# Copyright (C) 2012 Anaconda, Inc # SPDX-License-Identifier: BSD-3-Clause """Context trust constants. You could argue that the signatures being here is not necessary; indeed, we are not necessarily going to be able to check them *properly* (based on some prior expectations) as the user, since this is the beginning of trust bootstrapping, the first/backup version of the root of trust metadata. Still, the signatures here are useful for diagnostic purposes, and, more important, to allow self-consistency checks: that helps us avoid breaking the chain of trust if someone accidentally lists the wrong keys down the line. (: The discrepancy can be detected when loading the root data, and we can decline to cache incorrect trust metadata that would make further root updates impossible. """ INITIAL_TRUST_ROOT = { "signatures": { "6d4d5888398ad77465e9fd53996309187723e16509144aa6733015c960378e7a": { "other_headers": "04001608001d162104d2ca1d4bf5d77e7c312534284dd9c45328b685ec0502605dbb03", # noqa: E501 "signature": "b71c9b3aa60e77258c402e574397127bcb4bc15ef3055ada8539b0d1e355bf1415a135fb7cecc9244f839a929f6b1f82844a5b3df8d6225ec9a50b181692490f", # noqa: E501 }, "508debb915ede0b16dc0cff63f250bde73c5923317b44719fcfc25cc95560c44": { "other_headers": "04001608001d162104e6dffee4638f24cfa60a08ba03afe1314a3a38fc050260621281", # noqa: E501 "signature": "29d53d4e7dbea0a3efb07266d22e57cf4df7abe004453981c631245716e1b737c7a6b4ab95f42592af70be67abf56e97020e1aa1f52b49ef39b37481f05d5701", # noqa: E501 }, }, "signed": { "delegations": { "key_mgr": { "pubkeys": [ "f24c813d23a9b26be665eee5c54680c35321061b337f862385ed6d783b0bedb0" ], "threshold": 1, }, "root": { "pubkeys": [ "668a3217d72d4064edb16648435dc4a3e09a172ecee45dcab1464dcd2f402ec6", "508debb915ede0b16dc0cff63f250bde73c5923317b44719fcfc25cc95560c44", "6d4d5888398ad77465e9fd53996309187723e16509144aa6733015c960378e7a", "e0c88b4c0721bd451b7e720dfb0d0bb6b3853f0cbcf5570edd73367d0841be51", ], "threshold": 2, }, }, "expiration": "2022-10-31T18:00:00Z", "metadata_spec_version": "0.6.0", "timestamp": "2021-03-26T00:00:00Z", "type": "root", "version": 1, }, } KEY_MGR_FILE = "key_mgr.json"