe_2022.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe_2022_2.pub delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/staging/fulcio.crt.pem delete mode 100644 sigstore-java/src/main/resources/dev/sigstore/tuf/staging/rekor.pub diff --git a/.github/workflows/conformance.yml b/.github/workflows/conformance.yml index c477fb998..b0fac636e 100644 --- a/.github/workflows/conformance.yml +++ b/.github/workflows/conformance.yml @@ -31,6 +31,6 @@ jobs: - name: Unpack sigstore-java distribution run: tar -xvf ${{ github.workspace }}/sigstore-cli/build/distributions/sigstore-cli-*.tar --strip-components 1 - - uses: sigstore/sigstore-conformance@00922385de455be5ec46288a947044aa44fb0981 # v0.0.8 + - uses: sigstore/sigstore-conformance@c8d17eb7ee884cf86b93a3a3f471648fb0a83819 # v0.0.9 with: entrypoint: ${{ github.workspace }}/bin/sigstore-cli diff --git a/sigstore-cli/src/main/java/dev/sigstore/cli/Sign.java b/sigstore-cli/src/main/java/dev/sigstore/cli/Sign.java index ef30145be..2193ac4c4 100644 --- a/sigstore-cli/src/main/java/dev/sigstore/cli/Sign.java +++ b/sigstore-cli/src/main/java/dev/sigstore/cli/Sign.java @@ -22,6 +22,7 @@ import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Path; +import java.util.Base64; import java.util.concurrent.Callable; import picocli.CommandLine.ArgGroup; import picocli.CommandLine.Command; @@ -57,7 +58,9 @@ public Integer call() throws Exception { var signer = signerBuilder.build(); var signingResult = signer.signFile(artifact); if (signatureFiles.sigAndCert != null) { - Files.write(signatureFiles.sigAndCert.signatureFile, signingResult.getSignature()); + Files.write( + signatureFiles.sigAndCert.signatureFile, + Base64.getEncoder().encode(signingResult.getSignature())); Files.write( signatureFiles.sigAndCert.certificateFile, Certificates.toPemBytes(signingResult.getCertPath())); diff --git a/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java b/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java index 5f76355c2..89dbeaeea 100644 --- a/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java +++ b/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java @@ -30,6 +30,7 @@ import java.nio.file.Files; import java.nio.file.Path; import java.security.cert.CertPath; +import java.util.Base64; import java.util.concurrent.Callable; import picocli.CommandLine.ArgGroup; import picocli.CommandLine.Command; @@ -50,6 +51,12 @@ public class Verify implements Callable { @ArgGroup(multiplicity = "0..1", exclusive = false) Policy policy; + @Option( + names = {"--trusted-root"}, + description = "an alternative to the TUF managed sigstore public good trusted root", + required = false) + Path trustedRoot; + static class Policy { @Option( names = {"--certificate-identity"}, @@ -70,7 +77,8 @@ public Integer call() throws Exception { KeylessSignature keylessSignature; if (signatureFiles.sigAndCert != null) { - byte[] signature = Files.readAllBytes(signatureFiles.sigAndCert.signatureFile); + byte[] signature = + Base64.getDecoder().decode(Files.readAllBytes(signatureFiles.sigAndCert.signatureFile)); CertPath certPath = Certificates.fromPemChain(Files.readAllBytes(signatureFiles.sigAndCert.certificateFile)); keylessSignature = @@ -91,7 +99,10 @@ public Integer call() throws Exception { } var verificationOptions = verificationOptionsBuilder.alwaysUseRemoteRekorEntry(false).build(); - var verifier = new KeylessVerifier.Builder().sigstorePublicDefaults().build(); + var verifier = + (trustedRoot == null) + ? new KeylessVerifier.Builder().sigstorePublicDefaults().build() + : new KeylessVerifier.Builder().fromTrustedRoot(trustedRoot).build(); verifier.verify( artifact, KeylessVerificationRequest.builder() diff --git a/sigstore-java/src/main/java/dev/sigstore/KeylessVerifier.java b/sigstore-java/src/main/java/dev/sigstore/KeylessVerifier.java index a462e3494..9c44713d0 100644 --- a/sigstore-java/src/main/java/dev/sigstore/KeylessVerifier.java +++ b/sigstore-java/src/main/java/dev/sigstore/KeylessVerifier.java @@ -64,14 +64,13 @@ public static KeylessVerifier.Builder builder() { } public static class Builder { - private SigstoreTufClient sigstoreTufClient; + private TrustedRootProvider trustedRootProvider; public KeylessVerifier build() throws InvalidAlgorithmParameterException, CertificateException, InvalidKeySpecException, NoSuchAlgorithmException, IOException, InvalidKeyException { - Preconditions.checkNotNull(sigstoreTufClient); - sigstoreTufClient.update(); - var trustedRoot = sigstoreTufClient.getSigstoreTrustedRoot(); + Preconditions.checkNotNull(trustedRootProvider); + var trustedRoot = trustedRootProvider.get(); var fulcioVerifier = FulcioVerifier.newFulcioVerifier(trustedRoot); var rekorClient = RekorClient.builder().setTransparencyLog(trustedRoot).build(); var rekorVerifier = RekorVerifier.newRekorVerifier(trustedRoot); @@ -79,12 +78,19 @@ public KeylessVerifier build() } public Builder sigstorePublicDefaults() throws IOException { - sigstoreTufClient = SigstoreTufClient.builder().usePublicGoodInstance().build(); + var sigstoreTufClient = SigstoreTufClient.builder().usePublicGoodInstance().build(); + trustedRootProvider = TrustedRootProvider.from(sigstoreTufClient); return this; } public Builder sigstoreStagingDefaults() throws IOException { - sigstoreTufClient = SigstoreTufClient.builder().useStagingInstance().build(); + var sigstoreTufClient = SigstoreTufClient.builder().useStagingInstance().build(); + trustedRootProvider = TrustedRootProvider.from(sigstoreTufClient); + return this; + } + + public Builder fromTrustedRoot(Path trustedRoot) { + trustedRootProvider = TrustedRootProvider.from(trustedRoot); return this; } } diff --git a/sigstore-java/src/main/java/dev/sigstore/TrustedRootProvider.java b/sigstore-java/src/main/java/dev/sigstore/TrustedRootProvider.java new file mode 100644 index 000000000..b615f1183 --- /dev/null +++ b/sigstore-java/src/main/java/dev/sigstore/TrustedRootProvider.java @@ -0,0 +1,57 @@ +/* + * Copyright 2023 The Sigstore Authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package dev.sigstore; + +import com.google.common.base.Preconditions; +import com.google.protobuf.util.JsonFormat; +import dev.sigstore.proto.trustroot.v1.TrustedRoot; +import dev.sigstore.trustroot.SigstoreTrustedRoot; +import dev.sigstore.tuf.SigstoreTufClient; +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.nio.file.Files; +import java.nio.file.Path; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.spec.InvalidKeySpecException; + +@FunctionalInterface +public interface TrustedRootProvider { + + SigstoreTrustedRoot get() + throws InvalidAlgorithmParameterException, CertificateException, InvalidKeySpecException, + NoSuchAlgorithmException, IOException, InvalidKeyException; + + static TrustedRootProvider from(SigstoreTufClient tufClient) { + Preconditions.checkNotNull(tufClient); + return () -> { + tufClient.update(); + return tufClient.getSigstoreTrustedRoot(); + }; + } + + static TrustedRootProvider from(Path trustedRoot) { + Preconditions.checkNotNull(trustedRoot); + return () -> { + var trustedRootBuilder = TrustedRoot.newBuilder(); + JsonFormat.parser() + .merge(Files.readString(trustedRoot, StandardCharsets.UTF_8), trustedRootBuilder); + return SigstoreTrustedRoot.from(trustedRootBuilder.build()); + }; + } +} diff --git a/sigstore-java/src/main/java/dev/sigstore/VerificationMaterial.java b/sigstore-java/src/main/java/dev/sigstore/VerificationMaterial.java deleted file mode 100644 index d5653edec..000000000 --- a/sigstore-java/src/main/java/dev/sigstore/VerificationMaterial.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright 2022 The Sigstore Authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package dev.sigstore; - -import com.google.common.io.Resources; -import java.io.IOException; -import java.util.List; - -/** - * A temporary partial copy of the TUF repos that supplies necessary keys for prod and staging - * environments. This should be replaced with an actual TUF implementation - */ -public class VerificationMaterial { - - /** Verification material for *.sigstore.dev */ - public static class Production { - public static byte[] fulioCert() throws IOException { - return Resources.toByteArray( - Resources.getResource("dev/sigstore/tuf/production/fulcio_v1.crt.pem")); - } - - public static List ctfePublicKeys() throws IOException { - return List.of( - Resources.toByteArray(Resources.getResource("dev/sigstore/tuf/production/ctfe.pub")), - Resources.toByteArray( - Resources.getResource("dev/sigstore/tuf/production/ctfe_2022.pub"))); - } - - public static byte[] rekorPublicKey() throws IOException { - return Resources.toByteArray(Resources.getResource("dev/sigstore/tuf/production/rekor.pub")); - } - } - - /** Verification material for *.sigstage.dev */ - public static class Staging { - public static byte[] fulioCert() throws IOException { - return Resources.toByteArray( - Resources.getResource("dev/sigstore/tuf/staging/fulcio.crt.pem")); - } - - public static List ctfePublicKeys() throws IOException { - var ctfePublicKey = - Resources.toByteArray(Resources.getResource("dev/sigstore/tuf/staging/ctfe.pub")); - var ctfePublicKey2022 = - Resources.toByteArray(Resources.getResource("dev/sigstore/tuf/staging/ctfe_2022.pub")); - var ctfePublicKey2022_2 = - Resources.toByteArray(Resources.getResource("dev/sigstore/tuf/staging/ctfe_2022_2.pub")); - return List.of(ctfePublicKey, ctfePublicKey2022, ctfePublicKey2022_2); - } - - public static byte[] rekorPublicKey() throws IOException { - return Resources.toByteArray(Resources.getResource("dev/sigstore/tuf/staging/rekor.pub")); - } - } -} diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/README.md b/sigstore-java/src/main/resources/dev/sigstore/tuf/README.md index 20ba17af8..2fabbe24b 100644 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/README.md +++ b/sigstore-java/src/main/resources/dev/sigstore/tuf/README.md @@ -1,21 +1,3 @@ # TUF Store -This resource is a temporary alternative to an actual TUF client. -This is **not a permanent solution** and should not be treated as such. -If the key changes, they will not automatically be reflected here -and various signing/verification workflows will fail. - -We keep copies of the remote tuf repositories locally in -1. Production from https://tuf-repo-cdn.sigstore.dev \ - for interfacing with *.sigstore.dev - -2. Staging from https://tuf-repo-cdn.sigstage.dev \ - for interfacing with *.sigstage.dev - -For this client to function we need the following keys -1. CTFE public keys (`ctfe.pub`, `ctfe_*.pub`) \ - the public key for the certificate transparency log -2. Fulcio root cert (`fulcio_v1.crt.pem` or `fulcio.crt.pem`) \ - the root certificate for fulcio issued certificates -3. Rekor public key (`rekor.pub`) \ - the public key for the rekor transparency log +Seed roots for sigstore public good and staging. diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe.pub deleted file mode 100644 index 1bb1488c9..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEbfwR+RJudXscgRBRpKX1XFDy3Pyu -dDxz/SfnRi1fT8ekpfBd2O1uoz7jr3Z8nKzxA69EUQ+eFCFI3zeubPWU7w== ------END PUBLIC KEY----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe_2022.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe_2022.pub deleted file mode 100644 index 32fa2ad10..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe_2022.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEiPSlFi0CmFTfEjCUqF9HuCEcYXNK -AaYalIJmBZ8yyezPjTqhxrKBpMnaocVtLJBI1eM3uXnQzQGAJdJ4gs9Fyw== ------END PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/fulcio_v1.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/production/fulcio_v1.crt.pem deleted file mode 100644 index 3afc46bb6..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/fulcio_v1.crt.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB9zCCAXygAwIBAgIUALZNAPFdxHPwjeDloDwyYChAO/4wCgYIKoZIzj0EAwMw -KjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTAeFw0y -MTEwMDcxMzU2NTlaFw0zMTEwMDUxMzU2NThaMCoxFTATBgNVBAoTDHNpZ3N0b3Jl -LmRldjERMA8GA1UEAxMIc2lnc3RvcmUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT7 -XeFT4rb3PQGwS4IajtLk3/OlnpgangaBclYpsYBr5i+4ynB07ceb3LP0OIOZdxex -X69c5iVuyJRQ+Hz05yi+UF3uBWAlHpiS5sh0+H2GHE7SXrk1EC5m1Tr19L9gg92j -YzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRY -wB5fkUWlZql6zJChkyLQKsXF+jAfBgNVHSMEGDAWgBRYwB5fkUWlZql6zJChkyLQ -KsXF+jAKBggqhkjOPQQDAwNpADBmAjEAj1nHeXZp+13NWBNa+EDsDP8G1WWg1tCM -WP/WHPqpaVo0jhsweNFZgSs0eE7wYI4qAjEA2WB9ot98sIkoF3vZYdd3/VtWB5b9 -TNMea7Ix/stJ5TfcLLeABLE4BNJOsQ4vnBHJ ------END CERTIFICATE----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/rekor.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/production/rekor.pub deleted file mode 100644 index 050ef6014..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/rekor.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2G2Y+2tabdTV5BcGiBIx0a9fAFwr -kBbmLSGtks4L3qX6yYY0zufBnhC8Ur/iy55GhWP/9A/bY2LhC30M9+RYtw== ------END PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/5.root.json b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/5.root.json deleted file mode 100644 index 38f80f940..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/5.root.json +++ /dev/null @@ -1,156 +0,0 @@ -{ - "signed": { - "_type": "root", - "spec_version": "1.0", - "version": 5, - "expires": "2023-04-18T18:13:43Z", - "keys": { - "25a0eb450fd3ee2bd79218c963dce3f1cc6118badf251bf149f0bd07d5cabe99": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEXsz3SZXFb8jMV42j6pJlyjbjR8K\nN3Bwocexq6LMIb5qsWKOQvLN16NUefLc4HswOoumRsVVaajSpQS6fobkRw==\n-----END PUBLIC KEY-----\n" - } - }, - "2e61cd0cbf4a8f45809bda9f7f78c0d33ad11842ff94ae340873e2664dc843de": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0ghrh92Lw1Yr3idGV5WqCtMDB8Cx\n+D8hdC4w2ZLNIplVRoVGLskYa3gheMyOjiJ8kPi15aQ2//7P+oj7UvJPGw==\n-----END PUBLIC KEY-----\n" - } - }, - "45b283825eb184cabd582eb17b74fc8ed404f68cf452acabdad2ed6f90ce216b": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELrWvNt94v4R085ELeeCMxHp7PldF\n0/T1GxukUh2ODuggLGJE0pc1e8CSBf6CS91Fwo9FUOuRsjBUld+VqSyCdQ==\n-----END PUBLIC KEY-----\n" - } - }, - "7f7513b25429a64473e10ce3ad2f3da372bbdd14b65d07bbaf547e7c8bbbe62b": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEinikSsAQmYkNeH5eYq/CnIzLaacO\nxlSaawQDOwqKy/tCqxq5xxPSJc21K4WIhs9GyOkKfzueY3GILzcMJZ4cWw==\n-----END PUBLIC KEY-----\n" - } - }, - "e1863ba02070322ebc626dcecf9d881a3a38c35c3b41a83765b6ad6c37eaec2a": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWRiGr5+j+3J5SsH+Ztr5nE2H2wO7\nBV+nO3s93gLca18qTOzHY1oWyAGDykMSsGTUBSt9D+An0KfKsD2mfSM42Q==\n-----END PUBLIC KEY-----\n" - } - }, - "f5312f542c21273d9485a49394386c4575804770667f2ddb59b3bf0669fddd2f": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzBzVOmHCPojMVLSI364WiiV8NPrD\n6IgRxVliskz/v+y3JER5mcVGcONliDcWMC5J2lfHmjPNPhb4H7xm8LzfSA==\n-----END PUBLIC KEY-----\n" - } - }, - "ff51e17fcf253119b7033f6f57512631da4a0969442afcf9fc8b141c7f2be99c": { - "keytype": "ecdsa-sha2-nistp256", - "scheme": "ecdsa-sha2-nistp256", - "keyid_hash_algorithms": [ - "sha256", - "sha512" - ], - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEy8XKsmhBYDI8Jc0GwzBxeKax0cm5\nSTKEU65HPFunUn41sT8pi0FjM4IkHz/YUmwmLUO0Wt7lxhj6BkLIK4qYAw==\n-----END PUBLIC KEY-----\n" - } - } - }, - "roles": { - "root": { - "keyids": [ - "ff51e17fcf253119b7033f6f57512631da4a0969442afcf9fc8b141c7f2be99c", - "25a0eb450fd3ee2bd79218c963dce3f1cc6118badf251bf149f0bd07d5cabe99", - "f5312f542c21273d9485a49394386c4575804770667f2ddb59b3bf0669fddd2f", - "7f7513b25429a64473e10ce3ad2f3da372bbdd14b65d07bbaf547e7c8bbbe62b", - "2e61cd0cbf4a8f45809bda9f7f78c0d33ad11842ff94ae340873e2664dc843de" - ], - "threshold": 3 - }, - "snapshot": { - "keyids": [ - "45b283825eb184cabd582eb17b74fc8ed404f68cf452acabdad2ed6f90ce216b" - ], - "threshold": 1 - }, - "targets": { - "keyids": [ - "ff51e17fcf253119b7033f6f57512631da4a0969442afcf9fc8b141c7f2be99c", - "25a0eb450fd3ee2bd79218c963dce3f1cc6118badf251bf149f0bd07d5cabe99", - "f5312f542c21273d9485a49394386c4575804770667f2ddb59b3bf0669fddd2f", - "7f7513b25429a64473e10ce3ad2f3da372bbdd14b65d07bbaf547e7c8bbbe62b", - "2e61cd0cbf4a8f45809bda9f7f78c0d33ad11842ff94ae340873e2664dc843de" - ], - "threshold": 3 - }, - "timestamp": { - "keyids": [ - "e1863ba02070322ebc626dcecf9d881a3a38c35c3b41a83765b6ad6c37eaec2a" - ], - "threshold": 1 - } - }, - "consistent_snapshot": true - }, - "signatures": [ - { - "keyid": "ff51e17fcf253119b7033f6f57512631da4a0969442afcf9fc8b141c7f2be99c", - "sig": "3045022100fc1c2be509ce50ea917bbad1d9efe9d96c8c2ebea04af2717aa3d9c6fe617a75022012eef282a19f2d8bd4818aa333ef48a06489f49d4d34a20b8fe8fc867bb25a7a" - }, - { - "keyid": "25a0eb450fd3ee2bd79218c963dce3f1cc6118badf251bf149f0bd07d5cabe99", - "sig": "30450221008a4392ae5057fc00778b651e61fea244766a4ae58db84d9f1d3810720ab0f3b702207c49e59e8031318caf02252ecea1281cecc1e5986c309a9cef61f455ecf7165d" - }, - { - "keyid": "7f7513b25429a64473e10ce3ad2f3da372bbdd14b65d07bbaf547e7c8bbbe62b", - "sig": "3046022100da1b8dc5d53aaffbbfac98de3e23ee2d2ad3446a7bed09fac0f88bae19be2587022100b681c046afc3919097dfe794e0d819be891e2e850aade315bec06b0c4dea221b" - }, - { - "keyid": "2e61cd0cbf4a8f45809bda9f7f78c0d33ad11842ff94ae340873e2664dc843de", - "sig": "3046022100b534e0030e1b271133ecfbdf3ba9fbf3becb3689abea079a2150afbb63cdb7c70221008c39a718fd9495f249b4ab8788d5b9dc269f0868dbe38b272f48207359d3ded9" - }, - { - "keyid": "2f64fb5eac0cf94dd39bb45308b98920055e9a0d8e012a7220787834c60aef97", - "sig": "3045022100fc1c2be509ce50ea917bbad1d9efe9d96c8c2ebea04af2717aa3d9c6fe617a75022012eef282a19f2d8bd4818aa333ef48a06489f49d4d34a20b8fe8fc867bb25a7a" - }, - { - "keyid": "eaf22372f417dd618a46f6c627dbc276e9fd30a004fc94f9be946e73f8bd090b", - "sig": "30450221008a4392ae5057fc00778b651e61fea244766a4ae58db84d9f1d3810720ab0f3b702207c49e59e8031318caf02252ecea1281cecc1e5986c309a9cef61f455ecf7165d" - }, - { - "keyid": "f505595165a177a41750a8e864ed1719b1edfccd5a426fd2c0ffda33ce7ff209", - "sig": "3046022100da1b8dc5d53aaffbbfac98de3e23ee2d2ad3446a7bed09fac0f88bae19be2587022100b681c046afc3919097dfe794e0d819be891e2e850aade315bec06b0c4dea221b" - }, - { - "keyid": "75e867ab10e121fdef32094af634707f43ddd79c6bab8ad6c5ab9f03f4ea8c90", - "sig": "3046022100b534e0030e1b271133ecfbdf3ba9fbf3becb3689abea079a2150afbb63cdb7c70221008c39a718fd9495f249b4ab8788d5b9dc269f0868dbe38b272f48207359d3ded9" - } - ] -} \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/5.targets.json b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/5.targets.json deleted file mode 100644 index 359857802..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/5.targets.json +++ /dev/null @@ -1,125 +0,0 @@ -{ - "signed": { - "_type": "targets", - "spec_version": "1.0", - "version": 5, - "expires": "2023-04-18T18:13:43Z", - "targets": { - "artifact.pub": { - "length": 177, - "hashes": { - "sha256": "59ebf97a9850aecec4bc39c1f5c1dc46e6490a6b5fd2a6cacdcac0c3a6fc4cbf", - "sha512": "308fd1d1d95d7f80aa33b837795251cc3e886792982275e062409e13e4e236ffc34d676682aa96fdc751414de99c864bf132dde71581fa651c6343905e3bf988" - }, - "custom": { - "sigstore": { - "status": "Active", - "usage": "Unknown" - } - } - }, - "ctfe.pub": { - "length": 177, - "hashes": { - "sha256": "7fcb94a5d0ed541260473b990b99a6c39864c1fb16f3f3e594a5a3cebbfe138a", - "sha512": "4b20747d1afe2544238ad38cc0cc3010921b177d60ac743767e0ef675b915489bd01a36606c0ff83c06448622d7160f0d866c83d20f0c0f44653dcc3f9aa0bd4" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstore.dev/test", - "usage": "CTFE" - } - } - }, - "ctfe_2022.pub": { - "length": 178, - "hashes": { - "sha256": "270488a309d22e804eeb245493e87c667658d749006b9fee9cc614572d4fbbdc", - "sha512": "e83fa4f427b24ee7728637fad1b4aa45ebde2ba02751fa860694b1bb16059a490328f9985e51cc70e4d237545315a1bc866dc4fdeef2f6248d99cc7a6077bf85" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstore.dev/2022", - "usage": "CTFE" - } - } - }, - "fulcio.crt.pem": { - "length": 744, - "hashes": { - "sha256": "f360c53b2e13495a628b9b8096455badcb6d375b185c4816d95a5d746ff29908", - "sha512": "0713252a7fd17f7f3ab12f88a64accf2eb14b8ad40ca711d7fe8b4ecba3b24db9e9dffadb997b196d3867b8f9ff217faf930d80e4dab4e235c7fc3f07be69224" - }, - "custom": { - "sigstore": { - "status": "Expired", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "fulcio_intermediate_v1.crt.pem": { - "length": 789, - "hashes": { - "sha256": "f8cbecf186db7714624a5f4e99da31a917cbef70a94dd6921f5c3ca969dfe30a", - "sha512": "0f99f47dbc26c5f1e3cba0bfd9af4245a26e5cb735d6ef005792ec7e603f66fdb897de985973a6e50940ca7eff5e1849719e967b5ad2dac74a29115a41cf6f21" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "fulcio_v1.crt.pem": { - "length": 740, - "hashes": { - "sha256": "f989aa23def87c549404eadba767768d2a3c8d6d30a8b793f9f518a8eafd2cf5", - "sha512": "f2e33a6dc208cee1f51d33bbea675ab0f0ced269617497985f9a0680689ee7073e4b6f8fef64c91bda590d30c129b3070dddce824c05bc165ac9802f0705cab6" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "rekor.pub": { - "length": 178, - "hashes": { - "sha256": "dce5ef715502ec9f3cdfd11f8cc384b31a6141023d3e7595e9908a81cb6241bd", - "sha512": "0ae7705e02db33e814329746a4a0e5603c5bdcd91c96d072158d71011a2695788866565a2fec0fe363eb72cbcaeda39e54c5fe8d416daf9f3101fdba4217ef35" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://rekor.sigstore.dev", - "usage": "Rekor" - } - } - } - } - }, - "signatures": [ - { - "keyid": "7f7513b25429a64473e10ce3ad2f3da372bbdd14b65d07bbaf547e7c8bbbe62b", - "sig": "3045022100bf03c32b59f65285b91118172503c9f7e5f65fea0d4647f31adfb6cf18ed09db022069778e655e4198a3346ea9239dacb111571c7e7ed4c96d166ddce06306486a9c" - }, - { - "keyid": "2e61cd0cbf4a8f45809bda9f7f78c0d33ad11842ff94ae340873e2664dc843de", - "sig": "30440220562f52b2243e66d8dff72dbf67a29faf82ad60ecbe0638acd4ab00338244f0b102206051db1fbe5a7815b4076096d5f8002c0dc1ecce8d9ef9d696cdacff50c7463a" - }, - { - "keyid": "ff51e17fcf253119b7033f6f57512631da4a0969442afcf9fc8b141c7f2be99c", - "sig": "3045022100df19bbbabed7672c8e797152d6b97aa1f14fdcd6e10ce0e41703d5e7ad37c2e502200583577549f561079273460afe2b827b16d5e76a63616390bf956ee5f24d60eb" - }, - { - "keyid": "25a0eb450fd3ee2bd79218c963dce3f1cc6118badf251bf149f0bd07d5cabe99", - "sig": "304502207d79f0ee8965f82c24fc5b96d6fbfa760b1f7192fd829a64a32ec03c579220310221008498a536dcc7aefd267875267f08cb27f8ae455dc6d8c53fe628e2fda2772dd4" - } - ] -} \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/69.snapshot.json b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/69.snapshot.json deleted file mode 100644 index 4a23bf306..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/69.snapshot.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "signed": { - "_type": "snapshot", - "spec_version": "1.0", - "version": 69, - "expires": "2023-03-01T00:07:52Z", - "meta": { - "rekor.json": { - "length": 797, - "hashes": { - "sha256": "9d2e1a5842937d8e0d3e3759170b0ad15c56c5df36afc5cf73583ddd283a463b", - "sha512": "176e9e710ddddd1b357a7d7970831bae59763395a0c18976110cbd35b25e5412dc50f356ec421a7a30265670cf7aec9ed84ee944ba700ec2394b9c876645b960" - }, - "version": 3 - }, - "revocation.json": { - "length": 800, - "hashes": { - "sha256": "6f60848ba8fb0955a02abfd1232fb3845dc9ee9f418bf03521a7ddb48217e040", - "sha512": "a965dddd0d0edef6c59e84cf02ecf5a53299f633fd339b2b61814a4219ab4df672a6390f265b8b29e1c8cea9368ea3440df013790759d50231a30df1c1f02551" - }, - "version": 2 - }, - "root.json": { - "length": 5297, - "hashes": { - "sha256": "f5ad897c9414cca99629f400ac3585e41bd8ebb44c5af07fb08dd636a9eced9c", - "sha512": "7445ddfdd338ef786c324fc3d68f75be28cb95b7fb581d2a383e3e5dde18aa17029a5636ec0a22e9631931bbcb34057788311718ea41e21e7cdd3c0de13ede42" - }, - "version": 2 - }, - "staging.json": { - "length": 401, - "hashes": { - "sha256": "cda57759abac5375397eea3531d7ca51e3a67da9a2dc93f2cdab749e2ae73149", - "sha512": "e9e59587bde453144c7079884a880c706f1d43f26e8bb23fac2b96a99569a2a30ae6cf51ec51c2454f760ce83d4c20915e062aede7f319b3da6a6ed1d26ca281" - }, - "version": 2 - }, - "targets.json": { - "length": 4188, - "hashes": { - "sha256": "5dbc142fcda89c914175b4e8570a2745d41f8ff799625b8890e6e56e009038ca", - "sha512": "e9397f3c1b84c7c7e52f91e4e62409c66af42bde74f93e12005054ee5fc00a1811685306276bea115dc1e4679cd8e6d9aeb49115e9493872b0c1c9308f93714a" - }, - "version": 5 - } - } - }, - "signatures": [ - { - "keyid": "45b283825eb184cabd582eb17b74fc8ed404f68cf452acabdad2ed6f90ce216b", - "sig": "3044022056f506140374dda69b810c22673b3facb5ed298a5168cc935abb76854ac70aa30220530e72f5b2bb824e772a1d14ebc8137ff4677792f1ae861b115b5cc06426d251" - } - ] -} \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/snapshot.json b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/snapshot.json deleted file mode 100644 index cb6406479..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/snapshot.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "signed": { - "_type": "snapshot", - "spec_version": "1.0", - "version": 69, - "expires": "2023-03-01T00:07:52Z", - "meta": { - "rekor.json": { - "length": 797, - "hashes": { - "sha256": "9d2e1a5842937d8e0d3e3759170b0ad15c56c5df36afc5cf73583ddd283a463b", - "sha512": "176e9e710ddddd1b357a7d7970831bae59763395a0c18976110cbd35b25e5412dc50f356ec421a7a30265670cf7aec9ed84ee944ba700ec2394b9c876645b960" - }, - "version": 3 - }, - "revocation.json": { - "length": 800, - "hashes": { - "sha256": "6f60848ba8fb0955a02abfd1232fb3845dc9ee9f418bf03521a7ddb48217e040", - "sha512": "a965dddd0d0edef6c59e84cf02ecf5a53299f633fd339b2b61814a4219ab4df672a6390f265b8b29e1c8cea9368ea3440df013790759d50231a30df1c1f02551" - }, - "version": 2 - }, - "root.json": { - "length": 5297, - "hashes": { - "sha256": "f5ad897c9414cca99629f400ac3585e41bd8ebb44c5af07fb08dd636a9eced9c", - "sha512": "7445ddfdd338ef786c324fc3d68f75be28cb95b7fb581d2a383e3e5dde18aa17029a5636ec0a22e9631931bbcb34057788311718ea41e21e7cdd3c0de13ede42" - }, - "version": 2 - }, - "staging.json": { - "length": 401, - "hashes": { - "sha256": "cda57759abac5375397eea3531d7ca51e3a67da9a2dc93f2cdab749e2ae73149", - "sha512": "e9e59587bde453144c7079884a880c706f1d43f26e8bb23fac2b96a99569a2a30ae6cf51ec51c2454f760ce83d4c20915e062aede7f319b3da6a6ed1d26ca281" - }, - "version": 2 - }, - "targets.json": { - "length": 4188, - "hashes": { - "sha256": "5dbc142fcda89c914175b4e8570a2745d41f8ff799625b8890e6e56e009038ca", - "sha512": "e9397f3c1b84c7c7e52f91e4e62409c66af42bde74f93e12005054ee5fc00a1811685306276bea115dc1e4679cd8e6d9aeb49115e9493872b0c1c9308f93714a" - }, - "version": 5 - } - } - }, - "signatures": [ - { - "keyid": "45b283825eb184cabd582eb17b74fc8ed404f68cf452acabdad2ed6f90ce216b", - "sig": "3044022056f506140374dda69b810c22673b3facb5ed298a5168cc935abb76854ac70aa30220530e72f5b2bb824e772a1d14ebc8137ff4677792f1ae861b115b5cc06426d251" - } - ] -} \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets.json b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets.json deleted file mode 100644 index 2306947f4..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets.json +++ /dev/null @@ -1,125 +0,0 @@ -{ - "signed": { - "_type": "targets", - "spec_version": "1.0", - "version": 5, - "expires": "2023-04-18T18:13:43Z", - "targets": { - "artifact.pub": { - "length": 177, - "hashes": { - "sha256": "59ebf97a9850aecec4bc39c1f5c1dc46e6490a6b5fd2a6cacdcac0c3a6fc4cbf", - "sha512": "308fd1d1d95d7f80aa33b837795251cc3e886792982275e062409e13e4e236ffc34d676682aa96fdc751414de99c864bf132dde71581fa651c6343905e3bf988" - }, - "custom": { - "sigstore": { - "status": "Active", - "usage": "Unknown" - } - } - }, - "ctfe.pub": { - "length": 177, - "hashes": { - "sha256": "7fcb94a5d0ed541260473b990b99a6c39864c1fb16f3f3e594a5a3cebbfe138a", - "sha512": "4b20747d1afe2544238ad38cc0cc3010921b177d60ac743767e0ef675b915489bd01a36606c0ff83c06448622d7160f0d866c83d20f0c0f44653dcc3f9aa0bd4" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstore.dev/test", - "usage": "CTFE" - } - } - }, - "ctfe_2022.pub": { - "length": 178, - "hashes": { - "sha256": "270488a309d22e804eeb245493e87c667658d749006b9fee9cc614572d4fbbdc", - "sha512": "e83fa4f427b24ee7728637fad1b4aa45ebde2ba02751fa860694b1bb16059a490328f9985e51cc70e4d237545315a1bc866dc4fdeef2f6248d99cc7a6077bf85" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://ctfe.sigstore.dev/2022", - "usage": "CTFE" - } - } - }, - "fulcio.crt.pem": { - "length": 744, - "hashes": { - "sha256": "f360c53b2e13495a628b9b8096455badcb6d375b185c4816d95a5d746ff29908", - "sha512": "0713252a7fd17f7f3ab12f88a64accf2eb14b8ad40ca711d7fe8b4ecba3b24db9e9dffadb997b196d3867b8f9ff217faf930d80e4dab4e235c7fc3f07be69224" - }, - "custom": { - "sigstore": { - "status": "Expired", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "fulcio_intermediate_v1.crt.pem": { - "length": 789, - "hashes": { - "sha256": "f8cbecf186db7714624a5f4e99da31a917cbef70a94dd6921f5c3ca969dfe30a", - "sha512": "0f99f47dbc26c5f1e3cba0bfd9af4245a26e5cb735d6ef005792ec7e603f66fdb897de985973a6e50940ca7eff5e1849719e967b5ad2dac74a29115a41cf6f21" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "fulcio_v1.crt.pem": { - "length": 740, - "hashes": { - "sha256": "f989aa23def87c549404eadba767768d2a3c8d6d30a8b793f9f518a8eafd2cf5", - "sha512": "f2e33a6dc208cee1f51d33bbea675ab0f0ced269617497985f9a0680689ee7073e4b6f8fef64c91bda590d30c129b3070dddce824c05bc165ac9802f0705cab6" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://fulcio.sigstore.dev", - "usage": "Fulcio" - } - } - }, - "rekor.pub": { - "length": 178, - "hashes": { - "sha256": "dce5ef715502ec9f3cdfd11f8cc384b31a6141023d3e7595e9908a81cb6241bd", - "sha512": "0ae7705e02db33e814329746a4a0e5603c5bdcd91c96d072158d71011a2695788866565a2fec0fe363eb72cbcaeda39e54c5fe8d416daf9f3101fdba4217ef35" - }, - "custom": { - "sigstore": { - "status": "Active", - "uri": "https://rekor.sigstore.dev", - "usage": "Rekor" - } - } - } - } - }, - "signatures": [ - { - "keyid": "7f7513b25429a64473e10ce3ad2f3da372bbdd14b65d07bbaf547e7c8bbbe62b", - "sig": "3045022100bf03c32b59f65285b91118172503c9f7e5f65fea0d4647f31adfb6cf18ed09db022069778e655e4198a3346ea9239dacb111571c7e7ed4c96d166ddce06306486a9c" - }, - { - "keyid": "2e61cd0cbf4a8f45809bda9f7f78c0d33ad11842ff94ae340873e2664dc843de", - "sig": "30440220562f52b2243e66d8dff72dbf67a29faf82ad60ecbe0638acd4ab00338244f0b102206051db1fbe5a7815b4076096d5f8002c0dc1ecce8d9ef9d696cdacff50c7463a" - }, - { - "keyid": "ff51e17fcf253119b7033f6f57512631da4a0969442afcf9fc8b141c7f2be99c", - "sig": "3045022100df19bbbabed7672c8e797152d6b97aa1f14fdcd6e10ce0e41703d5e7ad37c2e502200583577549f561079273460afe2b827b16d5e76a63616390bf956ee5f24d60eb" - }, - { - "keyid": "25a0eb450fd3ee2bd79218c963dce3f1cc6118badf251bf149f0bd07d5cabe99", - "sig": "304502207d79f0ee8965f82c24fc5b96d6fbfa760b1f7192fd829a64a32ec03c579220310221008498a536dcc7aefd267875267f08cb27f8ae455dc6d8c53fe628e2fda2772dd4" - } - ] -} \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0713252a7fd17f7f3ab12f88a64accf2eb14b8ad40ca711d7fe8b4ecba3b24db9e9dffadb997b196d3867b8f9ff217faf930d80e4dab4e235c7fc3f07be69224.fulcio.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0713252a7fd17f7f3ab12f88a64accf2eb14b8ad40ca711d7fe8b4ecba3b24db9e9dffadb997b196d3867b8f9ff217faf930d80e4dab4e235c7fc3f07be69224.fulcio.crt.pem deleted file mode 100644 index 6a06ff300..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0713252a7fd17f7f3ab12f88a64accf2eb14b8ad40ca711d7fe8b4ecba3b24db9e9dffadb997b196d3867b8f9ff217faf930d80e4dab4e235c7fc3f07be69224.fulcio.crt.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB+DCCAX6gAwIBAgITNVkDZoCiofPDsy7dfm6geLbuhzAKBggqhkjOPQQDAzAq -MRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxETAPBgNVBAMTCHNpZ3N0b3JlMB4XDTIx -MDMwNzAzMjAyOVoXDTMxMDIyMzAzMjAyOVowKjEVMBMGA1UEChMMc2lnc3RvcmUu -ZGV2MREwDwYDVQQDEwhzaWdzdG9yZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABLSy -A7Ii5k+pNO8ZEWY0ylemWDowOkNa3kL+GZE5Z5GWehL9/A9bRNA3RbrsZ5i0Jcas -taRL7Sp5fp/jD5dxqc/UdTVnlvS16an+2Yfswe/QuLolRUCrcOE2+2iA5+tzd6Nm -MGQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYE -FMjFHQBBmiQpMlEk6w2uSu1KBtPsMB8GA1UdIwQYMBaAFMjFHQBBmiQpMlEk6w2u -Su1KBtPsMAoGCCqGSM49BAMDA2gAMGUCMH8liWJfMui6vXXBhjDgY4MwslmN/TJx -Ve/83WrFomwmNf056y1X48F9c4m3a3ozXAIxAKjRay5/aj/jsKKGIkmQatjI8uup -Hr/+CxFvaJWmpYqNkLDGRU+9orzh5hI2RrcuaQ== ------END CERTIFICATE----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0ae7705e02db33e814329746a4a0e5603c5bdcd91c96d072158d71011a2695788866565a2fec0fe363eb72cbcaeda39e54c5fe8d416daf9f3101fdba4217ef35.rekor.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0ae7705e02db33e814329746a4a0e5603c5bdcd91c96d072158d71011a2695788866565a2fec0fe363eb72cbcaeda39e54c5fe8d416daf9f3101fdba4217ef35.rekor.pub deleted file mode 100644 index 050ef6014..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0ae7705e02db33e814329746a4a0e5603c5bdcd91c96d072158d71011a2695788866565a2fec0fe363eb72cbcaeda39e54c5fe8d416daf9f3101fdba4217ef35.rekor.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2G2Y+2tabdTV5BcGiBIx0a9fAFwr -kBbmLSGtks4L3qX6yYY0zufBnhC8Ur/iy55GhWP/9A/bY2LhC30M9+RYtw== ------END PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0f99f47dbc26c5f1e3cba0bfd9af4245a26e5cb735d6ef005792ec7e603f66fdb897de985973a6e50940ca7eff5e1849719e967b5ad2dac74a29115a41cf6f21.fulcio_intermediate_v1.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0f99f47dbc26c5f1e3cba0bfd9af4245a26e5cb735d6ef005792ec7e603f66fdb897de985973a6e50940ca7eff5e1849719e967b5ad2dac74a29115a41cf6f21.fulcio_intermediate_v1.crt.pem deleted file mode 100644 index 6d1c298ba..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/0f99f47dbc26c5f1e3cba0bfd9af4245a26e5cb735d6ef005792ec7e603f66fdb897de985973a6e50940ca7eff5e1849719e967b5ad2dac74a29115a41cf6f21.fulcio_intermediate_v1.crt.pem +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICGjCCAaGgAwIBAgIUALnViVfnU0brJasmRkHrn/UnfaQwCgYIKoZIzj0EAwMw -KjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTAeFw0y -MjA0MTMyMDA2MTVaFw0zMTEwMDUxMzU2NThaMDcxFTATBgNVBAoTDHNpZ3N0b3Jl -LmRldjEeMBwGA1UEAxMVc2lnc3RvcmUtaW50ZXJtZWRpYXRlMHYwEAYHKoZIzj0C -AQYFK4EEACIDYgAE8RVS/ysH+NOvuDZyPIZtilgUF9NlarYpAd9HP1vBBH1U5CV7 -7LSS7s0ZiH4nE7Hv7ptS6LvvR/STk798LVgMzLlJ4HeIfF3tHSaexLcYpSASr1kS -0N/RgBJz/9jWCiXno3sweTAOBgNVHQ8BAf8EBAMCAQYwEwYDVR0lBAwwCgYIKwYB -BQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU39Ppz1YkEZb5qNjp -KFWixi4YZD8wHwYDVR0jBBgwFoAUWMAeX5FFpWapesyQoZMi0CrFxfowCgYIKoZI -zj0EAwMDZwAwZAIwPCsQK4DYiZYDPIaDi5HFKnfxXx6ASSVmERfsynYBiX2X6SJR -nZU84/9DZdnFvvxmAjBOt6QpBlc4J/0DxvkTCqpclvziL6BCCPnjdlIB3Pu3BxsP -mygUY7Ii2zbdCdliiow= ------END CERTIFICATE----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/270488a309d22e804eeb245493e87c667658d749006b9fee9cc614572d4fbbdc.ctfe_2022.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/270488a309d22e804eeb245493e87c667658d749006b9fee9cc614572d4fbbdc.ctfe_2022.pub deleted file mode 100644 index 32fa2ad10..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/270488a309d22e804eeb245493e87c667658d749006b9fee9cc614572d4fbbdc.ctfe_2022.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEiPSlFi0CmFTfEjCUqF9HuCEcYXNK -AaYalIJmBZ8yyezPjTqhxrKBpMnaocVtLJBI1eM3uXnQzQGAJdJ4gs9Fyw== ------END PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/308fd1d1d95d7f80aa33b837795251cc3e886792982275e062409e13e4e236ffc34d676682aa96fdc751414de99c864bf132dde71581fa651c6343905e3bf988.artifact.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/308fd1d1d95d7f80aa33b837795251cc3e886792982275e062409e13e4e236ffc34d676682aa96fdc751414de99c864bf132dde71581fa651c6343905e3bf988.artifact.pub deleted file mode 100644 index d6e745bdd..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/308fd1d1d95d7f80aa33b837795251cc3e886792982275e062409e13e4e236ffc34d676682aa96fdc751414de99c864bf132dde71581fa651c6343905e3bf988.artifact.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEhyQCx0E9wQWSFI9ULGwy3BuRklnt -IqozONbbdbqz11hlRJy9c7SG+hdcFl9jE9uE/dwtuwU2MqU9T/cN0YkWww== ------END PUBLIC KEY----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/4b20747d1afe2544238ad38cc0cc3010921b177d60ac743767e0ef675b915489bd01a36606c0ff83c06448622d7160f0d866c83d20f0c0f44653dcc3f9aa0bd4.ctfe.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/4b20747d1afe2544238ad38cc0cc3010921b177d60ac743767e0ef675b915489bd01a36606c0ff83c06448622d7160f0d866c83d20f0c0f44653dcc3f9aa0bd4.ctfe.pub deleted file mode 100644 index 1bb1488c9..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/4b20747d1afe2544238ad38cc0cc3010921b177d60ac743767e0ef675b915489bd01a36606c0ff83c06448622d7160f0d866c83d20f0c0f44653dcc3f9aa0bd4.ctfe.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEbfwR+RJudXscgRBRpKX1XFDy3Pyu -dDxz/SfnRi1fT8ekpfBd2O1uoz7jr3Z8nKzxA69EUQ+eFCFI3zeubPWU7w== ------END PUBLIC KEY----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/59ebf97a9850aecec4bc39c1f5c1dc46e6490a6b5fd2a6cacdcac0c3a6fc4cbf.artifact.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/59ebf97a9850aecec4bc39c1f5c1dc46e6490a6b5fd2a6cacdcac0c3a6fc4cbf.artifact.pub deleted file mode 100644 index d6e745bdd..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/59ebf97a9850aecec4bc39c1f5c1dc46e6490a6b5fd2a6cacdcac0c3a6fc4cbf.artifact.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEhyQCx0E9wQWSFI9ULGwy3BuRklnt -IqozONbbdbqz11hlRJy9c7SG+hdcFl9jE9uE/dwtuwU2MqU9T/cN0YkWww== ------END PUBLIC KEY----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/7fcb94a5d0ed541260473b990b99a6c39864c1fb16f3f3e594a5a3cebbfe138a.ctfe.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/7fcb94a5d0ed541260473b990b99a6c39864c1fb16f3f3e594a5a3cebbfe138a.ctfe.pub deleted file mode 100644 index 1bb1488c9..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/7fcb94a5d0ed541260473b990b99a6c39864c1fb16f3f3e594a5a3cebbfe138a.ctfe.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEbfwR+RJudXscgRBRpKX1XFDy3Pyu -dDxz/SfnRi1fT8ekpfBd2O1uoz7jr3Z8nKzxA69EUQ+eFCFI3zeubPWU7w== ------END PUBLIC KEY----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/dce5ef715502ec9f3cdfd11f8cc384b31a6141023d3e7595e9908a81cb6241bd.rekor.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/dce5ef715502ec9f3cdfd11f8cc384b31a6141023d3e7595e9908a81cb6241bd.rekor.pub deleted file mode 100644 index 050ef6014..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/dce5ef715502ec9f3cdfd11f8cc384b31a6141023d3e7595e9908a81cb6241bd.rekor.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2G2Y+2tabdTV5BcGiBIx0a9fAFwr -kBbmLSGtks4L3qX6yYY0zufBnhC8Ur/iy55GhWP/9A/bY2LhC30M9+RYtw== ------END PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/e83fa4f427b24ee7728637fad1b4aa45ebde2ba02751fa860694b1bb16059a490328f9985e51cc70e4d237545315a1bc866dc4fdeef2f6248d99cc7a6077bf85.ctfe_2022.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/e83fa4f427b24ee7728637fad1b4aa45ebde2ba02751fa860694b1bb16059a490328f9985e51cc70e4d237545315a1bc866dc4fdeef2f6248d99cc7a6077bf85.ctfe_2022.pub deleted file mode 100644 index 32fa2ad10..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/e83fa4f427b24ee7728637fad1b4aa45ebde2ba02751fa860694b1bb16059a490328f9985e51cc70e4d237545315a1bc866dc4fdeef2f6248d99cc7a6077bf85.ctfe_2022.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEiPSlFi0CmFTfEjCUqF9HuCEcYXNK -AaYalIJmBZ8yyezPjTqhxrKBpMnaocVtLJBI1eM3uXnQzQGAJdJ4gs9Fyw== ------END PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f2e33a6dc208cee1f51d33bbea675ab0f0ced269617497985f9a0680689ee7073e4b6f8fef64c91bda590d30c129b3070dddce824c05bc165ac9802f0705cab6.fulcio_v1.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f2e33a6dc208cee1f51d33bbea675ab0f0ced269617497985f9a0680689ee7073e4b6f8fef64c91bda590d30c129b3070dddce824c05bc165ac9802f0705cab6.fulcio_v1.crt.pem deleted file mode 100644 index 3afc46bb6..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f2e33a6dc208cee1f51d33bbea675ab0f0ced269617497985f9a0680689ee7073e4b6f8fef64c91bda590d30c129b3070dddce824c05bc165ac9802f0705cab6.fulcio_v1.crt.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB9zCCAXygAwIBAgIUALZNAPFdxHPwjeDloDwyYChAO/4wCgYIKoZIzj0EAwMw -KjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTAeFw0y -MTEwMDcxMzU2NTlaFw0zMTEwMDUxMzU2NThaMCoxFTATBgNVBAoTDHNpZ3N0b3Jl -LmRldjERMA8GA1UEAxMIc2lnc3RvcmUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT7 -XeFT4rb3PQGwS4IajtLk3/OlnpgangaBclYpsYBr5i+4ynB07ceb3LP0OIOZdxex -X69c5iVuyJRQ+Hz05yi+UF3uBWAlHpiS5sh0+H2GHE7SXrk1EC5m1Tr19L9gg92j -YzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRY -wB5fkUWlZql6zJChkyLQKsXF+jAfBgNVHSMEGDAWgBRYwB5fkUWlZql6zJChkyLQ -KsXF+jAKBggqhkjOPQQDAwNpADBmAjEAj1nHeXZp+13NWBNa+EDsDP8G1WWg1tCM -WP/WHPqpaVo0jhsweNFZgSs0eE7wYI4qAjEA2WB9ot98sIkoF3vZYdd3/VtWB5b9 -TNMea7Ix/stJ5TfcLLeABLE4BNJOsQ4vnBHJ ------END CERTIFICATE----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f360c53b2e13495a628b9b8096455badcb6d375b185c4816d95a5d746ff29908.fulcio.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f360c53b2e13495a628b9b8096455badcb6d375b185c4816d95a5d746ff29908.fulcio.crt.pem deleted file mode 100644 index 6a06ff300..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f360c53b2e13495a628b9b8096455badcb6d375b185c4816d95a5d746ff29908.fulcio.crt.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB+DCCAX6gAwIBAgITNVkDZoCiofPDsy7dfm6geLbuhzAKBggqhkjOPQQDAzAq -MRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxETAPBgNVBAMTCHNpZ3N0b3JlMB4XDTIx -MDMwNzAzMjAyOVoXDTMxMDIyMzAzMjAyOVowKjEVMBMGA1UEChMMc2lnc3RvcmUu -ZGV2MREwDwYDVQQDEwhzaWdzdG9yZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABLSy -A7Ii5k+pNO8ZEWY0ylemWDowOkNa3kL+GZE5Z5GWehL9/A9bRNA3RbrsZ5i0Jcas -taRL7Sp5fp/jD5dxqc/UdTVnlvS16an+2Yfswe/QuLolRUCrcOE2+2iA5+tzd6Nm -MGQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYE -FMjFHQBBmiQpMlEk6w2uSu1KBtPsMB8GA1UdIwQYMBaAFMjFHQBBmiQpMlEk6w2u -Su1KBtPsMAoGCCqGSM49BAMDA2gAMGUCMH8liWJfMui6vXXBhjDgY4MwslmN/TJx -Ve/83WrFomwmNf056y1X48F9c4m3a3ozXAIxAKjRay5/aj/jsKKGIkmQatjI8uup -Hr/+CxFvaJWmpYqNkLDGRU+9orzh5hI2RrcuaQ== ------END CERTIFICATE----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f8cbecf186db7714624a5f4e99da31a917cbef70a94dd6921f5c3ca969dfe30a.fulcio_intermediate_v1.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f8cbecf186db7714624a5f4e99da31a917cbef70a94dd6921f5c3ca969dfe30a.fulcio_intermediate_v1.crt.pem deleted file mode 100644 index 6d1c298ba..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f8cbecf186db7714624a5f4e99da31a917cbef70a94dd6921f5c3ca969dfe30a.fulcio_intermediate_v1.crt.pem +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICGjCCAaGgAwIBAgIUALnViVfnU0brJasmRkHrn/UnfaQwCgYIKoZIzj0EAwMw -KjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTAeFw0y -MjA0MTMyMDA2MTVaFw0zMTEwMDUxMzU2NThaMDcxFTATBgNVBAoTDHNpZ3N0b3Jl -LmRldjEeMBwGA1UEAxMVc2lnc3RvcmUtaW50ZXJtZWRpYXRlMHYwEAYHKoZIzj0C -AQYFK4EEACIDYgAE8RVS/ysH+NOvuDZyPIZtilgUF9NlarYpAd9HP1vBBH1U5CV7 -7LSS7s0ZiH4nE7Hv7ptS6LvvR/STk798LVgMzLlJ4HeIfF3tHSaexLcYpSASr1kS -0N/RgBJz/9jWCiXno3sweTAOBgNVHQ8BAf8EBAMCAQYwEwYDVR0lBAwwCgYIKwYB -BQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU39Ppz1YkEZb5qNjp -KFWixi4YZD8wHwYDVR0jBBgwFoAUWMAeX5FFpWapesyQoZMi0CrFxfowCgYIKoZI -zj0EAwMDZwAwZAIwPCsQK4DYiZYDPIaDi5HFKnfxXx6ASSVmERfsynYBiX2X6SJR -nZU84/9DZdnFvvxmAjBOt6QpBlc4J/0DxvkTCqpclvziL6BCCPnjdlIB3Pu3BxsP -mygUY7Ii2zbdCdliiow= ------END CERTIFICATE----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f989aa23def87c549404eadba767768d2a3c8d6d30a8b793f9f518a8eafd2cf5.fulcio_v1.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f989aa23def87c549404eadba767768d2a3c8d6d30a8b793f9f518a8eafd2cf5.fulcio_v1.crt.pem deleted file mode 100644 index 3afc46bb6..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/targets/f989aa23def87c549404eadba767768d2a3c8d6d30a8b793f9f518a8eafd2cf5.fulcio_v1.crt.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB9zCCAXygAwIBAgIUALZNAPFdxHPwjeDloDwyYChAO/4wCgYIKoZIzj0EAwMw -KjEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MREwDwYDVQQDEwhzaWdzdG9yZTAeFw0y -MTEwMDcxMzU2NTlaFw0zMTEwMDUxMzU2NThaMCoxFTATBgNVBAoTDHNpZ3N0b3Jl -LmRldjERMA8GA1UEAxMIc2lnc3RvcmUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT7 -XeFT4rb3PQGwS4IajtLk3/OlnpgangaBclYpsYBr5i+4ynB07ceb3LP0OIOZdxex -X69c5iVuyJRQ+Hz05yi+UF3uBWAlHpiS5sh0+H2GHE7SXrk1EC5m1Tr19L9gg92j -YzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRY -wB5fkUWlZql6zJChkyLQKsXF+jAfBgNVHSMEGDAWgBRYwB5fkUWlZql6zJChkyLQ -KsXF+jAKBggqhkjOPQQDAwNpADBmAjEAj1nHeXZp+13NWBNa+EDsDP8G1WWg1tCM -WP/WHPqpaVo0jhsweNFZgSs0eE7wYI4qAjEA2WB9ot98sIkoF3vZYdd3/VtWB5b9 -TNMea7Ix/stJ5TfcLLeABLE4BNJOsQ4vnBHJ ------END CERTIFICATE----- \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/timestamp.json b/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/timestamp.json deleted file mode 100644 index 66a7e9080..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/sigstore-tuf-root/timestamp.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "signed": { - "_type": "timestamp", - "spec_version": "1.0", - "version": 69, - "expires": "2023-02-22T00:07:53Z", - "meta": { - "snapshot.json": { - "length": 1973, - "hashes": { - "sha256": "d3e322db21efa64a599f92791651b1d37ceb004236a4b4a2ccba3d20472e1ad7", - "sha512": "560e618d8427b56c525a141048a1afc1184ad8c6c6e809e1f232c431d86e4d47bde20e43fa38c9c9ac3760853e7cf881a5e88d9c585213a92ae9d49b34f8cdca" - }, - "version": 69 - } - } - }, - "signatures": [ - { - "keyid": "e1863ba02070322ebc626dcecf9d881a3a38c35c3b41a83765b6ad6c37eaec2a", - "sig": "3044022073b652eb461c152f2efa1a36fd495ebbc2de0d2ac58167056134a2154ff11fea02204bbf6773e3233d1e43e90f2a56c03d38455f009468e8b2547a64dcba6f982549" - } - ] -} \ No newline at end of file diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe.pub deleted file mode 100644 index 39512c214..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe.pub +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA27A2MPQXm0I0v7/Ly5BIauDjRZF5Jor9vU+QheoE2UIIsZHcyYq3 -slHzSSHy2lLj1ZD2d91CtJ492ZXqnBmsr4TwZ9jQ05tW2mGIRI8u2DqN8LpuNYZG -z/f9SZrjhQQmUttqWmtu3UoLfKz6NbNXUnoo+NhZFcFRLXJ8VporVhuiAmL7zqT5 -3cXR3yQfFPCUDeGnRksnlhVIAJc3AHZZSHQJ8DEXMhh35TVv2nYhTI3rID7GwjXX -w4ocz7RGDD37ky6p39Tl5NB71gT1eSqhZhGHEYHIPXraEBd5+3w9qIuLWlp5Ej/K -6Mu4ELioXKCUimCbwy+Cs8UhHFlqcyg4AysOHJwIadXIa8LsY51jnVSGrGOEBZev -opmQPNPtyfFY3dmXSS+6Z3RD2Gd6oDnNGJzpSyEk410Ag5uvNDfYzJLCWX9tU8lI -xNwdFYmIwpd89HijyRyoGnoJ3entd63cvKfuuix5r+GHyKp1Xm1L5j5AWM6P+z0x -igwkiXnt+adexAl1J9wdDxv/pUFEESRF4DG8DFGVtbdH6aR1A5/vD4krO4tC1QYU -SeyL5Mvsw8WRqIFHcXtgybtxylljvNcGMV1KXQC8UFDmpGZVDSHx6v3e/BHMrZ7g -joCCfVMZ/cFcQi0W2AIHPYEMH/C95J2r4XbHMRdYXpovpOoT5Ca78gsCAwEAAQ== ------END RSA PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe_2022.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe_2022.pub deleted file mode 100644 index 3023b8618..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe_2022.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEh99xuRi6slBFd8VUJoK/rLigy4bY -eSYWO/fE6Br7r0D8NpMI94+A63LR/WvLxpUUGBpY8IJA3iU2telag5CRpA== ------END PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe_2022_2.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe_2022_2.pub deleted file mode 100644 index 0f5eb8637..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/ctfe_2022_2.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8gEDKNme8AnXuPBgHjrtXdS6miHq -c24CRblNEOFpiJRngeq8Ko73Y+K18yRYVf1DXD4AVLwvKyzdNdl5n0jUSQ== ------END PUBLIC KEY----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/fulcio.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/fulcio.crt.pem deleted file mode 100644 index 47a5becff..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/fulcio.crt.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB9jCCAXugAwIBAgITDdEJvluliE0AzYaIE4jTMdnFTzAKBggqhkjOPQQDAzAq -MRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxETAPBgNVBAMTCHNpZ3N0b3JlMB4XDTIy -MDMyNTE2NTA0NloXDTMyMDMyMjE2NTA0NVowKjEVMBMGA1UEChMMc2lnc3RvcmUu -ZGV2MREwDwYDVQQDEwhzaWdzdG9yZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMo9 -BUNk9QIYisYysC24+2OytoV72YiLonYcqR3yeVnYziPt7Xv++CYE8yoCTiwedUEC -CWKOcvQKRCJZb9ht4Hzy+VvBx36hK+C6sECCSR0x6pPSiz+cTk1f788ZjBlUZaNj -MGEwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP9C -Mrpofas6cK/cDNQa4j6Hj2ZlMB8GA1UdIwQYMBaAFP9CMrpofas6cK/cDNQa4j6H -j2ZlMAoGCCqGSM49BAMDA2kAMGYCMQD+kojuzMwztNay9Ibzjuk//ZL5m6T2OCsm -45l1lY004pcb984L926BowodoirFMcMCMQDIJtFHhP/1D3a+M3dAGomOb6O4CmTr -y3TTPbPsAFnv22YA0Y+P21NVoxKDjdu0tkw= ------END CERTIFICATE----- diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/rekor.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/rekor.pub deleted file mode 100644 index 4234e16c3..000000000 --- a/sigstore-java/src/main/resources/dev/sigstore/tuf/staging/rekor.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDODRU688UYGuy54mNUlaEBiQdTE9 -nYLr0lg6RXowI/QV/RE1azBn4Eg5/2uTOMbhB1/gfcHzijzFi9Tk+g1Prg== ------END PUBLIC KEY-----