stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
fcb5ffe25d489cd3452eaa2093c3ce1fef61d926
git.stella-ops.org/docs/modules/evidence-locker/schemas/checksums.schema.json
StellaOps Bot 4dc7cf834a
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Console CI / console-ci (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details
VEX Proof Bundles / verify-bundles (push) Has been cancelled
Details
Add sample proof bundle configurations and verification script 
- Introduced sample proof bundle configuration files for testing, including `sample-proof-bundle-config.dsse.json`, `sample-proof-bundle.dsse.json`, and `sample-proof-bundle.json`.
- Implemented a verification script `test_verify_sample.sh` to validate proof bundles against specified schemas and catalogs.
- Updated existing proof bundle configurations with new metadata, including versioning, created timestamps, and justification details.
- Enhanced evidence entries with expiration dates and hashes for better integrity checks.
- Ensured all new configurations adhere to the defined schema for consistency and reliability in testing.
2025-12-04 08:54:32 +02:00

48 lines
1.8 KiB
JSON
Raw Blame History

{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://stellaops.local/schemas/evidence/checksums.schema.json",
"title": "StellaOps Evidence Bundle Checksums (EB2)",
"description": "Canonical checksum map used to derive the Merkle root and DSSE subject for evidence bundles.",
"type": "object",
"additionalProperties": false,
"required": ["algorithm", "root", "entries"],
"properties": {
"algorithm": { "type": "string", "enum": ["sha256"] },
"root": { "type": "string", "pattern": "^[0-9a-f]{64}$" },
"generatedAt": { "type": "string", "format": "date-time" },
"bundleId": { "type": "string", "pattern": "^[0-9a-fA-F]{32}$" },
"tenantId": { "type": "string", "pattern": "^[0-9a-fA-F]{32}$" },
"entries": {
"type": "array",
"minItems": 1,
"description": "Sorted list of entry hashes; order must be lexicographic on canonicalPath.",
"items": { "$ref": "#/$defs/checksumEntry" }
},
"chunking": {
"type": "object",
"description": "Optional chunked/CAS hashing strategy for large payloads.",
"additionalProperties": false,
"properties": {
"strategy": { "type": "string", "enum": ["none", "fixed", "buzhash"] },
"chunkSizeBytes": { "type": "integer", "minimum": 1024 },
"casDigestAlgorithm": { "type": "string", "enum": ["sha256"] }
}
}
},
"$defs": {
"checksumEntry": {
"type": "object",
"additionalProperties": false,
"required": ["canonicalPath", "sha256", "sizeBytes"],
"properties": {
"canonicalPath": {
"type": "string",
"pattern": "^(?:[A-Za-z0-9_.-]+/)*[A-Za-z0-9_.-]+$"
},
"sha256": { "type": "string", "pattern": "^[0-9a-f]{64}$" },
"sizeBytes": { "type": "integer", "minimum": 0 }
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink