From e78ff4a92ed5ab4cb14d3eb1e8cce9caa055bb7b Mon Sep 17 00:00:00 2001
From: Brianna Poulos <Brianna.Poulos@jhuapl.edu>
Date: Mon, 13 Jun 2016 12:57:42 -0400
Subject: [PATCH] Add image signature verification metadefs

Add the properties for signature verification to Glance's
Metadata Definitions Catalog.

These are defined as part of the merged spec at:
http://specs.openstack.org/openstack/glance-specs/specs/mitaka/approved/image-signing-and-verification-support.html

Change-Id: I749a31f67bdf0866e7349afcc60df490794f8736
---
 .../image-signature-verification.json         | 50 +++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 etc/metadefs/image-signature-verification.json

diff --git a/etc/metadefs/image-signature-verification.json b/etc/metadefs/image-signature-verification.json
new file mode 100644
index 0000000000..b5ec3c7cf8
--- /dev/null
+++ b/etc/metadefs/image-signature-verification.json
@@ -0,0 +1,50 @@
+{
+    "namespace": "OS::Glance::Signatures",
+    "display_name": "Image Signature Verification",
+    "description": "Image signature verification allows the user to verify that an image has not been modified prior to booting the image.",
+    "visibility": "public",
+    "protected": false,
+    "resource_type_associations": [
+        {
+            "name": "OS::Glance::Image"
+        }
+    ],
+    "properties": {
+        "img_signature": {
+            "title": "Image Signature",
+            "description": "The signature of the image data encoded in base64 format.",
+            "type": "string"
+        },
+        "img_signature_certificate_uuid": {
+            "title": "Image Signature Certificate UUID",
+            "description": "The UUID used to retrieve the certificate from the key manager.",
+            "type": "string"
+        },
+        "img_signature_hash_method": {
+            "title": "Image Signature Hash Method",
+            "description": "The hash method used in creating the signature.",
+            "type": "string",
+            "enum": [
+                "SHA-224",
+                "SHA-256",
+                "SHA-384",
+                "SHA-512"
+            ]
+        },
+        "img_signature_key_type": {
+            "title": "Image Signature Key Type",
+            "description": "The key type used in creating the signature.",
+            "type": "string",
+            "enum": [
+                "RSA-PSS",
+                "DSA",
+                "ECC_SECT571K1",
+                "ECC_SECT409K1",
+                "ECC_SECT571R1",
+                "ECC_SECT409R1",
+                "ECC_SECP521R1",
+                "ECC_SECP384R1"
+            ]
+        }
+    }
+}