From 0c54c6caef214ff2e2dbdc235a6d388c221a20a9 Mon Sep 17 00:00:00 2001 From: Ying Li Date: Tue, 22 Dec 2015 18:00:57 -0800 Subject: [PATCH] Add an example of a 0.1 style repository for backwards compatibility tests Signed-off-by: Ying Li --- fixtures/compatibility/README.md | 17 +++++++++++++++++ ...c3ccb8a9a65973c4d893ab2937c402bf460_root.key | 8 ++++++++ ...01d28a8438314c4f07865d3b0c286965_targets.key | 8 ++++++++ ...73e1e1ad251eb223732ac74ec146822_snapshot.key | 8 ++++++++ ...cc659d2084b7aac0e340f28fee6edd3a290ae83a.crt | 11 +++++++++++ .../notary0.1/samplerepo/metadata/root.json | 1 + .../notary0.1/samplerepo/metadata/snapshot.json | 1 + .../notary0.1/samplerepo/metadata/targets.json | 1 + 8 files changed, 55 insertions(+) create mode 100644 fixtures/compatibility/README.md create mode 100755 fixtures/compatibility/notary0.1/private/root_keys/b6f3fb53aa18fdcb4d0633414946ec3ccb8a9a65973c4d893ab2937c402bf460_root.key create mode 100755 fixtures/compatibility/notary0.1/private/tuf_keys/docker.io/notary0.1/samplerepo/4b5e9d6bddcc87f4ad54e3bfce02ecb001d28a8438314c4f07865d3b0c286965_targets.key create mode 100755 fixtures/compatibility/notary0.1/private/tuf_keys/docker.io/notary0.1/samplerepo/a05d4028f80035d2cf4a944cc453b392873e1e1ad251eb223732ac74ec146822_snapshot.key create mode 100755 fixtures/compatibility/notary0.1/trusted_certificates/docker.io/notary0.1/samplerepo/2295c999789d08596c29010acc659d2084b7aac0e340f28fee6edd3a290ae83a.crt create mode 100644 fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/root.json create mode 100644 fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/snapshot.json create mode 100644 fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/targets.json diff --git a/fixtures/compatibility/README.md b/fixtures/compatibility/README.md new file mode 100644 index 0000000000..ce97e23ba7 --- /dev/null +++ b/fixtures/compatibility/README.md @@ -0,0 +1,17 @@ +This directory contains sample repositories from different versions of Notary client (TUF metadata, trust anchor certificates, and private keys), in order to test backwards compatibility (that newer clients can read old-format repositories). + +Notary client makes no guarantees of future-compatibility though (that is, repositories produced by newer clients may not be able to be read by old clients.) + +Relevant information for repositories: + +- `notary0.1` + - GUN: `docker.io/notary0.1/samplerepo` + - key passwords: "randompass" + - targets: + + ``` + NAME DIGEST SIZE (BYTES) + ------------------------------------------------------------------------------------------ + v1 454fd6f9e5a71c34902a673f66cc73be5890785b55014afb0eee6cbbe784cca9 243 + ``` + - timestamp metadata has been removed - we have to rotating the timestamp key in order for the server to be able to sign the timestamp, and the `timestamp.json` generated by the server will be version 1, since as far as it knows this is a new repo. If we kept the `timestamp.json` with the higher version number, we would not be able to publish. diff --git a/fixtures/compatibility/notary0.1/private/root_keys/b6f3fb53aa18fdcb4d0633414946ec3ccb8a9a65973c4d893ab2937c402bf460_root.key b/fixtures/compatibility/notary0.1/private/root_keys/b6f3fb53aa18fdcb4d0633414946ec3ccb8a9a65973c4d893ab2937c402bf460_root.key new file mode 100755 index 0000000000..ad51426626 --- /dev/null +++ b/fixtures/compatibility/notary0.1/private/root_keys/b6f3fb53aa18fdcb4d0633414946ec3ccb8a9a65973c4d893ab2937c402bf460_root.key @@ -0,0 +1,8 @@ +-----BEGIN EC PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,6879ce0bef77e947fe4ac3ab99d17984 + +FMq/I/3nv6FDKpX3rEvttoQXtRAG4V0vbXc4nPY05tOl2HF/hCRCRQLNfmZj3Ntx +qpCpFmGZfsV8qcLM03OHIp83Q5YEIxWXixD19z2/ssNCVZiGcsQrL9ZDbJv8xFNa +n59yGpNKBcXGR9Z59r4vm8lPI+F6I2WbFOjINUejpfE= +-----END EC PRIVATE KEY----- diff --git a/fixtures/compatibility/notary0.1/private/tuf_keys/docker.io/notary0.1/samplerepo/4b5e9d6bddcc87f4ad54e3bfce02ecb001d28a8438314c4f07865d3b0c286965_targets.key b/fixtures/compatibility/notary0.1/private/tuf_keys/docker.io/notary0.1/samplerepo/4b5e9d6bddcc87f4ad54e3bfce02ecb001d28a8438314c4f07865d3b0c286965_targets.key new file mode 100755 index 0000000000..fd850ba5db --- /dev/null +++ b/fixtures/compatibility/notary0.1/private/tuf_keys/docker.io/notary0.1/samplerepo/4b5e9d6bddcc87f4ad54e3bfce02ecb001d28a8438314c4f07865d3b0c286965_targets.key @@ -0,0 +1,8 @@ +-----BEGIN EC PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,1bdbbacf2765e3002c84f4820583a050 + +nob6ZaPbVAuHymluL4Ah1eWvgW2ntllUSVaX+IiPuKGsdDvd0+45y9k/zSd+Y36r +yGuAwQihwPvD2RAKPKHIPexsfeeV56sioTTKSMIYJilm1OE1V7X+pJF7qfYSCK4q ++DbTyGHbK1NHVmJZ1RXxHBgyagDEjm4qfzLsWxo6BxQ= +-----END EC PRIVATE KEY----- diff --git a/fixtures/compatibility/notary0.1/private/tuf_keys/docker.io/notary0.1/samplerepo/a05d4028f80035d2cf4a944cc453b392873e1e1ad251eb223732ac74ec146822_snapshot.key b/fixtures/compatibility/notary0.1/private/tuf_keys/docker.io/notary0.1/samplerepo/a05d4028f80035d2cf4a944cc453b392873e1e1ad251eb223732ac74ec146822_snapshot.key new file mode 100755 index 0000000000..52f065ee3f --- /dev/null +++ b/fixtures/compatibility/notary0.1/private/tuf_keys/docker.io/notary0.1/samplerepo/a05d4028f80035d2cf4a944cc453b392873e1e1ad251eb223732ac74ec146822_snapshot.key @@ -0,0 +1,8 @@ +-----BEGIN EC PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,f3854d625845d284b59b87bdf9af3d39 + +/cqlxBZA3rTOEBmE4HtDuBuHRysrXLk86YI2NJMptBNEym5Ylf1Q2Fv7dxjX23zC +qc1i6/Z42aUhsVsp4+GmV7dWcPbxtb8jigEp1ysPZFlg1KKW113NNFwPa3kUPzzi +4tmpSSkYChOi0kWJAH9aeSvWYremENFFN8lU8kXt4rk= +-----END EC PRIVATE KEY----- diff --git a/fixtures/compatibility/notary0.1/trusted_certificates/docker.io/notary0.1/samplerepo/2295c999789d08596c29010acc659d2084b7aac0e340f28fee6edd3a290ae83a.crt b/fixtures/compatibility/notary0.1/trusted_certificates/docker.io/notary0.1/samplerepo/2295c999789d08596c29010acc659d2084b7aac0e340f28fee6edd3a290ae83a.crt new file mode 100755 index 0000000000..d8f0fc5b55 --- /dev/null +++ b/fixtures/compatibility/notary0.1/trusted_certificates/docker.io/notary0.1/samplerepo/2295c999789d08596c29010acc659d2084b7aac0e340f28fee6edd3a290ae83a.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBhjCCASygAwIBAgIRAMUvnJ2qaLRCuIwutGwtGNEwCgYIKoZIzj0EAwIwKTEn +MCUGA1UEAxMeZG9ja2VyLmlvL25vdGFyeTAuMS9zYW1wbGVyZXBvMB4XDTE1MTIy +MzAwNTgzNloXDTI1MTIyMzAwNTgzNlowKTEnMCUGA1UEAxMeZG9ja2VyLmlvL25v +dGFyeTAuMS9zYW1wbGVyZXBvMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEx5lx +It8KXzE2q4XeUyQT3lsFZU/dHP7Kpz1e0QJ418c9ZctvcCWDuvHLaASCtaC9hP1Q +Ucw8mn7KoEbDm8lOfqM1MDMwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsG +AQUFBwMDMAwGA1UdEwEB/wQCMAAwCgYIKoZIzj0EAwIDSAAwRQIhAK6fuy2O2It5 +002w9PNRV0fzewo6HPH47aRtVROjZyjeAiBewHNvUeIPwGhAm9NwDKPR/GKuXSLR +eVRlj1QmTz5CYw== +-----END CERTIFICATE----- diff --git a/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/root.json b/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/root.json new file mode 100644 index 0000000000..2bd19d6a69 --- /dev/null +++ b/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/root.json @@ -0,0 +1 @@ +{"signed":{"_type":"Root","consistent_snapshot":false,"expires":"2025-12-19T16:59:16.729830584-08:00","keys":{"1195069fbd818c69e2f9d77fbc1c6d231fa5b647fd6477776eb78d9abe5eaa67":{"keytype":"ed25519","keyval":{"private":null,"public":"zcdBCrGzZoRVxvdeX/RBJkpLBvM7hyX95ipEEUI1GyA="}},"2295c999789d08596c29010acc659d2084b7aac0e340f28fee6edd3a290ae83a":{"keytype":"ecdsa-x509","keyval":{"private":null,"public":"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJoakNDQVN5Z0F3SUJBZ0lSQU1Vdm5KMnFhTFJDdUl3dXRHd3RHTkV3Q2dZSUtvWkl6ajBFQXdJd0tURW4KTUNVR0ExVUVBeE1lWkc5amEyVnlMbWx2TDI1dmRHRnllVEF1TVM5ellXMXdiR1Z5WlhCdk1CNFhEVEUxTVRJeQpNekF3TlRnek5sb1hEVEkxTVRJeU16QXdOVGd6Tmxvd0tURW5NQ1VHQTFVRUF4TWVaRzlqYTJWeUxtbHZMMjV2CmRHRnllVEF1TVM5ellXMXdiR1Z5WlhCdk1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRXg1bHgKSXQ4S1h6RTJxNFhlVXlRVDNsc0ZaVS9kSFA3S3B6MWUwUUo0MThjOVpjdHZjQ1dEdXZITGFBU0N0YUM5aFAxUQpVY3c4bW43S29FYkRtOGxPZnFNMU1ETXdEZ1lEVlIwUEFRSC9CQVFEQWdXZ01CTUdBMVVkSlFRTU1Bb0dDQ3NHCkFRVUZCd01ETUF3R0ExVWRFd0VCL3dRQ01BQXdDZ1lJS29aSXpqMEVBd0lEU0FBd1JRSWhBSzZmdXkyTzJJdDUKMDAydzlQTlJWMGZ6ZXdvNkhQSDQ3YVJ0VlJPalp5amVBaUJld0hOdlVlSVB3R2hBbTlOd0RLUFIvR0t1WFNMUgplVlJsajFRbVR6NUNZdz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"}},"4b5e9d6bddcc87f4ad54e3bfce02ecb001d28a8438314c4f07865d3b0c286965":{"keytype":"ecdsa","keyval":{"private":null,"public":"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEbt2tSzomjTxjKUhMcVBRJ/musqcRiHuPVm+pQHjnLoRPAPrr919P+7aUpXMBihg6nydHrM1b/y/aSBF5JSZKew=="}},"a05d4028f80035d2cf4a944cc453b392873e1e1ad251eb223732ac74ec146822":{"keytype":"ecdsa","keyval":{"private":null,"public":"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6bBpt8h1MBmNu+rxel+P3Sek7TEB38Pi/mZ6+le0uikDbI3HANES764Z+XPcnkc6TEbE5ZHowselc/eMUmBiLA=="}}},"roles":{"root":{"keyids":["2295c999789d08596c29010acc659d2084b7aac0e340f28fee6edd3a290ae83a"],"threshold":1},"snapshot":{"keyids":["a05d4028f80035d2cf4a944cc453b392873e1e1ad251eb223732ac74ec146822"],"threshold":1},"targets":{"keyids":["4b5e9d6bddcc87f4ad54e3bfce02ecb001d28a8438314c4f07865d3b0c286965"],"threshold":1},"timestamp":{"keyids":["1195069fbd818c69e2f9d77fbc1c6d231fa5b647fd6477776eb78d9abe5eaa67"],"threshold":1}},"version":2},"signatures":[{"keyid":"2295c999789d08596c29010acc659d2084b7aac0e340f28fee6edd3a290ae83a","method":"ecdsa","sig":"bImxkykdYQYlRBr7nwpcvUOa1dJId750qh7bJU8sK3WWBfyP08JZMNh+zCyNNHN3g5CZAh2EqvhePpPJgGt3EQ=="}]} \ No newline at end of file diff --git a/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/snapshot.json b/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/snapshot.json new file mode 100644 index 0000000000..cd980855d8 --- /dev/null +++ b/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/snapshot.json @@ -0,0 +1 @@ +{"signed":{"_type":"Snapshot","expires":"2025-12-19T17:05:12.44851106-08:00","meta":{"root":{"hashes":{"sha256":"autn8ojolebQBDaFeXRrSO+5BKMLlWd5S11mqhyEEu0="},"length":2343},"targets":{"hashes":{"sha256":"tSRCsYJZHV93+WHhtzlisjel5dGXWyYAhGo7qhj8qKQ="},"length":432}},"version":5},"signatures":[{"keyid":"a05d4028f80035d2cf4a944cc453b392873e1e1ad251eb223732ac74ec146822","method":"ecdsa","sig":"9TlGMm3Oz4NNmtvMOCtOB5lYTKqPZ3sTS59LUPisUIOzWKu9gn/OlwEeEYWmvcWRscbMSRt9xwA0/DiPnSmXJg=="}]} \ No newline at end of file diff --git a/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/targets.json b/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/targets.json new file mode 100644 index 0000000000..519576eb72 --- /dev/null +++ b/fixtures/compatibility/notary0.1/tuf/docker.io/notary0.1/samplerepo/metadata/targets.json @@ -0,0 +1 @@ +{"signed":{"_type":"Targets","delegations":{"keys":{},"roles":[]},"expires":"2025-12-19T17:04:54.077551355-08:00","targets":{"v1":{"hashes":{"sha256":"RU/W+eWnHDSQKmc/ZsxzvliQeFtVAUr7Du5su+eEzKk="},"length":243}},"version":4},"signatures":[{"keyid":"4b5e9d6bddcc87f4ad54e3bfce02ecb001d28a8438314c4f07865d3b0c286965","method":"ecdsa","sig":"Y0nykOq8yeOiOwj6hGnFub6BbWDf4z3MKZCYITipLsSFdnFj2Pwk9Raml/Oy7FDRSKIS0/b4GUPIAqYYfWZonQ=="}]} \ No newline at end of file