Improve rules through laysound PyPi analysis #46
Merged
Chainguard Enforce / Enforce - Commit Signing
succeeded
Mar 12, 2024 in 0s
Successfully verified commit signature.
CLAIM | DESCRIPTION | |
---|---|---|
✅ | Found Git signature | |
✅ | Validated Git signature | |
✅ | Validated Rekor entry | |
✅ | Allowed by policy |
Details
Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 322645705114253470489463201899024399961330314168 (0x3883ef0d327b77eece3be2425d27d3942a6c6bb8)
Signature Algorithm: ECDSA-SHA384
Issuer: O=sigstore.dev,CN=sigstore-intermediate
Validity
Not Before: Mar 12 14:52:43 2024 UTC
Not After : Mar 12 15:02:43 2024 UTC
Subject: Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
3e:70:30:42:e1:e0:38:1d:4f:6f:73:22:4b:ce:00:
c0:e8:b8:0b:cf:72:99:87:9e:1b:f2:f0:b9:48:fc:
54:64
Y:
89:b2:36:9e:58:93:ed:0c:d5:79:22:c8:a3:0c:f1:
2a:4b:42:a3:ca:e9:00:fc:b6:23:e3:73:bd:88:39:
3a:a0
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
Code Signing
X509v3 Subject Key Identifier:
60:BA:AE:87:84:6D:90:0D:E0:82:FE:F0:63:7A:DE:80:01:50:57:29
X509v3 Authority Key Identifier:
keyid:DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
X509v3 Subject Alternative Name: critical
email:t+github@chainguard.dev
oidcIssuer:
https://github.com/login/oauth
Unknown extension 1.3.6.1.4.1.57264.1.8
Signed Certificate Timestamp:
BHsAeQB3AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABjjMmyGkAAAQDAEgwRgIhAOwnwnI5GqlYMW8EQ5gMRqWu4RV2KwYcfbDQ92vSMj29AiEAvpngS/il3WPeqsblngFdb1UPsl0vBj/+JfELIJt/odU=
Signature Algorithm: ECDSA-SHA384
30:65:02:31:00:8b:bd:d7:d6:20:f1:d1:05:80:f5:62:93:76:
88:b1:48:64:30:75:2b:cf:34:99:f4:96:63:c2:c4:ce:96:4d:
dc:8a:7a:09:59:52:f6:7c:70:09:2b:29:7d:a9:a4:21:42:02:
30:19:5e:63:de:d7:02:dd:cb:76:c9:e6:1c:eb:58:47:60:04:
fc:ad:dc:ef:42:6a:b7:c9:00:cf:53:9e:45:42:91:f8:32:25:
48:55:bc:b2:ad:0c:dd:ad:ef:2c:f9:01:64
Rekor Entry
{
"body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIzNmU4N2QzOTkzMzc2YTRjYmVlNmQxZjMxOGQ4MWU3ZGJiMTZhZTVmMDdmOTI3MmZlYjVhMTZjMDc3ZjI4ZGI5In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJRmRyRGpvTEtZRG1xaTJMVTFyc1FJMTlsak9XTGZLdjdIUGovUldQNGQzcUFpRUF4TVpCUEQ2M0E3K2JYSThPSkpXZWRvaElMSWp4WXJyR0xpVS92ZzlrY1FnPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXhla05EUVd3eVowRjNTVUpCWjBsVlQwbFFka1JVU2pka0t6ZFBUeXRLUTFoVFpsUnNRM0J6WVRkbmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFJkMDE2UlhsTlZGRXhUV3BSZWxkb1kwNU5hbEYzVFhwRmVVMVVWWGROYWxGNlYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZRYmtGM1VYVklaMDlDTVZCaU0wMXBVemcwUVhkUGFUUkRPRGw1YlZsbFpVY3ZUSGNLZFZWcU9GWkhVMHB6YW1GbFYwcFFkRVJPVmpWSmMybHFSRkJGY1ZNd1MycDVkV3RCTDB4WmFqUXpUemxwUkdzMmIwdFBRMEZZZDNkblowWTBUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZaVEhGMUNtZzBVblJyUVROblozWTNkMWt6Y21WblFVWlJWbmxyZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBwUldVUldVakJTUVZGSUwwSkNjM2RIV1VWWVpFTjBibUZZVW05a1YwcEJXVEpvYUdGWE5XNWtWMFo1V2tNMWExcFlXWGRNUVZsTFMzZFpRZ3BDUVVkRWRucEJRa0ZSVVdWaFNGSXdZMGhOTmt4NU9XNWhXRkp2WkZkSmRWa3lPWFJNTW5oMldqSnNkVXd5T1doa1dGSnZUVU0wUjBOcGMwZEJVVkZDQ21jM09IZEJVV2RGU1VGM1pXRklVakJqU0UwMlRIazVibUZZVW05a1YwbDFXVEk1ZEV3eWVIWmFNbXgxVERJNWFHUllVbTlOU1VkTVFtZHZja0puUlVVS1FXUmFOVUZuVVVOQ1NEQkZaWGRDTlVGSVkwRXpWREIzWVhOaVNFVlVTbXBIVWpSamJWZGpNMEZ4U2t0WWNtcGxVRXN6TDJnMGNIbG5Remh3TjI4MFFRcEJRVWRQVFhsaVNXRlJRVUZDUVUxQlUwUkNSMEZwUlVFM1EyWkRZMnByWVhGV1ozaGlkMUpFYlVGNFIzQmhOMmhHV0ZseVFtaDRPWE5PUkROaE9VbDVDbEJpTUVOSlVVTXJiV1ZDVEN0TFdHUlpPVFp4ZUhWWFpVRldNWFpXVVN0NVdGTTRSMUF2Tkd3NFVYTm5iVE1yYURGVVFVdENaMmR4YUd0cVQxQlJVVVFLUVhkT2IwRkVRbXhCYWtWQmFUY3pXREZwUkhnd1VWZEJPVmRMVkdSdmFYaFRSMUYzWkZOMlVFNUtiakJzYlZCRGVFMDJWMVJrZVV0bFoyeGFWWFphT0FwalFXdHlTMWd5Y0hCRFJrTkJha0ZhV0cxUVpURjNUR1I1TTJKS05XaDZjbGRGWkdkQ1VIbDBNMDg1UTJGeVprcEJUVGxVYm10V1EydG1aM2xLVldoV0NuWk1TM1JFVGpKME4zbDZOVUZYVVQwS0xTMHRMUzFGVGtRZ1EwVlNWRWxHU1VOQlZFVXRMUzB0TFFvPSJ9fX19",
"integratedTime": 1710255163,
"logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"logIndex": 77537788,
"verification": {
"inclusionProof": {
"checkpoint": "rekor.sigstore.dev - 2605736670972794746\n73374419\ngppESICHjPhdGdaysP6El33Ksu02vKqEaR8ByippowE=\n\n— rekor.sigstore.dev wNI9ajBGAiEA67oB/+68JcpPQcbHD3Vom1rmseEQRbHGJtHQBOVeN5YCIQC4fouQt/WBBR4xkgl1DOKBPmUge6vWZOOTDPiwwKxcIg==\n",
"hashes": [
"fc0f775401430a2f1de0b593bc0894ede7b60ce792833f1bfb840730c511aee4",
"e487941fb63ab8609a7493e5ebb173a84434bee570220b6082bc824d1b9c2c86",
"4a0795cbe28f39ffc322cd190deea4682801ea83b5e10a858dac77c64d3a3dd5",
"78414dc549402dd2613976459bcf46773f7271acf9799449629accdef53e6eea",
"107509e5d24315fe4901c986c7e6207dd0ef04e4a84c8f43c30d367f7b2eb6a4",
"3cb6ab635d8732085f92feaaa7dc5d77425caf7ded95c26a9e74a6d4648f57b1",
"b40c75c79233e37c2600ed0d162d95fb324d1f483372353d9138d712a734ca4c",
"3394a698ab6bf4dd4e57806b7fd7cc30dee1fa041907852ca61ad261e267cbd2",
"913fa2be015a08c713c6b9b5cccd62b4586fbef5d025d9e2037657e6383fea03",
"3fdda450cc080e3746a707c264b7b94fe4e48167c63a091a772215670743666e",
"80feba071afebf1d8b0cdf26bd6d3d63da9f41c7838171f6cb0f96f50c5611e4",
"1f9ef77a649b990774a84ece056e2a03b0b7f5e36bacffc79edb80948f4a4a42",
"9982ac0f5cbc7484266a9a9a68e8459431e29090af30d2f6a01c94b97667d11f",
"9eaece324fda38254f2c39647354a18ae032f4473ef23c14cf70da3693659803",
"4b5d81cd6527596848007a5cb228113d2fd9e98ee73e875178ac5f96ac40b6a9",
"bed1c09797a2af2caa077b93729e972b02c94baf1170d6628edaaaef2943804c",
"8b7f12fbed9ba843cd1c942797a45b9ba6f62fb4b0ae8930e3ac864456c1400c",
"ed9d7c60b040bde8c45789c91c82a892cff19628e7851d34e6a4d6db0e10b478",
"f7c7a7ccc682fb1e6808cbc8650039cfcbeed9aa4330216f13ff77e4d7ee3f0f"
],
"logIndex": 73374357,
"rootHash": "829a444880878cf85d19d6b2b0fe84977dcab2ed36bcaa84691f01ca2a69a301",
"treeSize": 73374419
},
"signedEntryTimestamp": "MEQCIF5j1hZeBxJ8yDL3Kc4NWwvcrXrmOvAr6g2KqN6jiQdpAiBi/rIMn/ylEd0K0yGJRFt5lzHiKkNCJG9vijHSoXco5A=="
}
}
Loading