-
Bob Callaway authoredSigned-off-by:
Bob Callaway <bob.callaway@gmail.com>Bob Callaway authoredSigned-off-by:Bob Callaway <bob.callaway@gmail.com>
embedded_spec.go 93.12 KiB
// Code generated by go-swagger; DO NOT EDIT.
//
// Copyright 2021 The Sigstore Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
package restapi
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"encoding/json"
)
var (
// SwaggerJSON embedded version of the swagger document used at generation time
SwaggerJSON json.RawMessage
// FlatSwaggerJSON embedded flattened version of the swagger document used at generation time
FlatSwaggerJSON json.RawMessage
)
func init() {
SwaggerJSON = json.RawMessage([]byte(`{
"consumes": [
"application/json",
"application/yaml"
],
"produces": [
"application/json;q=1",
"application/yaml"
],
"schemes": [
"http"
],
"swagger": "2.0",
"info": {
"description": "Rekor is a cryptographically secure, immutable transparency log for signed software releases.",
"title": "Rekor",
"version": "0.0.1"
},
"host": "rekor.sigstore.dev",
"paths": {
"/api/v1/index/retrieve": {
"post": {
"tags": [
"index"
],
"summary": "Searches index by entry metadata",
"operationId": "searchIndex",
"parameters": [
{
"name": "query",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/SearchIndex"
} }
],
"responses": {
"200": {
"description": "Returns zero or more entry UUIDs from the transparency log based on search query",
"schema": {
"type": "array",
"items": {
"description": "Entry UUID in transparency log",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
}
},
"400": {
"$ref": "#/responses/BadContent"
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
},
"/api/v1/log": {
"get": {
"description": "Returns the current root hash and size of the merkle tree used to store the log entries.",
"tags": [
"tlog"
],
"summary": "Get information about the current state of the transparency log",
"operationId": "getLogInfo",
"responses": {
"200": {
"description": "A JSON object with the root hash and tree size as properties",
"schema": {
"$ref": "#/definitions/LogInfo"
}
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
},
"/api/v1/log/entries": {
"get": {
"tags": [
"entries"
],
"summary": "Retrieves an entry and inclusion proof from the transparency log (if it exists) by index",
"operationId": "getLogEntryByIndex",
"parameters": [
{
"type": "integer",
"description": "specifies the index of the entry in the transparency log to be retrieved",
"name": "logIndex",
"in": "query",
"required": true
}
],
"responses": {
"200": {
"description": "the entry in the transparency log requested along with an inclusion proof",
"schema": {
"$ref": "#/definitions/LogEntry"
}
},
"404": {
"$ref": "#/responses/NotFound"
}, "default": {
"$ref": "#/responses/InternalServerError"
}
}
},
"post": {
"description": "Creates an entry in the transparency log for a detached signature, public key, and content. Items can be included in the request or fetched by the server when URLs are specified.\n",
"tags": [
"entries"
],
"summary": "Creates an entry in the transparency log",
"operationId": "createLogEntry",
"parameters": [
{
"name": "proposedEntry",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/ProposedEntry"
}
}
],
"responses": {
"201": {
"description": "Returns the entry created in the transparency log",
"schema": {
"$ref": "#/definitions/LogEntry"
},
"headers": {
"ETag": {
"type": "string",
"description": "UUID of log entry"
},
"Location": {
"type": "string",
"format": "uri",
"description": "URI location of log entry"
}
}
},
"400": {
"$ref": "#/responses/BadContent"
},
"409": {
"$ref": "#/responses/Conflict"
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
},
"/api/v1/log/entries/retrieve": {
"post": {
"tags": [
"entries"
],
"summary": "Searches transparency log for one or more log entries",
"operationId": "searchLogQuery",
"parameters": [
{
"name": "entry",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/SearchLogQuery"
}
}
],
"responses": { "200": {
"description": "Returns zero or more entries from the transparency log, according to how many were included in request query",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/LogEntry"
}
}
},
"400": {
"$ref": "#/responses/BadContent"
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
},
"/api/v1/log/entries/{entryUUID}": {
"get": {
"description": "Returns the entry, root hash, tree size, and a list of hashes that can be used to calculate proof of an entry being included in the transparency log",
"tags": [
"entries"
],
"summary": "Get log entry and information required to generate an inclusion proof for the entry in the transparency log",
"operationId": "getLogEntryByUUID",
"parameters": [
{
"pattern": "^[0-9a-fA-F]{64}$",
"type": "string",
"description": "the UUID of the entry for which the inclusion proof information should be returned",
"name": "entryUUID",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Information needed for a client to compute the inclusion proof",
"schema": {
"$ref": "#/definitions/LogEntry"
}
},
"404": {
"$ref": "#/responses/NotFound"
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
},
"/api/v1/log/proof": {
"get": {
"description": "Returns a list of hashes for specified tree sizes that can be used to confirm the consistency of the transparency log",
"tags": [
"tlog"
],
"summary": "Get information required to generate a consistency proof for the transparency log",
"operationId": "getLogProof",
"parameters": [
{
"minimum": 1,
"type": "integer",
"default": 1,
"description": "The size of the tree that you wish to prove consistency from (1 means the beginning of the log) Defaults to 1 if not specified\n",
"name": "firstSize",
"in": "query"
},
{ "minimum": 1,
"type": "integer",
"description": "The size of the tree that you wish to prove consistency to",
"name": "lastSize",
"in": "query",
"required": true
}
],
"responses": {
"200": {
"description": "All hashes required to compute the consistency proof",
"schema": {
"$ref": "#/definitions/ConsistencyProof"
}
},
"400": {
"$ref": "#/responses/BadContent"
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
},
"/api/v1/log/publicKey": {
"get": {
"description": "Returns the public key that can be used to validate the signed tree head",
"produces": [
"application/x-pem-file"
],
"tags": [
"pubkey"
],
"summary": "Retrieve the public key that can be used to validate the signed tree head",
"operationId": "getPublicKey",
"responses": {
"200": {
"description": "The public key",
"schema": {
"type": "string"
}
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
},
"/api/v1/timestamp": {
"post": {
"consumes": [
"application/timestamp-query"
],
"produces": [
"application/timestamp-reply"
],
"tags": [
"timestamp"
],
"summary": "Generates a new timestamp response and creates a new log entry for the timestamp in the transparency log",
"operationId": "getTimestampResponse",
"parameters": [
{
"name": "request",
"in": "body",
"required": true,
"schema": {
"type": "string",
"format": "binary"
} }
],
"responses": {
"201": {
"description": "Returns a timestamp response and the location of the log entry in the transprency log",
"schema": {
"type": "string",
"format": "binary"
},
"headers": {
"ETag": {
"type": "string",
"description": "UUID of the log entry made for the timestamp response"
},
"Index": {
"type": "integer",
"description": "Log index of the log entry made for the timestamp response"
},
"Location": {
"type": "string",
"format": "uri",
"description": "URI location of the log entry made for the timestamp response"
}
}
},
"400": {
"$ref": "#/responses/BadContent"
},
"501": {
"$ref": "#/responses/NotImplemented"
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
},
"/api/v1/timestamp/certchain": {
"get": {
"description": "Returns the certfiicate chain for timestamping that can be used to validate trusted timestamps",
"produces": [
"application/pem-certificate-chain"
],
"tags": [
"timestamp"
],
"summary": "Retrieve the certfiicate chain for timestamping that can be used to validate trusted timestamps",
"operationId": "getTimestampCertChain",
"responses": {
"200": {
"description": "The PEM encoded cert chain",
"schema": {
"type": "string"
}
},
"404": {
"$ref": "#/responses/NotFound"
},
"default": {
"$ref": "#/responses/InternalServerError"
}
}
}
}
},
"definitions": {
"ConsistencyProof": {
"type": "object",
"required": [
"rootHash", "hashes"
],
"properties": {
"hashes": {
"type": "array",
"items": {
"description": "SHA256 hash value expressed in hexadecimal format",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
},
"rootHash": {
"description": "The hash value stored at the root of the merkle tree at the time the proof was generated",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
}
},
"Error": {
"type": "object",
"properties": {
"code": {
"type": "integer"
},
"message": {
"type": "string"
}
}
},
"InclusionProof": {
"type": "object",
"required": [
"logIndex",
"rootHash",
"treeSize",
"hashes"
],
"properties": {
"hashes": {
"description": "A list of hashes required to compute the inclusion proof, sorted in order from leaf to root",
"type": "array",
"items": {
"description": "SHA256 hash value expressed in hexadecimal format",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
},
"logIndex": {
"description": "The index of the entry in the transparency log",
"type": "integer"
},
"rootHash": {
"description": "The hash value stored at the root of the merkle tree at the time the proof was generated",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
},
"treeSize": {
"description": "The size of the merkle tree at the time the inclusion proof was generated",
"type": "integer",
"minimum": 1
}
}
},
"LogEntry": {
"type": "object",
"additionalProperties": {
"type": "object",
"required": [
"logID",
"logIndex", "body",
"integratedTime"
],
"properties": {
"attestation": {
"type": "object",
"format": "byte",
"properties": {
"data": {
"format": "byte"
},
"mediaType": {
"format": "string"
}
}
},
"body": {
"type": "object",
"additionalProperties": true
},
"integratedTime": {
"type": "integer"
},
"logID": {
"description": "This is the SHA256 hash of the DER-encoded public key for the log at the time the entry was included in the log",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
},
"logIndex": {
"type": "integer"
},
"verification": {
"type": "object",
"properties": {
"inclusionProof": {
"$ref": "#/definitions/InclusionProof"
},
"signedEntryTimestamp": {
"description": "Signature over the logID, logIndex, body and integratedTime.",
"type": "string",
"format": "byte"
}
}
}
}
}
},
"LogInfo": {
"type": "object",
"required": [
"rootHash",
"treeSize",
"signedTreeHead"
],
"properties": {
"rootHash": {
"description": "The current hash value stored at the root of the merkle tree",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
},
"signedTreeHead": {
"description": "The current signed tree head",
"type": "string",
"format": "signedCheckpoint"
},
"treeSize": {
"description": "The current number of nodes in the merkle tree",
"type": "integer",
"minimum": 1
} }
},
"ProposedEntry": {
"type": "object",
"required": [
"kind"
],
"properties": {
"kind": {
"type": "string"
}
},
"discriminator": "kind"
},
"SearchIndex": {
"type": "object",
"properties": {
"email": {
"type": "string",
"format": "email"
},
"hash": {
"type": "string",
"pattern": "^(sha256:)?[0-9a-fA-F]{64}$"
},
"publicKey": {
"type": "object",
"required": [
"format"
],
"properties": {
"content": {
"type": "string",
"format": "byte"
},
"format": {
"type": "string",
"enum": [
"pgp",
"x509",
"minisign",
"ssh"
]
},
"url": {
"type": "string",
"format": "uri"
}
}
}
}
},
"SearchLogQuery": {
"type": "object",
"properties": {
"entries": {
"type": "array",
"items": {
"minItems": 1,
"$ref": "#/definitions/ProposedEntry"
}
},
"entryUUIDs": {
"type": "array",
"items": {
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$",
"minItems": 1
}
}, "logIndexes": {
"type": "array",
"minItems": 1,
"items": {
"type": "integer"
}
}
}
},
"alpine": {
"description": "Alpine package",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"type": "object",
"$ref": "pkg/types/alpine/alpine_schema.json"
}
},
"additionalProperties": false
}
]
},
"helm": {
"description": "Helm chart",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"type": "object",
"$ref": "pkg/types/helm/helm_schema.json"
}
}
}
]
},
"intoto": {
"description": "Intoto object",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion", "spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"type": "object",
"$ref": "pkg/types/intoto/intoto_schema.json"
}
},
"additionalProperties": false
}
]
},
"jar": {
"description": "Java Archive (JAR)",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"type": "object",
"$ref": "pkg/types/jar/jar_schema.json"
}
},
"additionalProperties": false
}
]
},
"rekord": {
"description": "Rekord object",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"type": "object",
"$ref": "pkg/types/rekord/rekord_schema.json"
}
},
"additionalProperties": false
}
]
},
"rfc3161": {
"description": "RFC3161 Timestamp", "type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"type": "object",
"$ref": "pkg/types/rfc3161/rfc3161_schema.json"
}
},
"additionalProperties": false
}
]
},
"rpm": {
"description": "RPM package",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"type": "object",
"$ref": "pkg/types/rpm/rpm_schema.json"
}
},
"additionalProperties": false
}
]
}
},
"responses": {
"BadContent": {
"description": "The content supplied to the server was invalid",
"schema": {
"$ref": "#/definitions/Error"
}
},
"Conflict": {
"description": "The request conflicts with the current state of the transparency log",
"schema": {
"$ref": "#/definitions/Error"
},
"headers": {
"Location": {
"type": "string",
"format": "uri"
}
}
}, "InternalServerError": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
},
"NotFound": {
"description": "The content requested could not be found"
},
"NotImplemented": {
"description": "The content requested is not implemented"
}
}
}`))
FlatSwaggerJSON = json.RawMessage([]byte(`{
"consumes": [
"application/json",
"application/yaml"
],
"produces": [
"application/json;q=1",
"application/yaml"
],
"schemes": [
"http"
],
"swagger": "2.0",
"info": {
"description": "Rekor is a cryptographically secure, immutable transparency log for signed software releases.",
"title": "Rekor",
"version": "0.0.1"
},
"host": "rekor.sigstore.dev",
"paths": {
"/api/v1/index/retrieve": {
"post": {
"tags": [
"index"
],
"summary": "Searches index by entry metadata",
"operationId": "searchIndex",
"parameters": [
{
"name": "query",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/SearchIndex"
}
}
],
"responses": {
"200": {
"description": "Returns zero or more entry UUIDs from the transparency log based on search query",
"schema": {
"type": "array",
"items": {
"description": "Entry UUID in transparency log",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
}
},
"400": {
"description": "The content supplied to the server was invalid",
"schema": {
"$ref": "#/definitions/Error"
}
},
"default": { "description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
}
},
"/api/v1/log": {
"get": {
"description": "Returns the current root hash and size of the merkle tree used to store the log entries.",
"tags": [
"tlog"
],
"summary": "Get information about the current state of the transparency log",
"operationId": "getLogInfo",
"responses": {
"200": {
"description": "A JSON object with the root hash and tree size as properties",
"schema": {
"$ref": "#/definitions/LogInfo"
}
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
}
},
"/api/v1/log/entries": {
"get": {
"tags": [
"entries"
],
"summary": "Retrieves an entry and inclusion proof from the transparency log (if it exists) by index",
"operationId": "getLogEntryByIndex",
"parameters": [
{
"minimum": 0,
"type": "integer",
"description": "specifies the index of the entry in the transparency log to be retrieved",
"name": "logIndex",
"in": "query",
"required": true
}
],
"responses": {
"200": {
"description": "the entry in the transparency log requested along with an inclusion proof",
"schema": {
"$ref": "#/definitions/LogEntry"
}
},
"404": {
"description": "The content requested could not be found"
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
},
"post": {
"description": "Creates an entry in the transparency log for a detached signature, public key, and content. Items can be included in the request or fetched by the server when URLs are specified.\n",
"tags": [ "entries"
],
"summary": "Creates an entry in the transparency log",
"operationId": "createLogEntry",
"parameters": [
{
"name": "proposedEntry",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/ProposedEntry"
}
}
],
"responses": {
"201": {
"description": "Returns the entry created in the transparency log",
"schema": {
"$ref": "#/definitions/LogEntry"
},
"headers": {
"ETag": {
"type": "string",
"description": "UUID of log entry"
},
"Location": {
"type": "string",
"format": "uri",
"description": "URI location of log entry"
}
}
},
"400": {
"description": "The content supplied to the server was invalid",
"schema": {
"$ref": "#/definitions/Error"
}
},
"409": {
"description": "The request conflicts with the current state of the transparency log",
"schema": {
"$ref": "#/definitions/Error"
},
"headers": {
"Location": {
"type": "string",
"format": "uri"
}
}
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
}
},
"/api/v1/log/entries/retrieve": {
"post": {
"tags": [
"entries"
],
"summary": "Searches transparency log for one or more log entries",
"operationId": "searchLogQuery",
"parameters": [
{
"name": "entry",
"in": "body", "required": true,
"schema": {
"$ref": "#/definitions/SearchLogQuery"
}
}
],
"responses": {
"200": {
"description": "Returns zero or more entries from the transparency log, according to how many were included in request query",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/LogEntry"
}
}
},
"400": {
"description": "The content supplied to the server was invalid",
"schema": {
"$ref": "#/definitions/Error"
}
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
}
},
"/api/v1/log/entries/{entryUUID}": {
"get": {
"description": "Returns the entry, root hash, tree size, and a list of hashes that can be used to calculate proof of an entry being included in the transparency log",
"tags": [
"entries"
],
"summary": "Get log entry and information required to generate an inclusion proof for the entry in the transparency log",
"operationId": "getLogEntryByUUID",
"parameters": [
{
"pattern": "^[0-9a-fA-F]{64}$",
"type": "string",
"description": "the UUID of the entry for which the inclusion proof information should be returned",
"name": "entryUUID",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Information needed for a client to compute the inclusion proof",
"schema": {
"$ref": "#/definitions/LogEntry"
}
},
"404": {
"description": "The content requested could not be found"
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
}
},
"/api/v1/log/proof": {
"get": { "description": "Returns a list of hashes for specified tree sizes that can be used to confirm the consistency of the transparency log",
"tags": [
"tlog"
],
"summary": "Get information required to generate a consistency proof for the transparency log",
"operationId": "getLogProof",
"parameters": [
{
"minimum": 1,
"type": "integer",
"default": 1,
"description": "The size of the tree that you wish to prove consistency from (1 means the beginning of the log) Defaults to 1 if not specified\n",
"name": "firstSize",
"in": "query"
},
{
"minimum": 1,
"type": "integer",
"description": "The size of the tree that you wish to prove consistency to",
"name": "lastSize",
"in": "query",
"required": true
}
],
"responses": {
"200": {
"description": "All hashes required to compute the consistency proof",
"schema": {
"$ref": "#/definitions/ConsistencyProof"
}
},
"400": {
"description": "The content supplied to the server was invalid",
"schema": {
"$ref": "#/definitions/Error"
}
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
}
},
"/api/v1/log/publicKey": {
"get": {
"description": "Returns the public key that can be used to validate the signed tree head",
"produces": [
"application/x-pem-file"
],
"tags": [
"pubkey"
],
"summary": "Retrieve the public key that can be used to validate the signed tree head",
"operationId": "getPublicKey",
"responses": {
"200": {
"description": "The public key",
"schema": {
"type": "string"
}
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
} }
}
},
"/api/v1/timestamp": {
"post": {
"consumes": [
"application/timestamp-query"
],
"produces": [
"application/timestamp-reply"
],
"tags": [
"timestamp"
],
"summary": "Generates a new timestamp response and creates a new log entry for the timestamp in the transparency log",
"operationId": "getTimestampResponse",
"parameters": [
{
"name": "request",
"in": "body",
"required": true,
"schema": {
"type": "string",
"format": "binary"
}
}
],
"responses": {
"201": {
"description": "Returns a timestamp response and the location of the log entry in the transprency log",
"schema": {
"type": "string",
"format": "binary"
},
"headers": {
"ETag": {
"type": "string",
"description": "UUID of the log entry made for the timestamp response"
},
"Index": {
"type": "integer",
"description": "Log index of the log entry made for the timestamp response"
},
"Location": {
"type": "string",
"format": "uri",
"description": "URI location of the log entry made for the timestamp response"
}
}
},
"400": {
"description": "The content supplied to the server was invalid",
"schema": {
"$ref": "#/definitions/Error"
}
},
"501": {
"description": "The content requested is not implemented"
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
}
},
"/api/v1/timestamp/certchain": {
"get": { "description": "Returns the certfiicate chain for timestamping that can be used to validate trusted timestamps",
"produces": [
"application/pem-certificate-chain"
],
"tags": [
"timestamp"
],
"summary": "Retrieve the certfiicate chain for timestamping that can be used to validate trusted timestamps",
"operationId": "getTimestampCertChain",
"responses": {
"200": {
"description": "The PEM encoded cert chain",
"schema": {
"type": "string"
}
},
"404": {
"description": "The content requested could not be found"
},
"default": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
}
}
}
}
},
"definitions": {
"AlpineV001SchemaPackage": {
"description": "Information about the package associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the package inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value for the package",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the package",
"type": "string" }
}
},
"pkginfo": {
"description": "Values of the .PKGINFO key / value pairs",
"type": "object",
"additionalProperties": {
"type": "string"
},
"readOnly": true
},
"url": {
"description": "Specifies the location of the package; if this is specified, a hash value must also be provided",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"AlpineV001SchemaPackageHash": {
"description": "Specifies the hash algorithm and value for the package",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the package",
"type": "string"
}
}
},
"AlpineV001SchemaPublicKey": {
"description": "The public key that can verify the package signature",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"ConsistencyProof": { "type": "object",
"required": [
"rootHash",
"hashes"
],
"properties": {
"hashes": {
"type": "array",
"items": {
"description": "SHA256 hash value expressed in hexadecimal format",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
},
"rootHash": {
"description": "The hash value stored at the root of the merkle tree at the time the proof was generated",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
}
},
"Error": {
"type": "object",
"properties": {
"code": {
"type": "integer"
},
"message": {
"type": "string"
}
}
},
"HelmV001SchemaChart": {
"description": "Information about the Helm chart associated with the entry",
"type": "object",
"required": [
"provenance"
],
"properties": {
"hash": {
"description": "Specifies the hash algorithm and value for the chart",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the chart",
"type": "string"
}
},
"readOnly": true
},
"provenance": {
"description": "The provenance entry associated with the signed Helm Chart",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
}, {
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the provenance file inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"signature": {
"description": "Information about the included signature in the provenance file",
"type": "object",
"required": [
"content"
],
"properties": {
"content": {
"description": "Specifies the signature embedded within the provenance file ",
"type": "string",
"format": "byte",
"readOnly": true
}
},
"readOnly": true
},
"url": {
"description": "Specifies the location of the provenance file",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
}
}
},
"HelmV001SchemaChartHash": {
"description": "Specifies the hash algorithm and value for the chart",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the chart",
"type": "string"
}
},
"readOnly": true
},
"HelmV001SchemaChartProvenance": {
"description": "The provenance entry associated with the signed Helm Chart",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
}, {
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the provenance file inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"signature": {
"description": "Information about the included signature in the provenance file",
"type": "object",
"required": [
"content"
],
"properties": {
"content": {
"description": "Specifies the signature embedded within the provenance file ",
"type": "string",
"format": "byte",
"readOnly": true
}
},
"readOnly": true
},
"url": {
"description": "Specifies the location of the provenance file",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"HelmV001SchemaChartProvenanceSignature": {
"description": "Information about the included signature in the provenance file",
"type": "object",
"required": [
"content"
],
"properties": {
"content": {
"description": "Specifies the signature embedded within the provenance file ",
"type": "string",
"format": "byte",
"readOnly": true
}
},
"readOnly": true
},
"HelmV001SchemaPublicKey": {
"description": "The public key that can verify the package signature",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": { "description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"InclusionProof": {
"type": "object",
"required": [
"logIndex",
"rootHash",
"treeSize",
"hashes"
],
"properties": {
"hashes": {
"description": "A list of hashes required to compute the inclusion proof, sorted in order from leaf to root",
"type": "array",
"items": {
"description": "SHA256 hash value expressed in hexadecimal format",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
},
"logIndex": {
"description": "The index of the entry in the transparency log",
"type": "integer",
"minimum": 0
},
"rootHash": {
"description": "The hash value stored at the root of the merkle tree at the time the proof was generated",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
},
"treeSize": {
"description": "The size of the merkle tree at the time the inclusion proof was generated",
"type": "integer",
"minimum": 1
}
}
},
"IntotoV001SchemaContent": {
"type": "object",
"properties": {
"envelope": {
"description": "envelope",
"type": "string",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value encompassing the entire signed envelope",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
}, "value": {
"description": "The hash value for the archive",
"type": "string"
}
},
"readOnly": true
}
}
},
"IntotoV001SchemaContentHash": {
"description": "Specifies the hash algorithm and value encompassing the entire signed envelope",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the archive",
"type": "string"
}
},
"readOnly": true
},
"JarV001SchemaArchive": {
"description": "Information about the archive associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the archive inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value encompassing the entire signed archive",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the archive", "type": "string"
}
}
},
"url": {
"description": "Specifies the location of the archive; if this is specified, a hash value must also be provided",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"JarV001SchemaArchiveHash": {
"description": "Specifies the hash algorithm and value encompassing the entire signed archive",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the archive",
"type": "string"
}
}
},
"JarV001SchemaSignature": {
"description": "Information about the included signature in the JAR file",
"type": "object",
"required": [
"publicKey",
"content"
],
"properties": {
"content": {
"description": "Specifies the PKCS7 signature embedded within the JAR file ",
"type": "string",
"format": "byte",
"readOnly": true
},
"publicKey": {
"description": "The X509 certificate containing the public key JAR which verifies the signature of the JAR",
"type": "object",
"required": [
"content"
],
"properties": {
"content": {
"description": "Specifies the content of the X509 certificate containing the public key used to verify the signature",
"type": "string",
"format": "byte"
}
},
"readOnly": true
}
}
},
"JarV001SchemaSignaturePublicKey": {
"description": "The X509 certificate containing the public key JAR which verifies the signature of the JAR",
"type": "object",
"required": [
"content"
], "properties": {
"content": {
"description": "Specifies the content of the X509 certificate containing the public key used to verify the signature",
"type": "string",
"format": "byte"
}
},
"readOnly": true
},
"LogEntry": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/LogEntryAnon"
}
},
"LogEntryAnon": {
"type": "object",
"required": [
"logID",
"logIndex",
"body",
"integratedTime"
],
"properties": {
"attestation": {
"type": "object",
"format": "byte",
"properties": {
"data": {
"format": "byte"
},
"mediaType": {
"format": "string"
}
}
},
"body": {
"type": "object",
"additionalProperties": true
},
"integratedTime": {
"type": "integer"
},
"logID": {
"description": "This is the SHA256 hash of the DER-encoded public key for the log at the time the entry was included in the log",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
},
"logIndex": {
"type": "integer",
"minimum": 0
},
"verification": {
"type": "object",
"properties": {
"inclusionProof": {
"$ref": "#/definitions/InclusionProof"
},
"signedEntryTimestamp": {
"description": "Signature over the logID, logIndex, body and integratedTime.",
"type": "string",
"format": "byte"
}
}
}
}
},
"LogEntryAnonAttestation": {
"type": "object",
"format": "byte", "properties": {
"data": {
"format": "byte"
},
"mediaType": {
"format": "string"
}
}
},
"LogEntryAnonVerification": {
"type": "object",
"properties": {
"inclusionProof": {
"$ref": "#/definitions/InclusionProof"
},
"signedEntryTimestamp": {
"description": "Signature over the logID, logIndex, body and integratedTime.",
"type": "string",
"format": "byte"
}
}
},
"LogInfo": {
"type": "object",
"required": [
"rootHash",
"treeSize",
"signedTreeHead"
],
"properties": {
"rootHash": {
"description": "The current hash value stored at the root of the merkle tree",
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
},
"signedTreeHead": {
"description": "The current signed tree head",
"type": "string",
"format": "signedCheckpoint"
},
"treeSize": {
"description": "The current number of nodes in the merkle tree",
"type": "integer",
"minimum": 1
}
}
},
"ProposedEntry": {
"type": "object",
"required": [
"kind"
],
"properties": {
"kind": {
"type": "string"
}
},
"discriminator": "kind"
},
"RekordV001SchemaData": {
"description": "Information about the content associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [ "content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value for the content",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the content",
"type": "string"
}
}
},
"url": {
"description": "Specifies the location of the content",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"RekordV001SchemaDataHash": {
"description": "Specifies the hash algorithm and value for the content",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the content",
"type": "string"
}
}
},
"RekordV001SchemaSignature": {
"description": "Information about the detached signature associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"format",
"publicKey",
"url" ]
},
{
"required": [
"format",
"publicKey",
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the signature inline within the document",
"type": "string",
"format": "byte"
},
"format": {
"description": "Specifies the format of the signature",
"type": "string",
"enum": [
"pgp",
"minisign",
"x509",
"ssh"
]
},
"publicKey": {
"description": "The public key that can verify the signature",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"url": {
"description": "Specifies the location of the signature",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"RekordV001SchemaSignaturePublicKey": {
"description": "The public key that can verify the signature",
"type": "object",
"oneOf": [
{
"required": [
"url" ]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"Rfc3161V001SchemaTsr": {
"description": "Information about the tsr file associated with the entry",
"type": "object",
"required": [
"content"
],
"properties": {
"content": {
"description": "Specifies the tsr file content inline within the document",
"type": "string",
"format": "byte"
}
}
},
"RpmV001SchemaPackage": {
"description": "Information about the package associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the package inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value for the package",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [ "sha256"
]
},
"value": {
"description": "The hash value for the package",
"type": "string"
}
}
},
"headers": {
"description": "Values of the RPM headers",
"type": "object",
"additionalProperties": {
"type": "string"
},
"readOnly": true
},
"url": {
"description": "Specifies the location of the package; if this is specified, a hash value must also be provided",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"RpmV001SchemaPackageHash": {
"description": "Specifies the hash algorithm and value for the package",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the package",
"type": "string"
}
}
},
"RpmV001SchemaPublicKey": {
"description": "The PGP public key that can verify the RPM signature",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string", "format": "uri",
"writeOnly": true
}
}
},
"SearchIndex": {
"type": "object",
"properties": {
"email": {
"type": "string",
"format": "email"
},
"hash": {
"type": "string",
"pattern": "^(sha256:)?[0-9a-fA-F]{64}$"
},
"publicKey": {
"type": "object",
"required": [
"format"
],
"properties": {
"content": {
"type": "string",
"format": "byte"
},
"format": {
"type": "string",
"enum": [
"pgp",
"x509",
"minisign",
"ssh"
]
},
"url": {
"type": "string",
"format": "uri"
}
}
}
}
},
"SearchIndexPublicKey": {
"type": "object",
"required": [
"format"
],
"properties": {
"content": {
"type": "string",
"format": "byte"
},
"format": {
"type": "string",
"enum": [
"pgp",
"x509",
"minisign",
"ssh"
]
},
"url": {
"type": "string",
"format": "uri"
}
}
},
"SearchLogQuery": {
"type": "object", "properties": {
"entries": {
"type": "array",
"items": {
"$ref": "#/definitions/ProposedEntry"
}
},
"entryUUIDs": {
"type": "array",
"items": {
"type": "string",
"pattern": "^[0-9a-fA-F]{64}$"
}
},
"logIndexes": {
"type": "array",
"minItems": 1,
"items": {
"type": "integer",
"minimum": 0
}
}
}
},
"alpine": {
"description": "Alpine package",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"$ref": "#/definitions/alpineSchema"
}
},
"additionalProperties": false
}
]
},
"alpineSchema": {
"description": "Schema for Alpine package objects",
"type": "object",
"title": "Alpine Package Schema",
"oneOf": [
{
"$ref": "#/definitions/alpineV001Schema"
}
],
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/alpine/alpine_schema.json"
},
"alpineV001Schema": {
"description": "Schema for Alpine Package entries",
"type": "object",
"title": "Alpine v0.0.1 Schema",
"required": [
"publicKey",
"package"
],
"properties": { "extraData": {
"description": "Arbitrary content to be included in the verifiable entry in the transparency log",
"type": "object",
"additionalProperties": true
},
"package": {
"description": "Information about the package associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the package inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value for the package",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the package",
"type": "string"
}
}
},
"pkginfo": {
"description": "Values of the .PKGINFO key / value pairs",
"type": "object",
"additionalProperties": {
"type": "string"
},
"readOnly": true
},
"url": {
"description": "Specifies the location of the package; if this is specified, a hash value must also be provided",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"publicKey": {
"description": "The public key that can verify the package signature",
"type": "object",
"oneOf": [
{
"required": [ "url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
}
},
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/alpine/alpine_v0_0_1_schema.json"
},
"helm": {
"description": "Helm chart",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"$ref": "#/definitions/helmSchema"
}
}
}
]
},
"helmSchema": {
"description": "Schema for Helm objects",
"type": "object",
"title": "Helm Schema",
"oneOf": [
{
"$ref": "#/definitions/helmV001Schema"
}
],
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/helm/helm_schema.json"
},
"helmV001Schema": {
"description": "Schema for Helm object",
"type": "object",
"title": "Helm v0.0.1 Schema",
"required": [
"publicKey",
"chart" ],
"properties": {
"chart": {
"description": "Information about the Helm chart associated with the entry",
"type": "object",
"required": [
"provenance"
],
"properties": {
"hash": {
"description": "Specifies the hash algorithm and value for the chart",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the chart",
"type": "string"
}
},
"readOnly": true
},
"provenance": {
"description": "The provenance entry associated with the signed Helm Chart",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the provenance file inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"signature": {
"description": "Information about the included signature in the provenance file",
"type": "object",
"required": [
"content"
],
"properties": {
"content": {
"description": "Specifies the signature embedded within the provenance file ",
"type": "string",
"format": "byte",
"readOnly": true
}
},
"readOnly": true
},
"url": { "description": "Specifies the location of the provenance file",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
}
}
},
"extraData": {
"description": "Arbitrary content to be included in the verifiable entry in the transparency log",
"type": "object",
"additionalProperties": true
},
"publicKey": {
"description": "The public key that can verify the package signature",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
}
},
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/helm/helm_v0_0_1_schema.json"
},
"intoto": {
"description": "Intoto object",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"$ref": "#/definitions/intotoSchema"
}
},
"additionalProperties": false
} ]
},
"intotoSchema": {
"description": "Intoto for Rekord objects",
"type": "object",
"title": "Intoto Schema",
"oneOf": [
{
"$ref": "#/definitions/intotoV001Schema"
}
],
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/intoto/intoto_schema.json"
},
"intotoV001Schema": {
"description": "Schema for intoto object",
"type": "object",
"title": "intoto v0.0.1 Schema",
"required": [
"publicKey",
"content"
],
"properties": {
"content": {
"type": "object",
"properties": {
"envelope": {
"description": "envelope",
"type": "string",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value encompassing the entire signed envelope",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the archive",
"type": "string"
}
},
"readOnly": true
}
}
},
"extraData": {
"description": "Arbitrary content to be included in the verifiable entry in the transparency log",
"type": "object",
"additionalProperties": true
},
"publicKey": {
"description": "The public key that can verify the signature",
"type": "string",
"format": "byte"
}
},
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/intoto/intoto_v0_0_1_schema.json"
},
"jar": { "description": "Java Archive (JAR)",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"$ref": "#/definitions/jarSchema"
}
},
"additionalProperties": false
}
]
},
"jarSchema": {
"description": "Schema for JAR objects",
"type": "object",
"title": "JAR Schema",
"oneOf": [
{
"$ref": "#/definitions/jarV001Schema"
}
],
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/jar/jar_schema.json"
},
"jarV001Schema": {
"description": "Schema for JAR entries",
"type": "object",
"title": "JAR v0.0.1 Schema",
"required": [
"archive"
],
"properties": {
"archive": {
"description": "Information about the archive associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the archive inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value encompassing the entire signed archive",
"type": "object",
"required": [ "algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the archive",
"type": "string"
}
}
},
"url": {
"description": "Specifies the location of the archive; if this is specified, a hash value must also be provided",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"extraData": {
"description": "Arbitrary content to be included in the verifiable entry in the transparency log",
"type": "object",
"additionalProperties": true
},
"signature": {
"description": "Information about the included signature in the JAR file",
"type": "object",
"required": [
"publicKey",
"content"
],
"properties": {
"content": {
"description": "Specifies the PKCS7 signature embedded within the JAR file ",
"type": "string",
"format": "byte",
"readOnly": true
},
"publicKey": {
"description": "The X509 certificate containing the public key JAR which verifies the signature of the JAR",
"type": "object",
"required": [
"content"
],
"properties": {
"content": {
"description": "Specifies the content of the X509 certificate containing the public key used to verify the signature",
"type": "string",
"format": "byte"
}
},
"readOnly": true
}
}
}
},
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/jar/jar_v0_0_1_schema.json"
},
"rekord": {
"description": "Rekord object",
"type": "object",
"allOf": [
{ "$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"$ref": "#/definitions/rekordSchema"
}
},
"additionalProperties": false
}
]
},
"rekordSchema": {
"description": "Schema for Rekord objects",
"type": "object",
"title": "Rekor Schema",
"oneOf": [
{
"$ref": "#/definitions/rekordV001Schema"
}
],
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/rekord/rekord_schema.json"
},
"rekordV001Schema": {
"description": "Schema for Rekord object",
"type": "object",
"title": "Rekor v0.0.1 Schema",
"required": [
"signature",
"data"
],
"properties": {
"data": {
"description": "Information about the content associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value for the content",
"type": "object",
"required": [
"algorithm",
"value"
], "properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the content",
"type": "string"
}
}
},
"url": {
"description": "Specifies the location of the content",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"extraData": {
"description": "Arbitrary content to be included in the verifiable entry in the transparency log",
"type": "object",
"additionalProperties": true
},
"signature": {
"description": "Information about the detached signature associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"format",
"publicKey",
"url"
]
},
{
"required": [
"format",
"publicKey",
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the signature inline within the document",
"type": "string",
"format": "byte"
},
"format": {
"description": "Specifies the format of the signature",
"type": "string",
"enum": [
"pgp",
"minisign",
"x509",
"ssh"
]
},
"publicKey": {
"description": "The public key that can verify the signature",
"type": "object",
"oneOf": [
{
"required": [
"url"
] },
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
},
"url": {
"description": "Specifies the location of the signature",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
}
},
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/rekord/rekord_v0_0_1_schema.json"
},
"rfc3161": {
"description": "RFC3161 Timestamp",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"$ref": "#/definitions/rfc3161Schema"
}
},
"additionalProperties": false
}
]
},
"rfc3161Schema": {
"description": "Schema for RFC 3161 timestamp objects",
"type": "object",
"title": "Timestamp Schema",
"oneOf": [
{
"$ref": "#/definitions/rfc3161V001Schema"
}
],
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/rfc3161/rfc3161_schema.json"
}, "rfc3161V001Schema": {
"description": "Schema for RFC3161 entries",
"type": "object",
"title": "Timestamp v0.0.1 Schema",
"required": [
"tsr"
],
"properties": {
"extraData": {
"description": "Arbitrary content to be included in the verifiable entry in the transparency log",
"type": "object",
"additionalProperties": true
},
"tsr": {
"description": "Information about the tsr file associated with the entry",
"type": "object",
"required": [
"content"
],
"properties": {
"content": {
"description": "Specifies the tsr file content inline within the document",
"type": "string",
"format": "byte"
}
}
}
},
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/timestamp/timestamp_v0_0_1_schema.json"
},
"rpm": {
"description": "RPM package",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProposedEntry"
},
{
"required": [
"apiVersion",
"spec"
],
"properties": {
"apiVersion": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"spec": {
"$ref": "#/definitions/rpmSchema"
}
},
"additionalProperties": false
}
]
},
"rpmSchema": {
"description": "Schema for RPM objects",
"type": "object",
"title": "RPM Schema",
"oneOf": [
{
"$ref": "#/definitions/rpmV001Schema"
}
],
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/rpm/rpm_schema.json"
},
"rpmV001Schema": {
"description": "Schema for RPM entries", "type": "object",
"title": "RPM v0.0.1 Schema",
"required": [
"publicKey",
"package"
],
"properties": {
"extraData": {
"description": "Arbitrary content to be included in the verifiable entry in the transparency log",
"type": "object",
"additionalProperties": true
},
"package": {
"description": "Information about the package associated with the entry",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the package inline within the document",
"type": "string",
"format": "byte",
"writeOnly": true
},
"hash": {
"description": "Specifies the hash algorithm and value for the package",
"type": "object",
"required": [
"algorithm",
"value"
],
"properties": {
"algorithm": {
"description": "The hashing function used to compute the hash value",
"type": "string",
"enum": [
"sha256"
]
},
"value": {
"description": "The hash value for the package",
"type": "string"
}
}
},
"headers": {
"description": "Values of the RPM headers",
"type": "object",
"additionalProperties": {
"type": "string"
},
"readOnly": true
},
"url": {
"description": "Specifies the location of the package; if this is specified, a hash value must also be provided",
"type": "string",
"format": "uri",
"writeOnly": true
}
} },
"publicKey": {
"description": "The PGP public key that can verify the RPM signature",
"type": "object",
"oneOf": [
{
"required": [
"url"
]
},
{
"required": [
"content"
]
}
],
"properties": {
"content": {
"description": "Specifies the content of the public key inline within the document",
"type": "string",
"format": "byte"
},
"url": {
"description": "Specifies the location of the public key",
"type": "string",
"format": "uri",
"writeOnly": true
}
}
}
},
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://rekor.sigstore.dev/types/rpm/rpm_v0_0_1_schema.json"
}
},
"responses": {
"BadContent": {
"description": "The content supplied to the server was invalid",
"schema": {
"$ref": "#/definitions/Error"
}
},
"Conflict": {
"description": "The request conflicts with the current state of the transparency log",
"schema": {
"$ref": "#/definitions/Error"
},
"headers": {
"Location": {
"type": "string",
"format": "uri"
}
}
},
"InternalServerError": {
"description": "There was an internal error in the server while processing the request",
"schema": {
"$ref": "#/definitions/Error"
}
},
"NotFound": {
"description": "The content requested could not be found"
},
"NotImplemented": {
"description": "The content requested is not implemented"
}
}
}`))
}