Add token revocation several places. #92
Merged
Chainguard Enforce / Enforce - Commit Signing
succeeded
Feb 6, 2024 in 0s
Successfully verified commit signature.
CLAIM | DESCRIPTION | |
---|---|---|
✅ | Found Git signature | |
✅ | Validated Git signature | |
✅ | Validated Rekor entry | |
✅ | Allowed by policy |
Details
Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194179506872965947831054763048404424256705436518 (0x22034f6b6fc3381073450881702a35b7b71a9b66)
Signature Algorithm: ECDSA-SHA384
Issuer: O=sigstore.dev,CN=sigstore-intermediate
Validity
Not Before: Feb 5 15:09:21 2024 UTC
Not After : Feb 5 15:19:21 2024 UTC
Subject: Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
09:03:66:53:92:5e:df:8a:69:2a:20:86:c3:89:cd:
f1:91:1b:43:9b:0b:aa:17:29:db:8b:43:11:0d:6e:
bd:ab
Y:
53:a9:a4:10:6d:40:9a:13:0f:5c:71:13:34:3a:70:
bc:e1:c2:3e:9c:fc:61:9c:86:d6:5b:49:6c:d6:43:
26:0c
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
Code Signing
X509v3 Subject Key Identifier:
D4:33:DE:C8:97:AB:C0:80:22:84:85:08:79:43:34:CA:8F:58:D1:BD
X509v3 Authority Key Identifier:
keyid:DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
X509v3 Subject Alternative Name: critical
email:mattmoor@chainguard.dev
oidcIssuer:
https://accounts.google.com
Unknown extension 1.3.6.1.4.1.57264.1.8
Signed Certificate Timestamp:
BHkAdwB1AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABjXnRE/EAAAQDAEYwRAIgT3hdntE7cFxb/HdS0Mb+5uBtK79Lk/v8GnVwzJYWcN8CIDFFoFxn+gZMdbvv8TeYSeiKJWVqFGzZIWd3qDwX+1Rg
Signature Algorithm: ECDSA-SHA384
30:64:02:30:6f:25:ac:30:bb:63:86:1b:e0:2e:52:aa:df:9b:
d5:02:f7:fc:42:3c:bb:e2:22:3d:f8:71:77:23:9c:c3:8a:fa:
51:75:ba:e2:13:e9:1c:ad:6c:a0:3a:66:44:96:ae:3c:02:30:
52:e6:5e:7a:92:e5:44:52:f8:db:b0:18:23:68:06:c7:17:91:
99:01:b1:5f:a6:48:b8:de:06:0c:9a:a8:af:2f:86:30:44:37:
c2:96:17:81:f7:b5:17:a8:17:00:21:71
Rekor Entry
{
"body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiI1YTIwZTg5OGM5OTc2ZDIxZmNmZGE3YjI0MTViNDVkNzRkMzNmZmVkYmM4NDMwMGI5MDhlMjU4YWY3YzgwYWE4In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FTUNIMS9VbXl5UUwrTk91Rkt0ODRJSlBwZ0RwVm1JcmUrYkFkYzgrRWhCdngwQ0lET3k3d2VBZnVWdG50QTBiaHg2amtIdXhkM2xad0tlclY4THJ0aktaRnFKIiwicHVibGljS2V5Ijp7ImNvbnRlbnQiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VONmFrTkRRV3hYWjBGM1NVSkJaMGxWU1dkT1VHRXlMMFJQUWtKNlVsRnBRbU5EYnpGME4yTmhiVEpaZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwUmQwMXFRVEZOVkZWM1QxUkplRmRvWTA1TmFsRjNUV3BCTVUxVVZYaFBWRWw0VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVkRVVTV0VlRWS1pUTTBjSEJMYVVOSGR6UnVUamhhUldKUk5YTk1jV2hqY0RJMGRFUUtSVkV4ZFhaaGRGUnhZVkZSWWxWRFlVVjNPV05qVWswd1QyNURPRFJqU1N0dVVIaG9ia2xpVjFjd2JITXhhMDF0UkV0UFEwRllVWGRuWjBaM1RVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVXhSRkJsQ25sS1pYSjNTVUZwYUVsVlNXVlZUVEI1YnpsWk1HSXdkMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMHBSV1VSV1VqQlNRVkZJTDBKQ2MzZEhXVVZZWWxkR01HUkhNWFppTTBwQldUSm9hR0ZYTlc1a1YwWjVXa00xYTFwWVdYZExVVmxMUzNkWlFncENRVWRFZG5wQlFrRlJVV0poU0ZJd1kwaE5Oa3g1T1doWk1rNTJaRmMxTUdONU5XNWlNamx1WWtkVmRWa3lPWFJOUTNOSFEybHpSMEZSVVVKbk56aDNDa0ZSWjBWSVVYZGlZVWhTTUdOSVRUWk1lVGxvV1RKT2RtUlhOVEJqZVRWdVlqSTVibUpIVlhWWk1qbDBUVWxIU2tKbmIzSkNaMFZGUVdSYU5VRm5VVU1LUWtoelJXVlJRak5CU0ZWQk0xUXdkMkZ6WWtoRlZFcHFSMUkwWTIxWFl6TkJjVXBMV0hKcVpWQkxNeTlvTkhCNVowTTRjRGR2TkVGQlFVZE9aV1JGVkFvNFVVRkJRa0ZOUVZKcVFrVkJhVUpRWlVZeVpUQlVkSGRZUm5ZNFpERk1VWGgyTjIwMFJ6QnlkakIxVkNzdmQyRmtXRVJOYkdoYWR6TjNTV2ROVlZkbkNsaEhaalpDYTNneGRTc3ZlRTQxYUVvMlNXOXNXbGR2VldKT2EyaGFNMlZ2VUVKbU4xWkhRWGREWjFsSlMyOWFTWHBxTUVWQmQwMUVXbmRCZDFwQlNYY0tZbmxYYzAxTWRHcG9hSFpuVEd4TGNUTTFkbFpCZG1ZNFVXcDVOelJwU1RrclNFWXpTVFY2UkdsMmNGSmtZbkpwUlN0clkzSlhlV2RQYlZwRmJIRTBPQXBCYWtKVE5XdzFObXQxVmtWVmRtcGljMEpuYW1GQllraEdOVWRhUVdKR1puQnJhVFF6WjFsTmJYRnBka3cwV1hkU1JHWkRiR2hsUWprM1ZWaHhRbU5CQ2tsWVJUMEtMUzB0TFMxRlRrUWdRMFZTVkVsR1NVTkJWRVV0TFMwdExRbz0ifX19fQ==",
"integratedTime": 1707145762,
"logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"logIndex": 69254842,
"verification": {
"inclusionProof": {
"checkpoint": "rekor.sigstore.dev - 2605736670972794746\n65317509\nyuZI0IunhVJLN71lBLPURy2i+k55BFMt7mYeJaiiyo4=\nTimestamp: 1707228501723677263\n\n— rekor.sigstore.dev wNI9ajBFAiEAjaONBY4K7GNDl5hk4Aisuo3/itAE6rGkv8Ye9X5MRF0CIEcx1Tc6PQHSYIZ9cMmqym7yorAajjA/Sg7AhSmNgYdL\n",
"hashes": [
"1dc23de1a332448033bcf3e118dad1d983590e3aee213e17f92300d831bd167b",
"cc92b34060174349f5193e32d50cd90b158124d035f00fa55ffc907ceb6ff3dd",
"c96f7fdbdd70a299e828434764e36d510492b163b6e7d69663fe1a858308204a",
"a70a8182cf3dd765ecf28c31547b34d268dfb82f86be6969d3aa2d8871f60cd6",
"d5cac392ff4d5348adf73b5a34cc56a62d0d1693d96f5ea70d43056bbc4332f1",
"85b0c5faa61e2c553a88a35176346e02560355fe8b900eabae251028ae44fe14",
"8b387ea6318a263dfa1a2f7975c585d066806d12b4ddc1c5012f85322031699a",
"9c2ca5b60469ff44a8a41caa3a0738dbf2b11c91c49602c2711216fdde4e6511",
"7c4ec5139b530a5a9a84c0cbba389c5081a8457409019cfe69efbc25c6b7aa97",
"d2b4a006741baf522e79809c5e3a2ef405f81ecee8731f79f42dbabd40c74897",
"fdd8040a066b8322ae34433d9d16d40c33bf4f4819d3e33eebf6ec17c190a560",
"b0e02de9e11b45ad4e1b9b44b5972b2a998366fec80217ddb5064e2a9cc3e597",
"1375fc9993387145ec7390d786e8a59b6582a78de3af0330ef031a433b03fe6f",
"a4c49233171ec9b29ea2715c7a6e981b245098452dc81a49e5f3f7f7708f472b",
"77d1818300cd653cc12c9190e0d33a0b2b07bc928dd981d28613573cc9387fe7",
"920e365ae3ff327a856489bd1ddc8f988ff57bb712386107dd90aa4b39a86cc5",
"0c22eeb6297667f1ea3bc7da59cb2188a85b9a059ed6945379b9ba5afc584204",
"9baa25518e7667aae987c93f8db794c3c7b0a4106d014e438c7d5ab0d46f6ad8",
"39652886ed39be1267022c8006ee28cd551ed6d192018480e99627a09657f038",
"8940ace950102963da2424ab1a305aad5b32173da22306d63d381442036acd56",
"74f801e4996a8332bfc30de5a49f1256da593c09a7f5b94f3677df835b6742a5",
"51e5d80682cc50abdb392ed3a0cb1aa1b946e1f4bff103d04d314620155e13bd",
"98c486feb5d87092a78a46c4b5be04868654900affc2e86ffb20074dc73a883a",
"6969c49bd73f19bf28a5eaeabd331ddd60502defb2cd3d96e17b741c80adec6c"
],
"logIndex": 65091411,
"rootHash": "cae648d08ba785524b37bd6504b3d4472da2fa4e7904532dee661e25a8a2ca8e",
"treeSize": 65317509
},
"signedEntryTimestamp": "MEUCIQDbC0VBFyvVSKN54rvqPhh3tPH3KOagCf/EetUQApoaIwIgJmerxJACDAYlQWC2v/SqDx2zydBPm0qpy12vVh6IeC8="
}
}
Loading