diff --git a/model_signing/signing/in_toto.py b/model_signing/signing/in_toto.py index 66af0fac..129fbaf7 100644 --- a/model_signing/signing/in_toto.py +++ b/model_signing/signing/in_toto.py @@ -46,7 +46,7 @@ class SingleDigestIntotoPayload(IntotoPayload): """In-toto payload where the model is serialized to just one digest. In this case, we encode the model as the only subject of the statement. We - don't set the name field, and use the digest as the one resulting from the + set the name field to ".", and use the digest as the one resulting from the model serialization. However, since we use custom hashing algorithms, but these are not supported @@ -59,6 +59,7 @@ class SingleDigestIntotoPayload(IntotoPayload): "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "3aab065c...." } @@ -90,7 +91,7 @@ def __init__(self, *, digest_hex: str, digest_algorithm: str): digest_algorithm: the algorithm used to compute the digest. """ digest = {"sha256": digest_hex} - descriptor = statement.ResourceDescriptor(digest=digest).pb + descriptor = statement.ResourceDescriptor(name=".", digest=digest).pb self.statement = statement.Statement( subjects=[descriptor], @@ -151,7 +152,7 @@ def _convert_descriptors_to_hashed_statement( }) digest = {"sha256": hasher.compute().digest_hex} - descriptor = statement.ResourceDescriptor(digest=digest).pb + descriptor = statement.ResourceDescriptor(name=".", digest=digest).pb return statement.Statement( subjects=[descriptor], @@ -176,6 +177,7 @@ class DigestOfDigestsIntotoPayload(IntotoPayload): "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "18b5a4..." } @@ -272,6 +274,7 @@ class DigestOfShardDigestsIntotoPayload(IntotoPayload): "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "18b5a4..." } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/deep_model_folder b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/deep_model_folder index 0b24629a..1295cc7f 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/deep_model_folder +++ b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/deep_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "18b5a45fe7983f7194e8ffd96c80f5f0ec53191bf4a32b6aff293f043e816d7a" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/empty_model_file b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/empty_model_file index ac8470eb..c2f9f5d1 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/empty_model_file +++ b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/empty_model_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "5df6e0e2761359d30a8275058e299fcc0381534545f55cf43e41983f5d4c9456" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/empty_model_folder b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/empty_model_folder index 39e22e6c..9f2c05e5 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/empty_model_folder +++ b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/empty_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/model_folder_with_empty_file b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/model_folder_with_empty_file index 59102d5c..2d292903 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/model_folder_with_empty_file +++ b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/model_folder_with_empty_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "5df6e0e2761359d30a8275058e299fcc0381534545f55cf43e41983f5d4c9456" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/sample_model_file b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/sample_model_file index 4c594350..3e65762f 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/sample_model_file +++ b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/sample_model_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "002d162f867c5eee944e5080d25829b6625be0e3f081f6fbafc7dd655ca2e178" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/sample_model_folder b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/sample_model_folder index 737465bb..d46d2d61 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/sample_model_folder +++ b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/sample_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "143cc682e555951649f18e2761c3d526d2502996f5e32dc187ef7f8a614f8df7" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/symlink_model_folder b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/symlink_model_folder index 8e737f97..a6b711ca 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/symlink_model_folder +++ b/model_signing/signing/testdata/in_toto/TestDigestOfDigestsIntotoPayload/symlink_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "002d162f867c5eee944e5080d25829b6625be0e3f081f6fbafc7dd655ca2e178" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/deep_model_folder b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/deep_model_folder index 42b52a19..3adb5f70 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/deep_model_folder +++ b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/deep_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "18b5a45fe7983f7194e8ffd96c80f5f0ec53191bf4a32b6aff293f043e816d7a" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/empty_model_file b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/empty_model_file index 898052c3..64ff5def 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/empty_model_file +++ b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/empty_model_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/empty_model_folder b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/empty_model_folder index 898052c3..64ff5def 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/empty_model_folder +++ b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/empty_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/model_folder_with_empty_file b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/model_folder_with_empty_file index 898052c3..64ff5def 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/model_folder_with_empty_file +++ b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/model_folder_with_empty_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/sample_model_file b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/sample_model_file index 8dee2069..b7907eaf 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/sample_model_file +++ b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/sample_model_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "002d162f867c5eee944e5080d25829b6625be0e3f081f6fbafc7dd655ca2e178" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/sample_model_folder b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/sample_model_folder index 461cee86..f2d4980c 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/sample_model_folder +++ b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/sample_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "143cc682e555951649f18e2761c3d526d2502996f5e32dc187ef7f8a614f8df7" } diff --git a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/symlink_model_folder b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/symlink_model_folder index dcba2415..f45b3ae4 100644 --- a/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/symlink_model_folder +++ b/model_signing/signing/testdata/in_toto/TestDigestOfShardDigestsIntotoPayload/symlink_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "002d162f867c5eee944e5080d25829b6625be0e3f081f6fbafc7dd655ca2e178" } diff --git a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/deep_model_folder b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/deep_model_folder index da101c70..a5d1c277 100644 --- a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/deep_model_folder +++ b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/deep_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "36eed9389ebbbe15ac15d33c81dabb60ccb7c945ff641d78f59db9aa9dc47ac9" } diff --git a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/empty_model_file b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/empty_model_file index 307b507d..aef4a940 100644 --- a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/empty_model_file +++ b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/empty_model_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" } diff --git a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/empty_model_folder b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/empty_model_folder index a67f143a..0b14981f 100644 --- a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/empty_model_folder +++ b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/empty_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" } diff --git a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/model_folder_with_empty_file b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/model_folder_with_empty_file index b1c88436..b5298124 100644 --- a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/model_folder_with_empty_file +++ b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/model_folder_with_empty_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "68efd863f20e083173846a5e98ad11387a1979efe20ded426a7930bab8358a9c" } diff --git a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/sample_model_file b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/sample_model_file index ceae1692..8bb6bbba 100644 --- a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/sample_model_file +++ b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/sample_model_file @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "3aab065c7181a173b5dd9e9d32a9f79923440b413be1e1ffcdba26a7365f719b" } diff --git a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/sample_model_folder b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/sample_model_folder index 9091929d..4a5f4774 100644 --- a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/sample_model_folder +++ b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/sample_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "310af4fc4c52bf63cd1687c67076ed3e56bc5480a1b151539e6c550506ae0301" } diff --git a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/symlink_model_folder b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/symlink_model_folder index ba3a1c24..7a016b53 100644 --- a/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/symlink_model_folder +++ b/model_signing/signing/testdata/in_toto/TestSingleDigestIntotoPayload/symlink_model_folder @@ -2,6 +2,7 @@ "_type": "https://in-toto.io/Statement/v1", "subject": [ { + "name": ".", "digest": { "sha256": "8372365be7578241d18db47ec83b735bb450a10a1b4298d9b7b0d8bf543b7271" }