Only consider files in expected path (not under) for cmd provides. #1136
Chainguard Enforce / Enforce - Commit Signing
succeeded
Apr 12, 2024 in 0s
Successfully verified commit signature.
CLAIM | DESCRIPTION | |
---|---|---|
✅ | Found Git signature | |
✅ | Validated Git signature | |
✅ | Validated Rekor entry | |
✅ | Allowed by policy |
Details
Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 308798773378515099487757002588472152944682648144 (0x361704121e4505f59f4afc75f022c8296766c250)
Signature Algorithm: ECDSA-SHA384
Issuer: O=sigstore.dev,CN=sigstore-intermediate
Validity
Not Before: Apr 12 20:15:52 2024 UTC
Not After : Apr 12 20:25:52 2024 UTC
Subject: Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
e9:0d:21:0c:27:01:68:11:dd:72:fd:74:34:b2:37:
ee:99:29:87:41:d2:30:d0:dd:b7:70:58:61:54:b2:
87:a5
Y:
5f:f9:6a:63:7f:90:b5:69:ab:01:c8:c2:53:eb:53:
18:e5:e4:31:0e:9c:e4:fd:e3:b7:f2:fa:18:a0:08:
a6:13
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
Code Signing
X509v3 Subject Key Identifier:
5C:F0:A2:7B:FE:AF:2B:36:4A:24:AF:C9:AE:87:64:45:81:B5:EF:B1
X509v3 Authority Key Identifier:
keyid:DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
X509v3 Subject Alternative Name: critical
email:scott.moser@chainguard.dev
oidcIssuer:
https://accounts.google.com
Unknown extension 1.3.6.1.4.1.57264.1.8
Signed Certificate Timestamp:
BHoAeAB2AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABjtPzxSoAAAQDAEcwRQIhALXHQO2j44Zr8TYFyMk+ifkrwY6B/kJRTpDM67nP7KBCAiB3UetSFKrOG1iZuEmP4591n1ImB0Ei5fUI91sjFN3AJA==
Signature Algorithm: ECDSA-SHA384
30:66:02:31:00:ca:4d:eb:2e:cc:44:ec:5a:eb:e3:3a:f4:56:
c2:60:b6:a8:68:e7:e1:3a:72:c8:72:24:65:e3:93:9d:fc:14:
9f:ed:60:a3:a2:02:0b:0c:f9:18:f0:01:b2:00:4b:48:5c:02:
31:00:e7:71:d7:18:ea:92:9a:1f:d3:01:42:5d:29:61:2e:b5:
71:00:5c:51:64:3a:e8:56:78:ad:20:6f:b3:05:e2:99:d6:70:
83:96:62:72:49:3a:4a:a4:17:e4:0b:92:aa:49
Rekor Entry
{
"body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIxMTI2MmIwYWY1NDIwMGJiMGFkNzJjOGI0YzliNzQ1NmI3NjNkNDE3ODVlODUzMWNiOTEwODAzM2Q4OTI5NDhlIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUUR2blRCNnl0MnNCUmhOSEtpdUNQUFZrWU1OeFVSU0Y3alFOc1dhWXkzY1FBSWdIdHBYcy94ZEk3bFEvUlhRRkhpRFErNWJndzMrNldRdmVlMjFsKy9icnVJPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXhSRU5EUVd4dFowRjNTVUpCWjBsVlRtaGpSVVZvTlVaQ1psZG1VM1o0TVRoRFRFbExWMlJ0ZDJ4QmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFJkMDVFUlhsTmFrRjRUbFJWZVZkb1kwNU5hbEYzVGtSRmVVMXFRWGxPVkZWNVYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVUyVVRCb1JFTmpRbUZDU0dSamRqRXdUa3hKTXpkd2EzQm9NRWhUVFU1RVpIUXpRbGtLV1ZaVGVXZzJWbVlyVjNCcVpqVkRNV0ZoYzBKNVRVcFVOakZOV1RWbFVYaEVjSHByTDJWUE16aDJiMWx2UVdsdFJUWlBRMEZZWjNkblowWXdUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZZVUVOcENtVXZOblpMZWxwTFNrc3ZTbkp2Wkd0U1dVY3hOemRGZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDB0QldVUldVakJTUVZGSUwwSkNOSGRJU1VWaFl6Sk9kbVJJVVhWaVZ6bDZXbGhLUVZreWFHaGhWelZ1WkZkR2VWcEROV3RhV0ZsM1MxRlpTd3BMZDFsQ1FrRkhSSFo2UVVKQlVWRmlZVWhTTUdOSVRUWk1lVGxvV1RKT2RtUlhOVEJqZVRWdVlqSTVibUpIVlhWWk1qbDBUVU56UjBOcGMwZEJVVkZDQ21jM09IZEJVV2RGU0ZGM1ltRklVakJqU0UwMlRIazVhRmt5VG5aa1Z6VXdZM2sxYm1JeU9XNWlSMVYxV1RJNWRFMUpSMHRDWjI5eVFtZEZSVUZrV2pVS1FXZFJRMEpJZDBWbFowSTBRVWhaUVROVU1IZGhjMkpJUlZSS2FrZFNOR050VjJNelFYRktTMWh5YW1WUVN6TXZhRFJ3ZVdkRE9IQTNielJCUVVGSFR3b3dMMUJHUzJkQlFVSkJUVUZTZWtKR1FXbEZRWFJqWkVFM1lWQnFhRzEyZUU1bldFbDVWRFpLSzFOMlFtcHZTQ3RSYkVaUGEwMTZjblZqTDNOdlJVbERDa2xJWkZJMk1VbFZjWE0wWWxkS2JUUlRXUzlxYmpOWFpsVnBXVWhSVTB4c09WRnFNMWQ1VFZVelkwRnJUVUZ2UjBORGNVZFRUVFE1UWtGTlJFRXlhMEVLVFVkWlEwMVJSRXRVWlhOMWVrVlVjMWQxZG1wUGRsSlhkMjFETW5GSGFtNDBWSEI1ZVVoSmExcGxUMVJ1Wm5kVmJpc3haMjgyU1VORGQzbzFSMUJCUWdwelowSk1VMFozUTAxUlJHNWpaR05aTm5CTFlVZzVUVUpSYkRCd1dWTTJNV05SUW1OVlYxRTJOa1phTkhKVFFuWnpkMWhwYldSYWQyYzFXbWxqYTJzMkNsTnhVVmcxUVhWVGNXdHJQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09In19fX0=",
"integratedTime": 1712952952,
"logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"logIndex": 85310613,
"verification": {
"inclusionProof": {
"checkpoint": "rekor.sigstore.dev - 2605736670972794746\n81147199\nPSf2diBvMCHN1n5F2WtfDlnmR2PF+PIw3Z8A9hvvHPA=\n\n— rekor.sigstore.dev wNI9ajBFAiBTiLlIIYZDGtzec373bN1Tb/VsH2oXOCy0Lqp6Ii2aqAIhAOVxosm9u8AD3H0jfBetvPQRvdkJos+DSauVD8qWWd8p\n",
"hashes": [
"c8ce747b9606c4988273bd8d391a5d403e01fe594dccb19ddf6874dfa9350c59",
"6669247b4ea9343673c73ca7e6f682a49dfd28e03f3d768db15387b9920f839d",
"e9a7f1ffab1f660cca5067bc2f65585c41a50b1a27e05cd8aced631cde3cc4ee",
"5ee643a0e0b3f3eaacc09b6c81949ffbd9d4e49f8aa3079ac9031c8e3e506d61",
"80d7793afd3d2a0ceb90df0274c71b11f62f022e1c07f5f72be405849a5dc4a6",
"6fed3de15a11bc5bf69fcf680aa43f82086c7ae9996773b805ad96033dd586d4",
"b40933d384570b76b704cd9dffb0987b77a0f0dc1d3790422b2df745cdde4522",
"a51e25c214ca8a8dbd9e8f79e85487a0df58031592a41a47caea85fd9a484cb5",
"84289cf65fa6e55643a5d4dcc86fedc4c14002bbaa9441295abc44128b160e40",
"f1377f58a27e07497f9b42f9d9f4fca476412f5f37585d2e25ee7e70aa6c8512",
"86b3cb23d46ed3c0a53a7872909e173e97d97cd3eff020a6e7dc48cb895a5c36",
"06009cf326827c446956636cf730984cc84fd7f9cabe69f4d0b15bd1a80268ea",
"4d8fabb0af59a4079546b996408cce25453b84008683a51fe27e7f78f9470d85",
"b66caf5e8b1f7b1fcd5a06ad2371b53dc1ae6524eb4775aed563ba31d565b426",
"0c60918bcf6f554648566bcad8014e99e32a101ea7f91f7a65efaf8d601906fc",
"f7c7a7ccc682fb1e6808cbc8650039cfcbeed9aa4330216f13ff77e4d7ee3f0f"
],
"logIndex": 81147182,
"rootHash": "3d27f676206f3021cdd67e45d96b5f0e59e64763c5f8f230dd9f00f61bef1cf0",
"treeSize": 81147199
},
"signedEntryTimestamp": "MEYCIQC37lyNGG31n9y2cnBfyeZ13gTvBZJWn7vc7J2UocWWFQIhAK08ZOCPctKektVBLkGy/WANRh4RJMy16mNNWvFm7rVN"
}
}
Loading