### Full Manifest Structure Example Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/manifest.md A complete example of a manifest.json file, including payload, encryption, integrity, and assertion definitions. ```json { "tdf_spec_version": "1.0.0", // --- Payload Object --- "payload": { "type": "reference", "url": "0.payload", "protocol": "zip", "isEncrypted": true, "mimeType": "application/octet-stream" }, // --- Encryption Information Object --- "encryptionInformation": { "type": "split", // --- Key Access Array --- "keyAccess": [ { "type": "wrapped", "url": "http://kas.example.com:4000", "protocol": "kas", "wrappedKey": "YBkqvsiDnyDfw5JQzux2S2IaiClhsojZuLYY9WOc9N9l37A5/Zi7iloxcqgFvBFbzVjGW4QBwAHsytKQvE87bHTuQkZs4XyPACOZE/k9r+mK8KazcGTkOnqPKQNhf2XK4TBACJZ6eItO5Q1eHUQVLKjxUfgyx2TBDfhB/7XifNthu+6lFbKHmPl1q7q1Vaa/rpPRhSgqf89x5fQvcSWdkuOH9Y4wTa8tdKqSS3DUNMKTIUQq8Ti/WFrq26DRemybBgBcL/CyUZ98hFjDQgy4csBusEqwQ5zG+UAoRgkLkHiAw7hNAayAUCVRw6aUYRF4LWfcs2BM9k6d3bHqun0v5w==", "policyBinding": { "alg": "HS256", "hash": "ZGMwNGExZjg0ODFjNDEzZTk5NjdkZmI5MWFjN2Y1MzI0MTliNjM5MmRlMTlhYWM0NjNjN2VjYTVkOTJlODcwNA==" }, "encryptedMetadata": "OEOqJCS6mZsmLWJ38lh6EN2lDUA8OagL/OxQRQ==" } ], // --- Method Object --- "method": { "algorithm": "AES-256-GCM", "isStreamable": true, "iv": "OEOqJCS6mZsmLWJ3" }, // --- Integrity Information Object --- "integrityInformation": { "rootSignature": { "alg": "HS256", "sig": "YjliMzAyNjg4NzA0NzUyYmUwNzY1YWE4MWNhNDRmMDZjZDU3OWMyYTMzNjNlNDYyNTM4MDA4YjQxYTdmZmFmOA==" }, "segmentSizeDefault": 1000000, "segmentHashAlg": "GMAC", // --- Segments Array --- "segments": [ { "hash": "ZmQyYjY2ZDgxY2IzNGNmZTI3ODFhYTk2ZjJhNWNjODA=", "segmentSize": 14056, "encryptedSegmentSize": 14084 } ], "encryptedSegmentSizeDefault": 1000028 }, // --- Policy String --- "policy": "eyJ1dWlkIjoiNjEzMzM0NjYtNGYwYS00YTEyLTk1ZmItYjZkOGJkMGI4YjI2IiwiYm9keSI6eyJhdHRyaWJ1dGVzIjpbXSwiZGlzc2VtIjpbInVzZXJAdmlydHJ1LmNvbSJdfX0=" }, // --- Assertions Array --- "assertions": [ { "id": "nato-label-1", "type": "handling", "scope": "payload", "appliesToState": "encrypted", // --- Statement Object --- "statement": { "format": "json-structured", "schema": "urn:nato:stanag:4774:confidentialitymetadatalabel:1:0", "value": { "Xmlns": "urn:nato:stanag:4774:confidentialitymetadatalabel:1:0", "CreationTime": "2015-08-29T16:15:00Z", "ConfidentialityInformation": { "PolicyIdentifier": "NATO", "Classification": "SECRET", "Category": { "Type": "PERMISSIVE", "TagName": "Releasable to", "GenericValues": [ "SWE", "FIN", "FRA" ] } } } }, // --- Binding Object --- "binding": { "method": "jws", "signature": "eyJhbGciOiJIUzI1NiJ9.eyJzY2hlbWEiOiJ1cm46bmF0bzpzdGFuYWc6NDc3NDpjb25maWRlbnRpYWxpdHltZXRhZGF0YWxhYmVsOjE6MCIsImZvcm1hdCI6Impzb24tc3RydWN0dXJlZCIsInZhbHVlIjp7IlhtbG5zIjoidXJuOm5hdG86c3RhbmFnOjQ3NzQ6Y29uZmlkZW50aWFsaXR5bWV0YWRhdGFsYWJlbDoxOjAiLCJDcmVhdGlvblRpbWUiOiIyMDE1LTA4LTI5VDE2OjE1OjAwWiIsIkNvbmZpZGVudGlhbGl0eUluZm9ybWF0aW9uIjp7IlBvbGljeUlkZW50aWZpZXIiOiJOQVRPIiwiQ2xhc3NpZmljYXRpb24iOiJTRUNSRVQiLCJDYXRlZ29yeSI6eyJNeXBlIjoiUEVSTUlTU0lWRSIsIlRhZ05hbWUiOiJSZWxlYXNhYmxlIHRvIiwiR2VuZXJpY1ZhbHVlcyI6WyJTV0UiLCJGSU4iLCJGUkEiXX19fX0.FakeBindingSignatureExample" } } ] } ``` -------------------------------- ### Assertions Array Example Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/assertion.md Shows the structure of an assertions array containing a single assertion object. ```json "assertions": [ { "id": "handling-assertion-1", "type": "handling", "scope": "payload", "appliesToState": "encrypted", "statement": { /* See Statement Object */ }, "binding": { /* See Binding Object */ } } ] ``` -------------------------------- ### Assertion Binding Object Example Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/assertion_binding.md A standard JSON representation of the binding object using JWS. ```json "binding": { "method": "jws", "signature": "eyJhbGciOiJSUzI1NiJ9..." // Base64URL encoded JWS string } ``` -------------------------------- ### Define segment object Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/integrity_information.md Example structure of an individual segment object containing hash and size information. ```json { "hash": "NzhlZDg5OWMwZWVhZDBjMWEzZTQyYmFlODA0NjNlMDM=", "segmentSize": 14056, "encryptedSegmentSize": 14084 } ``` -------------------------------- ### Define integrityInformation object Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/integrity_information.md Example structure of the integrityInformation object nested within encryptionInformation. ```json "integrityInformation": { "rootSignature": { "alg": "HS256", "sig": "M2E2MTI5YmMxMW...WNlMWVjYjlmODUzNmNiZQ==" // Base64 encoded signature }, "segmentHashAlg": "GMAC", "segments": [ { /* See Segment Object */ } ], "segmentSizeDefault": 1000000, "encryptedSegmentSizeDefault": 1000028 } ``` -------------------------------- ### Generate a changelog file Source: https://github.com/opentdf/spec/blob/main/CONTRIBUTING.md Use this command to export the list of version tags and annotations into a file named CHANGELOG. ```bash git tag -n --sort=-v:refname > CHANGELOG ``` -------------------------------- ### Tag a version with annotation Source: https://github.com/opentdf/spec/blob/main/CONTRIBUTING.md Use this command to create a signed, annotated Git tag for a specific version release. ```bash git tag -s 4.1.0 -m "Spec version 4.1.0 - twiddled a doohickey" ``` -------------------------------- ### Generate a version history Source: https://github.com/opentdf/spec/blob/main/CONTRIBUTING.md Use this command to list all Git tags with their associated annotation messages. ```bash git tag -n ``` -------------------------------- ### Define an Attribute Instance Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/attributes.md Represents a single attribute instance using the required URI format. ```json { "attribute": "https://example.com/attr/classification/value/topsecret" } ``` -------------------------------- ### Sign off older commits using interactive rebase Source: https://github.com/opentdf/spec/blob/main/CONTRIBUTING.md Use interactive rebase to apply sign-offs to multiple previous commits. ```bash git rebase -i --signoff HEAD~N # Replace N with the number of commits to rebase ``` -------------------------------- ### Method Object JSON Structure Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/method.md Defines the required fields for the method object, including algorithm, streamability, and the Base64 encoded IV. ```json "method": { "algorithm": "AES-256-GCM", "isStreamable": true, "iv": "D6s7cSgFXzhVkran" // Base64 encoded IV } ``` -------------------------------- ### Key Access Object JSON Structure Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/key_access_object.md Represents the schema for a wrapped key access object including KAS URL, protocol, and policy binding. ```json { "type": "wrapped", "url": "https://kas.example.com:5000", "kid": "6f3b6a82-2f30-4c8a-aef3-57c65b8e7387", // Optional KAS Key ID "sid": "split-id-1", // Optional Split ID "protocol": "kas", "wrappedKey": "OqnOE...B82uw==", // Base64 encoded wrapped key "policyBinding": { "alg": "HS256", "hash": "BzmgoIxZzMmIF42qzbdD4Rw30GtdaRSQL2Xlfms1OPs=" // Base64 encoded hash }, "encryptedMetadata": "ZoJTNW24UMhnXIif0mSnqLVCU=" // Base64 encoded encrypted metadata } ``` -------------------------------- ### Encryption Information Object Structure Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/encryption_information.md Represents the required fields for the encryptionInformation object in a TDF manifest. ```json "encryptionInformation": { "type": "split", "keyAccess": [ { /* See Key Access Object */ } ], "method": { /* See Method Object */ }, "integrityInformation": { /* See Integrity Information Object */ }, "policy": "eyJ1dWlkIjoiNGYw...vbSJdfX0=" // Base64 encoded Policy Object JSON } ``` -------------------------------- ### Sign off a commit using the -s flag Source: https://github.com/opentdf/spec/blob/main/CONTRIBUTING.md Use the -s flag during a commit to automatically append the required Signed-off-by line. ```bash git commit -s -m "Your descriptive commit message here" ``` -------------------------------- ### Decoded Policy Object JSON Structure Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/policy.md Represents the base structure of a decoded policy object before it is Base64 encoded for the manifest. ```json { "uuid": "1111-2222-33333-44444-abddef-timestamp", "body": { "dataAttributes": [], "dissem": ["user-id@domain.com"] }, } ``` -------------------------------- ### Amend the most recent commit with a sign-off Source: https://github.com/opentdf/spec/blob/main/CONTRIBUTING.md Use this command to add a sign-off to the last commit if it was forgotten. ```bash git commit --amend -s ``` -------------------------------- ### Payload Object JSON Structure Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/payload.md Represents the required metadata fields for a TDF payload reference. ```json "payload": { "type": "reference", "url": "0.payload", "protocol": "zip", "isEncrypted": true, "mimeType": "application/pdf" } ``` -------------------------------- ### Assertion Statement JSON Structure Source: https://github.com/opentdf/spec/blob/main/schema/OpenTDF/assertion_statement.md Represents the JSON structure of a statement object containing a structured value. ```json "statement": { "schema": "urn:nato:stanag:4774:confidentialitymetadatalabel:1:0", "format": "json-structured", "value": { "Xmlns": "urn:nato:stanag:4774:confidentialitymetadatalabel:1:0", "CreationTime": "2015-08-29T16:15:00Z", "ConfidentialityInformation": { /* ... specific assertion info ... */ } } } ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.