joshuagl

diff --git a/go/predicates/vsa/v0/vsa.pb.go b/go/predicates/vsa/v0/vsa.pb.go
index e2aa1fc..188f0f2 100644
--- a/go/predicates/vsa/v0/vsa.pb.go
+++ b/go/predicates/vsa/v0/vsa.pb.go
@@ -29,13 +29,13 @@ type VerificationSummary struct {
 	unknownFields protoimpl.UnknownFields
 
 	Verifier           *VerificationSummary_Verifier           `protobuf:"bytes,1,opt,name=verifier,proto3" json:"verifier,omitempty"`
-	TimeVerified       *timestamppb.Timestamp                  `protobuf:"bytes,2,opt,name=timeVerified,json=time_verified,proto3" json:"timeVerified,omitempty"`
-	ResourceUri        string                                  `protobuf:"bytes,3,opt,name=resourceUri,json=resource_uri,proto3" json:"resourceUri,omitempty"`

joshuagl

diff --git a/README.md b/README.md
index 220980f..b0f69da 100644
--- a/README.md
+++ b/README.md
@@ -273,7 +273,7 @@ Enter root keys passphrase:
 Copy `root.json.sigs` back to the repo box and import the signatures:
 
 ``` bash
-$ tuf add-signatures --signatures=root.json.sigs root.json
+$ tuf add-signatures --signatures root.json.sigs root.json

joshuagl

# A simple shell function to pretty-print the payload of an in-toto attestation on the command-line (requires jq)
ppp() {
    less "$1" | jq .payload | sed 's/"//g' | base64 -i - -d | jq
}

joshuagl

{
  "_type": "https://in-toto.io/Statement/v0.1",
  "predicateType": "https://slsa.dev/provenance/v0.2",
  "subject": [
    {
      "name": "dist/tuf-1.1.0.tar.gz",
      "digest": {
        "sha256": "f4cb914be55b0e7db3328adb45a56cf63f30b099550dd63707f7ceea8ca463dd"
      }
    },

joshuagl

import abc
from typing import BinaryIO, TextIO, Any, Dict

JsonDict = Dict[str, Any]

#
# Simple interfaces for abstracting away the storage and network requirements
# of a TUF client.
# Interface shape shamelessly stolen from go-tuf:
# https://github.com/theupdateframework/go-tuf/blob/9d8af573a771f7069ef7a24da942ad9262704534/client/client.go#L23

joshuagl

Keybase proof

I hereby claim:

• I am joshuagl on github.
• I am joshuagl (https://keybase.io/joshuagl) on keybase.
• I have a public key ASA8lH9PMebAD_9ihTvqkqJtfy7rLqiSHuz3nydkVxavAwo

To claim this, I am signing this object:

joshuagl

# /usr/bin/env python

# Requires branches of tuf and securesystemslib
# https://github.com/secure-systems-lab/securesystemslib/pull/218
# https://github.com/theupdateframework/tuf/pull/993

# Demonstrates the shortest path forwards for easily enabling blake2
# file hashing algorithms in a tuf repository

from tuf.repository_tool import *

joshuagl

#! /usr/bin/env python3

# Copyright (c) 2019 VMware, Inc. All Rights Reserved.
# SPDX-License-Identifier: BSD-2-Clause

from datetime import datetime
import os
from pprint import pprint
import sys

joshuagl

diff -rub ibmtpm1119-orig/src/SessionProcess.c ibmtpm1119/src/SessionProcess.c
--- ibmtpm1119-orig/src/SessionProcess.c	2017-07-20 18:27:34.000000000 +0000
+++ ibmtpm1119/src/SessionProcess.c	2019-03-11 17:02:25.412991681 +0000
@@ -1451,6 +1451,10 @@
 		    // be used for authorization, audit or encrypt/decrypt.
 		    if(session->attributes.isTrialPolicy == SET)
 			return TPM_RCS_ATTRIBUTES + errorIndex;
+
+		    if (s_nonceCaller[sessionIndex].t.size > session->nonceTPM.b.size)
+		        return TPM_RC_NONCE;

joshuagl

From 7c9274823490eb14befe77300521fe6adabf1768 Mon Sep 17 00:00:00 2001
From: Joshua Lock <joshua.g.lock@intel.com>
Date: Tue, 4 Sep 2018 15:48:11 +0100
Subject: [PATCH] os-release: fix to install in the expected location

os-release (5) recommends that the os-release file be installed in
/usr/lib/os-release and that /etc/os-release be a relative symlink to it.

Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
---