Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add high-level APIs to sign and verify Python artifacts #8

Merged
merged 5 commits into from
May 8, 2024
+263 −146
Merged

Add high-level APIs to sign and verify Python artifacts #8

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
fc92556
Add high-level APIs to sign and verify Python artifacts
facutuesca May 3, 2024
a487f47
Add a verification test that doesn't mock the sigstore verifier
facutuesca May 3, 2024
7fd87f5
Update sigstore dependency
facutuesca May 7, 2024
8d646bf
Fix type error
facutuesca May 7, 2024
d95bd5d
Raise own exception class for verification errors
facutuesca May 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 36 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,42 @@ python -m pip install pypi-attestation-models

See the full API documentation [here].


### Signing and verification
Use these APIs to create a PEP 740-compliant `Attestation` object by signing a Python artifact
(i.e: sdist or wheel files), and to verify an `Attestation` object against a Python artifact.

```python
from pathlib import Path

from pypi_attestation_models import Attestation, AttestationPayload
from sigstore.oidc import Issuer
from sigstore.sign import SigningContext
from sigstore.verify import Verifier, policy

artifact_path = Path("test_package-0.0.1-py3-none-any.whl")

# Sign a Python artifact
issuer = Issuer.production()
identity_token = issuer.identity_token()
signing_ctx = SigningContext.production()
with signing_ctx.signer(identity_token, cache=True) as signer:
attestation = AttestationPayload.from_dist(artifact_path).sign(signer)

print(attestation.model_dump_json())

# Verify an attestation against a Python artifact
attestation_path = Path("test_package-0.0.1-py3-none-any.whl.attestation")
attestation = Attestation.model_validate_json(attestation_path.read_bytes())
verifier = Verifier.production()
policy = policy.Identity(identity="example@gmail.com", issuer="https://accounts.google.com")
attestation.verify(verifier, policy, attestation_path)

```

### Low-level model conversions
These conversions assume that any Sigstore Bundle used as an input was created
by signing an `AttestationPayload` object.
```python
from pathlib import Path
from pypi_attestation_models import pypi_to_sigstore, sigstore_to_pypi, Attestation
Expand Down
6 changes: 3 additions & 3 deletions pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ classifiers = [
"Programming Language :: Python :: 3",
"License :: OSI Approved :: Apache Software License",
]
dependencies = ["cryptography", "pydantic", "sigstore==3.0.0rc1"]
dependencies = ["cryptography", "pydantic", "sigstore==3.0.0rc2"]
requires-python = ">=3.9"

[project.optional-dependencies]
Expand Down Expand Up @@ -73,11 +73,11 @@ target-version = "py39"

[tool.ruff.lint]
select = ["ALL"]
# ANN102 is deprecated
# ANN101 and ANN102 are deprecated
# D203 and D213 are incompatible with D211 and D212 respectively.
# COM812 and ISC001 can cause conflicts when using ruff as a formatter.
# See https://docs.astral.sh/ruff/formatter/#conflicting-lint-rules.
ignore = ["ANN102", "D203", "D213", "COM812", "ISC001"]
ignore = ["ANN101", "ANN102", "D203", "D213", "COM812", "ISC001"]

[tool.ruff.lint.per-file-ignores]

Expand Down
20 changes: 19 additions & 1 deletion src/pypi_attestation_models/_impl.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,10 @@
if TYPE_CHECKING:
from pathlib import Path # pragma: no cover

from sigstore.sign import Signer # pragma: no cover
from sigstore.verify import Verifier # pragma: no cover
from sigstore.verify.policy import VerificationPolicy # pragma: no cover


class ConversionError(ValueError):
"""The base error for all errors during conversion."""
Expand Down Expand Up @@ -72,6 +76,15 @@ class Attestation(BaseModel):
is the raw bytes of the signing operation over the attestation payload.
"""

def verify(self, verifier: Verifier, policy: VerificationPolicy, dist: Path) -> None:
"""Verify against an existing Python artifact.

On failure, raises `sigstore.errors.InvalidAttestationError`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this correct? I think InvalidAttestationError isn't a type in sigstore-python

Copy link
Collaborator Author

@facutuesca facutuesca May 7, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

True, the docstring is wrong here. Do we want to wrap sigstore's VerificationError with our own exception class, or just use sigstore's?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I suppose we should have it be our own -- wrapping makes sense to me 🙂

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed!

"""
payload_to_verify = AttestationPayload.from_dist(dist)
bundle = pypi_to_sigstore(self)
verifier.verify_artifact(bytes(payload_to_verify), bundle, policy)


class AttestationPayload(BaseModel):
"""Attestation Payload object as defined in PEP 740."""
Expand All @@ -94,6 +107,11 @@ def from_dist(cls, dist: Path) -> AttestationPayload:
digest=sha256(dist.read_bytes()).hexdigest(),
)

def sign(self, signer: Signer) -> Attestation:
"""Create a PEP 740 attestation by signing this payload."""
sigstore_bundle = signer.sign_artifact(bytes(self))
return sigstore_to_pypi(sigstore_bundle)

def __bytes__(self: AttestationPayload) -> bytes:
"""Convert to bytes using a canonicalized JSON representation (from RFC8785)."""
return rfc8785.dumps(self.model_dump())
Expand All @@ -110,7 +128,7 @@ def sigstore_to_pypi(sigstore_bundle: Bundle) -> Attestation:
version=1,
verification_material=VerificationMaterial(
certificate=b64encode(certificate).decode("ascii"),
transparency_entries=[sigstore_bundle.log_entry._to_dict_rekor()], # noqa: SLF001
transparency_entries=[TransparencyLogEntry(sigstore_bundle.log_entry._to_dict_rekor())], # noqa: SLF001
),
message_signature=b64encode(signature).decode("ascii"),
)
Expand Down
45 changes: 22 additions & 23 deletions test/assets/rfc8785-0.1.2-py3-none-any.whl.attestation
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,49 +1,48 @@
{
"version": 1,
"verification_material": {
"certificate": "MIIC1zCCAl2gAwIBAgIUZk9ToGFUJexy+/rxwIF8BB+3C5YwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjQwNDI5MTY1MTMzWhcNMjQwNDI5MTcwMTMzWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEM5H5f7A4HutVTfKFimTd2UbTzgUOY7rph9GKqgsZ7ChAp8FGJbrrgn6o+nprUEFKqEaIi+fWQJvR+RJkoQcWMKOCAXwwggF4MA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUnrc9nJ2dxJd1a5sCFj/P+y3MuhQwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wLAYDVR0RAQH/BCIwIIEeZmFjdW5kby50dWVzY2FAdHJhaWxvZmJpdHMuY29tMCkGCisGAQQBg78wAQEEG2h0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbTArBgorBgEEAYO/MAEIBB0MG2h0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbTCBigYKKwYBBAHWeQIEAgR8BHoAeAB2AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABjyrE0sQAAAQDAEcwRQIhAORhP1HaCcD4QK8+8VcNL46W0AAk6cIDUAH3SV4stJUVAiBafyw+FTpgvoTU+2U7QCyjlQZ5J2dPpVqv9Up3vV2GTDAKBggqhkjOPQQDAwNoADBlAjEAzoA4cMHxHCEXA80ahwJUSz/1kYotTXRNzeWU69SyaZE7Po+vZ5/ANfKvbCv9s19rAjABbw/INkA4dGKWEDNtSjnloZuH5N9aPBOV425+iKCe2bmf9cYVlFvCbGmHiEg/r5k=",
"certificate": "MIIC1jCCAlygAwIBAgIUTDMXIHMGbNF+Sm0qoQoj35hY3zkwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjQwNTAzMTQwNTU0WhcNMjQwNTAzMTQxNTU0WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqv2vvFAD66IdGSg/+JbB/nYfook1FqpmM773o9MdVZktl1LkUWAU8SzaZhSso/7qVriyH/S8km0HqTVMzuZ+SaOCAXswggF3MA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQU5TQvo55q5OXkVFmYDsR93Neffq0wHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wLAYDVR0RAQH/BCIwIIEeZmFjdW5kby50dWVzY2FAdHJhaWxvZmJpdHMuY29tMCkGCisGAQQBg78wAQEEG2h0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbTArBgorBgEEAYO/MAEIBB0MG2h0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbTCBiQYKKwYBBAHWeQIEAgR7BHkAdwB1AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABjz7Gm3oAAAQDAEYwRAIgGkFpx5q3NzmgBIPywysdADDRRRPM/xsa8Fkfva+chKECIAu5HgO2eKsdc9pohmgn/modVcJ1Q5Muou9d4l1c5fXyMAoGCCqGSM49BAMDA2gAMGUCMHschAnWt88W4cu35dEv0MJ72s3BZsudUQzZ8dtg0xBlF3uwdDoprNfbA2tM5piDlAIxAMBg5Dqx0BV/9Rp/QMLhb+aGqZm7n7E5GkXJpHA8TySZamdyYuRlEiPf4cj7x/ruyw==",
"transparency_entries": [
{
"logIndex": "89569370",
"logIndex": "90818200",
"logId": {
"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="
},
"kindVersion": {
"kind": "hashedrekord",
"version": "0.0.1"
},
"integratedTime": "1714409493",
"integratedTime": "1714745154",
"inclusionPromise": {
"signedEntryTimestamp": "MEUCIQC29r0j8BCu5Zye9dvFaVBmCFzHIDBDDWH+LqcZ8aTAyAIgas85UjhG4jrVwqBr/U/nQ86vwOWQnHKjGnd/bdnQafQ="
"signedEntryTimestamp": "MEUCIQCyiwcUzPS8I8WKRuLGelfRdlmx/AtM6TwMmyvK8utURwIgDKtqe3gaZe8bbVupw3HJm4nzvpYAZHaHmv/cCbJRYlo="
},
"inclusionProof": {
"logIndex": "85405939",
"rootHash": "CdYMKt8P8arrU1iilSLHbPDwMzhWgUbA6xvb1DSZktc=",
"treeSize": "85405941",
"logIndex": "86654769",
"rootHash": "rpJ6l1p+pM8A+nMvMT80o0+qrCozIEfbG6qa0psYB0U=",
"treeSize": "86654770",
"hashes": [
"btr1R1ZOzi0Kqk+vdfHrDcC1zasNMvXaNehse4NeMu8=",
"8IgEN8pEU3WrVRCsbbCkFHeamV5xoyN1OByng98lPow=",
"i6x3rMfR1HZCafUIGTyYgvtfwjF9zUe9Q5MPKNdWhS8=",
"kE6NsBxRpnT9Q/DgLDqQELBaor5pThUMmHIRuKapA7c=",
"Y55DSeWN5DUnIuvK5RRsaF4b35EtjKasFpV2n2LfrA0=",
"UeVeMpyn/bEywYJvThS5PltcrELznbc/OFTARixCNUQ=",
"MaMJLiuvSigqcgOZ6BulADPyhWaoYE1C+sGj/twciwM=",
"YrLY+ujALEUYcIeyq2ri+QBsl7Sxh+frMg7GlVcIvZ0=",
"27GLifvQI1aATtmSwJQGmbKXDoBpa0R5Q8fQUuX3/kQ=",
"xhLV7tE4kPldhHSKGpGuBkcxIUSpEvNntVSzM+5raW4=",
"btR5C6cRDz4AcGce5sOqhKIlEYTQ29AJLmv7L3kPyDI=",
"TuI0yJQvmNIs3J9pfzPMu2aYibKQ0MUpGgkcmjsS30g=",
"TxcrLS66touilnjU30hIZ8JkbH6bfnBbD6pQ5OoIpXs=",
"9X9+Ewnt1Jv3SVUsUbtRTb8QezxTGW71hfmYyj4urho=",
"XMz5WH5iwOITJcBdVsAUj+h1uxgH8EPXezgGg4lNP5M=",
"LLawJ9A3X4PEGMwFRwVbwhUxkHMJj9wFemKagvJlDFw=",
"7PXuijLdBg+hW8HdjY+IyuFgLXvlTKOKqHRFTMJB4Ko=",
"er0Z148pal4gYGSVfQ/rvzPKTc1EIDd7pYQjHd7RtKk=",
"ZmLzbyYsyxNDvtbH/T00VHzMFhW8WBS9lgPH2rlNFMY=",
"DH+I5x/ZvX3i2Ysc2divZ/6MK1e3ppSmNtUTg+CQwEw=",
"nrCOZ+D41yjNI2zgMlBLN0LHOn5OP4sJYffOuoPgSJg=",
"vQtr96qBr+8s4Up0YK2ibgbVOYyLK4e8zsjHOyMnOM4=",
"4GdrZvm4dTLD8P8KPOQx8Op0UOT7XbRS1WG43uXseJU=",
"fp4aY4dEhrMBmS4ex9s/lm8UPsk42eWg77zd+uJn0F4=",
"2aaLz8XcvX3I3Ihft0W701fVKICZLYtBIxRbPmdkcZ0=",
"sjohk/3DQIfXTgf/5XpwtdF7yNbrf8YykOMHr1CyBYQ=",
"98enzMaC+x5oCMvIZQA5z8vu2apDMCFvE/935NfuPw8="
],
"checkpoint": {
"envelope": "rekor.sigstore.dev - 2605736670972794746\n85405941\nCdYMKt8P8arrU1iilSLHbPDwMzhWgUbA6xvb1DSZktc=\n\n— rekor.sigstore.dev wNI9ajBGAiEAkEVEjIsNbuvKywuzjow1tyD1IkIpHu/bCVK73fSpBzECIQD5ctzIS0Rp3cC3PF0ZcFEP8ObC2KJqojg4hfKjFxxy9A==\n"
"envelope": "rekor.sigstore.dev - 2605736670972794746\n86654770\nrpJ6l1p+pM8A+nMvMT80o0+qrCozIEfbG6qa0psYB0U=\n\n— rekor.sigstore.dev wNI9ajBFAiBXlxCjY0PMu4XUVJa/auC+EwEJws9xXfEbiYRM5uIjpgIhAKRduPCMlSRhNCQeGUifB2nAkKJDGlOJa75mkYYrrVMK\n"
}
},
"canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJjNGU5MmU5ZWNjODI4YmVmMmFhN2RiYTFkZThhYzk4MzUxMWY3NTMyYTBkZjExYzc3MGQzOTA5OWEyNWNmMjAxIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJSGlXY2JRY2szTzE2K3dGR3pyR09sYWVWRkpodkNwT1EwajZJd0ZtUnp0YUFpQWJWL3NOSWg0OFJQSHdIdm9IZklDcFA3Y29seGpjbUx6WEhsU2pleGEvUVE9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXhla05EUVd3eVowRjNTVUpCWjBsVldtczVWRzlIUmxWS1pYaDVLeTl5ZUhkSlJqaENRaXN6UXpWWmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFJkMDVFU1RWTlZGa3hUVlJOZWxkb1kwNU5hbEYzVGtSSk5VMVVZM2ROVkUxNlYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZOTlVnMVpqZEJORWgxZEZaVVprdEdhVzFVWkRKVllsUjZaMVZQV1RkeWNHZzVSMHNLY1dkeldqZERhRUZ3T0VaSFNtSnljbWR1Tm04cmJuQnlWVVZHUzNGRllVbHBLMlpYVVVwMlVpdFNTbXR2VVdOWFRVdFBRMEZZZDNkblowWTBUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZ1Y21NNUNtNUtNbVI0U21ReFlUVnpRMFpxTDFBcmVUTk5kV2hSZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDB4QldVUldVakJTUVZGSUwwSkRTWGRKU1VWbFdtMUdhbVJYTld0aWVUVXdaRmRXZWxreVJrRmtTRXBvWVZkNGRscHRTbkJrU0UxMVdUSTVkQXBOUTJ0SFEybHpSMEZSVVVKbk56aDNRVkZGUlVjeWFEQmtTRUo2VDJrNGRsbFhUbXBpTTFaMVpFaE5kVm95T1haYU1uaHNURzFPZG1KVVFYSkNaMjl5Q2tKblJVVkJXVTh2VFVGRlNVSkNNRTFITW1nd1pFaENlazlwT0haWlYwNXFZak5XZFdSSVRYVmFNamwyV2pKNGJFeHRUblppVkVOQ2FXZFpTMHQzV1VJS1FrRklWMlZSU1VWQloxSTRRa2h2UVdWQlFqSkJUakE1VFVkeVIzaDRSWGxaZUd0bFNFcHNiazUzUzJsVGJEWTBNMnA1ZEM4MFpVdGpiMEYyUzJVMlR3cEJRVUZDYW5seVJUQnpVVUZCUVZGRVFVVmpkMUpSU1doQlQxSm9VREZJWVVOalJEUlJTemdyT0ZaalRrdzBObGN3UVVGck5tTkpSRlZCU0ROVFZqUnpDblJLVlZaQmFVSmhabmwzSzBaVWNHZDJiMVJWS3pKVk4xRkRlV3BzVVZvMVNqSmtVSEJXY1hZNVZYQXpkbFl5UjFSRVFVdENaMmR4YUd0cVQxQlJVVVFLUVhkT2IwRkVRbXhCYWtWQmVtOUJOR05OU0hoSVEwVllRVGd3WVdoM1NsVlRlaTh4YTFsdmRGUllVazU2WlZkVk5qbFRlV0ZhUlRkUWJ5dDJXalV2UVFwT1prdDJZa04yT1hNeE9YSkJha0ZDWW5jdlNVNXJRVFJrUjB0WFJVUk9kRk5xYm14dlduVklOVTQ1WVZCQ1QxWTBNalVyYVV0RFpUSmliV1k1WTFsV0NteEdka05pUjIxSWFVVm5MM0kxYXowS0xTMHRMUzFGVGtRZ1EwVlNWRWxHU1VOQlZFVXRMUzB0TFFvPSJ9fX19"
"canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJmMTQ2ZmY4NWMxMGZjMTg4ODM0MDVjMWQ5Mzc0NjIzZWI3YzI5ZjRlYTRiYTYyYzZmNWUyYzZmMTc5M2ZiZDEwIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUUMvd1ZYcTlBeWExQW1JZlgzZmVoSUZTbkN1Q0tzNGhWTks1eGJ3ckVtV1d3SWdHMzhtcmtsOHhmNG1SYWhmYmNIckVTdFZYYjg3enFySVFoT1BUOVJTcFdFPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXhha05EUVd4NVowRjNTVUpCWjBsVlZFUk5XRWxJVFVkaVRrWXJVMjB3Y1c5UmIyb3pOV2haTTNwcmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFJkMDVVUVhwTlZGRjNUbFJWTUZkb1kwNU5hbEYzVGxSQmVrMVVVWGhPVkZVd1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZ4ZGpKMmRrWkJSRFkyU1dSSFUyY3ZLMHBpUWk5dVdXWnZiMnN4Um5Gd2JVMDNOek1LYnpsTlpGWmFhM1JzTVV4clZWZEJWVGhUZW1GYWFGTnpieTgzY1ZaeWFYbElMMU00YTIwd1NIRlVWazE2ZFZvclUyRlBRMEZZYzNkblowWXpUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlUxVkZGMkNtODFOWEUxVDFoclZrWnRXVVJ6VWprelRtVm1abkV3ZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDB4QldVUldVakJTUVZGSUwwSkRTWGRKU1VWbFdtMUdhbVJYTld0aWVUVXdaRmRXZWxreVJrRmtTRXBvWVZkNGRscHRTbkJrU0UxMVdUSTVkQXBOUTJ0SFEybHpSMEZSVVVKbk56aDNRVkZGUlVjeWFEQmtTRUo2VDJrNGRsbFhUbXBpTTFaMVpFaE5kVm95T1haYU1uaHNURzFPZG1KVVFYSkNaMjl5Q2tKblJVVkJXVTh2VFVGRlNVSkNNRTFITW1nd1pFaENlazlwT0haWlYwNXFZak5XZFdSSVRYVmFNamwyV2pKNGJFeHRUblppVkVOQ2FWRlpTMHQzV1VJS1FrRklWMlZSU1VWQloxSTNRa2hyUVdSM1FqRkJUakE1VFVkeVIzaDRSWGxaZUd0bFNFcHNiazUzUzJsVGJEWTBNMnA1ZEM4MFpVdGpiMEYyUzJVMlR3cEJRVUZDYW5vM1IyMHpiMEZCUVZGRVFVVlpkMUpCU1dkSGEwWndlRFZ4TTA1NmJXZENTVkI1ZDNselpFRkVSRkpTVWxCTkwzaHpZVGhHYTJaMllTdGpDbWhMUlVOSlFYVTFTR2RQTW1WTGMyUmpPWEJ2YUcxbmJpOXRiMlJXWTBveFVUVk5kVzkxT1dRMGJERmpOV1pZZVUxQmIwZERRM0ZIVTAwME9VSkJUVVFLUVRKblFVMUhWVU5OU0hOamFFRnVWM1E0T0ZjMFkzVXpOV1JGZGpCTlNqY3ljek5DV25OMVpGVlJlbG80WkhSbk1IaENiRVl6ZFhka1JHOXdjazVtWWdwQk1uUk5OWEJwUkd4QlNYaEJUVUpuTlVSeGVEQkNWaTg1VW5BdlVVMU1hR0lyWVVkeFdtMDNiamRGTlVkcldFcHdTRUU0VkhsVFdtRnRaSGxaZFZKc0NrVnBVR1kwWTJvM2VDOXlkWGwzUFQwS0xTMHRMUzFGVGtRZ1EwVlNWRWxHU1VOQlZFVXRMUzB0TFFvPSJ9fX19"
}
]
},
"message_signature": "MEQCIHiWcbQck3O16+wFGzrGOlaeVFJhvCpOQ0j6IwFmRztaAiAbV/sNIh48RPHwHvoHfICpP7colxjcmLzXHlSjexa/QQ=="
"message_signature": "MEUCIQC/wVXq9Aya1AmIfX3fehIFSnCuCKs4hVNK5xbwrEmWWwIgG38mrkl8xf4mRahfbcHrEStVXb87zqrIQhOPT9RSpWE="
}
Loading