From bb2033c4398169635e5027723d9b69681ea8d35c Mon Sep 17 00:00:00 2001 From: Marcela Melara Date: Thu, 13 Jun 2024 15:38:06 -0700 Subject: [PATCH] Add reference value SCAI attestations Signed-off-by: Marcela Melara --- examples/launch.in-toto.json | 38 ------------------------------ examples/ref-values.scai.json | 39 +++++++++++++++++++++++++++++++ examples/sig.ref-values.scai.json | 1 + 3 files changed, 40 insertions(+), 38 deletions(-) delete mode 100644 examples/launch.in-toto.json create mode 100644 examples/ref-values.scai.json create mode 100644 examples/sig.ref-values.scai.json diff --git a/examples/launch.in-toto.json b/examples/launch.in-toto.json deleted file mode 100644 index 57468a3..0000000 --- a/examples/launch.in-toto.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "_type": "https://in-toto.io/Statement/v1", - "subject": [ - { - "name": "vmID", - "digest": { - "sha256": "549e211c3ab94cefd3c2b6ed676e9707c65038b08a666bce6dc8c637405b68a9" - }, - "content": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUNvd0JRWURLMlZ3QXlFQVI5NFNxWi9TMng3YVdab0g5V25PMFJhdnlSenpvdlRSWnVVTk1yZjJRUTg9Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo=", - "downloadLocation": "examples/vm.id", - "mediaType": "application/x-pem-file" - } - ], - "predicateType": "https://in-toto.io/attestation/scai/attribute-report/v0.2", - "predicate": { - "attributes": [ - { - "attribute": "build_image", - "evidence": { - "digest": { - "sha256": "3bd828c13a172aa8e2c5fff582fb46bb472f1fec5430ea90f13be2f5e85aa615" - }, - "downloadLocation": "someLocation", - "mediaType": "application/json", - "name": "examples/attest.json" - }, - "target": { - "digest": { - "sha256": "632fb936681c2114144516172596801b6c6d11377c67c7a635f0081bb1446e24" - }, - "downloadLocation": "https://github.com/chkimes/image-attestation/attestations/675331/download", - "mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.2", - "name": "chkimes-image-attestation-attestation-675331.sigstore.json" - } - } - ] - } -} \ No newline at end of file diff --git a/examples/ref-values.scai.json b/examples/ref-values.scai.json new file mode 100644 index 0000000..e2e5ecf --- /dev/null +++ b/examples/ref-values.scai.json @@ -0,0 +1,39 @@ +{ + "_type": "https://in-toto.io/Statement/v1", + "subject": [ + { + "name": "image.zip", + "digest": { + "sha256": "2c075d1d647c1b1330218e132f2c6f330d636172ed424a1da6c51e48b5c1cf51" + }, + "downloadLocation": "https://github.com/chkimes/image-attestation/actions/runs/8694525083/artifacts/1415603429" + } + ], + "predicateType": "https://in-toto.io/attestation/scai/attribute-report/v0.2", + "predicate": { + "attributes": [ + { + "attribute": "RefValue:PCRs", + "evidence": { + "digest": { + "sha256": "bdcdc9f6f7e7d9dbc7a5358cbfe927afc4ab2c0d3887bf593d19c131efe331eb" + }, + "downloadLocation": "https://github.com/chkimes/image-attestation/actions/runs/9507648999", + "mediaType": "application/json", + "name": "examples/expected-pcrs.json" + } + }, + { + "attribute": "RefValue:initrd-6.5.0-1015-azure.img", + "evidence": { + "digest": { + "sha256": "1a8704fbfd67e72c992512e3197f481dfd8207b2b6db7866456dcef8254f9baf" + }, + "downloadLocation": "https://github.com/chkimes/image-attestation/actions/runs/9507648999", + "mediaType": "application/vnd.dev.sigstore.bundle", + "name": "examples/initrd-6.5.0-1015-azure.img.sigstore.json" + } + } + ] + } +} \ No newline at end of file diff --git a/examples/sig.ref-values.scai.json b/examples/sig.ref-values.scai.json new file mode 100644 index 0000000..7401fc0 --- /dev/null +++ b/examples/sig.ref-values.scai.json @@ -0,0 +1 @@ +{"payloadType":"application/vnd.in-toto","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCJzdWJqZWN0IjpbeyJuYW1lIjoiaW1hZ2UuemlwIiwiZGlnZXN0Ijp7InNoYTI1NiI6IjJjMDc1ZDFkNjQ3YzFiMTMzMDIxOGUxMzJmMmM2ZjMzMGQ2MzYxNzJlZDQyNGExZGE2YzUxZTQ4YjVjMWNmNTEifSwiZG93bmxvYWRMb2NhdGlvbiI6Imh0dHBzOi8vZ2l0aHViLmNvbS9jaGtpbWVzL2ltYWdlLWF0dGVzdGF0aW9uL2FjdGlvbnMvcnVucy84Njk0NTI1MDgzL2FydGlmYWN0cy8xNDE1NjAzNDI5In1dLCJwcmVkaWNhdGVUeXBlIjoiaHR0cHM6Ly9pbi10b3RvLmlvL2F0dGVzdGF0aW9uL3NjYWkvYXR0cmlidXRlLXJlcG9ydC92MC4yIiwicHJlZGljYXRlIjp7ImF0dHJpYnV0ZXMiOlt7ImF0dHJpYnV0ZSI6IlJlZlZhbHVlOlBDUnMiLCJldmlkZW5jZSI6eyJkaWdlc3QiOnsic2hhMjU2IjoiYmRjZGM5ZjZmN2U3ZDlkYmM3YTUzNThjYmZlOTI3YWZjNGFiMmMwZDM4ODdiZjU5M2QxOWMxMzFlZmUzMzFlYiJ9LCJkb3dubG9hZExvY2F0aW9uIjoiaHR0cHM6Ly9naXRodWIuY29tL2Noa2ltZXMvaW1hZ2UtYXR0ZXN0YXRpb24vYWN0aW9ucy9ydW5zLzk1MDc2NDg5OTkiLCJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi9qc29uIiwibmFtZSI6ImV4YW1wbGVzL2V4cGVjdGVkLXBjcnMuanNvbiJ9fSx7ImF0dHJpYnV0ZSI6IlJlZlZhbHVlOmluaXRyZC02LjUuMC0xMDE1LWF6dXJlLmltZyIsImV2aWRlbmNlIjp7ImRpZ2VzdCI6eyJzaGEyNTYiOiIxYTg3MDRmYmZkNjdlNzJjOTkyNTEyZTMxOTdmNDgxZGZkODIwN2IyYjZkYjc4NjY0NTZkY2VmODI1NGY5YmFmIn0sImRvd25sb2FkTG9jYXRpb24iOiJodHRwczovL2dpdGh1Yi5jb20vY2hraW1lcy9pbWFnZS1hdHRlc3RhdGlvbi9hY3Rpb25zL3J1bnMvOTUwNzY0ODk5OSIsIm1lZGlhVHlwZSI6ImFwcGxpY2F0aW9uL3ZuZC5kZXYuc2lnc3RvcmUuYnVuZGxlIiwibmFtZSI6ImV4YW1wbGVzL2luaXRyZC02LjUuMC0xMDE1LWF6dXJlLmltZy5zaWdzdG9yZS5qc29uIn19XX19","signatures":[{"keyid":"","sig":"MEYCIQDN0rAywR3OIUA25+txjheQ/rAcJY/UGRBhLlZFu8+IpwIhAJjsMCC469xePY8YBC8q6btlIiteypqKa/qgcGuou6TZ"}]} \ No newline at end of file