I hereby claim:
- I am joshuagl on github.
- I am joshuagl (https://keybase.io/joshuagl) on keybase.
- I have a public key ASA8lH9PMebAD_9ihTvqkqJtfy7rLqiSHuz3nydkVxavAwo
To claim this, I am signing this object:
diff --git a/go/predicates/vsa/v0/vsa.pb.go b/go/predicates/vsa/v0/vsa.pb.go | |
index e2aa1fc..188f0f2 100644 | |
--- a/go/predicates/vsa/v0/vsa.pb.go | |
+++ b/go/predicates/vsa/v0/vsa.pb.go | |
@@ -29,13 +29,13 @@ type VerificationSummary struct { | |
unknownFields protoimpl.UnknownFields | |
Verifier *VerificationSummary_Verifier `protobuf:"bytes,1,opt,name=verifier,proto3" json:"verifier,omitempty"` | |
- TimeVerified *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=timeVerified,json=time_verified,proto3" json:"timeVerified,omitempty"` | |
- ResourceUri string `protobuf:"bytes,3,opt,name=resourceUri,json=resource_uri,proto3" json:"resourceUri,omitempty"` |
diff --git a/README.md b/README.md | |
index 220980f..b0f69da 100644 | |
--- a/README.md | |
+++ b/README.md | |
@@ -273,7 +273,7 @@ Enter root keys passphrase: | |
Copy `root.json.sigs` back to the repo box and import the signatures: | |
``` bash | |
-$ tuf add-signatures --signatures=root.json.sigs root.json | |
+$ tuf add-signatures --signatures root.json.sigs root.json |
# A simple shell function to pretty-print the payload of an in-toto attestation on the command-line (requires jq) | |
ppp() { | |
less "$1" | jq .payload | sed 's/"//g' | base64 -i - -d | jq | |
} |
{ | |
"_type": "https://in-toto.io/Statement/v0.1", | |
"predicateType": "https://slsa.dev/provenance/v0.2", | |
"subject": [ | |
{ | |
"name": "dist/tuf-1.1.0.tar.gz", | |
"digest": { | |
"sha256": "f4cb914be55b0e7db3328adb45a56cf63f30b099550dd63707f7ceea8ca463dd" | |
} | |
}, |
import abc | |
from typing import BinaryIO, TextIO, Any, Dict | |
JsonDict = Dict[str, Any] | |
# | |
# Simple interfaces for abstracting away the storage and network requirements | |
# of a TUF client. | |
# Interface shape shamelessly stolen from go-tuf: | |
# https://github.com/theupdateframework/go-tuf/blob/9d8af573a771f7069ef7a24da942ad9262704534/client/client.go#L23 |
I hereby claim:
To claim this, I am signing this object:
# /usr/bin/env python | |
# Requires branches of tuf and securesystemslib | |
# https://github.com/secure-systems-lab/securesystemslib/pull/218 | |
# https://github.com/theupdateframework/tuf/pull/993 | |
# Demonstrates the shortest path forwards for easily enabling blake2 | |
# file hashing algorithms in a tuf repository | |
from tuf.repository_tool import * |
#! /usr/bin/env python3 | |
# Copyright (c) 2019 VMware, Inc. All Rights Reserved. | |
# SPDX-License-Identifier: BSD-2-Clause | |
from datetime import datetime | |
import os | |
from pprint import pprint | |
import sys |
diff -rub ibmtpm1119-orig/src/SessionProcess.c ibmtpm1119/src/SessionProcess.c | |
--- ibmtpm1119-orig/src/SessionProcess.c 2017-07-20 18:27:34.000000000 +0000 | |
+++ ibmtpm1119/src/SessionProcess.c 2019-03-11 17:02:25.412991681 +0000 | |
@@ -1451,6 +1451,10 @@ | |
// be used for authorization, audit or encrypt/decrypt. | |
if(session->attributes.isTrialPolicy == SET) | |
return TPM_RCS_ATTRIBUTES + errorIndex; | |
+ | |
+ if (s_nonceCaller[sessionIndex].t.size > session->nonceTPM.b.size) | |
+ return TPM_RC_NONCE; |
From 7c9274823490eb14befe77300521fe6adabf1768 Mon Sep 17 00:00:00 2001 | |
From: Joshua Lock <joshua.g.lock@intel.com> | |
Date: Tue, 4 Sep 2018 15:48:11 +0100 | |
Subject: [PATCH] os-release: fix to install in the expected location | |
os-release (5) recommends that the os-release file be installed in | |
/usr/lib/os-release and that /etc/os-release be a relative symlink to it. | |
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> | |
--- |