use retryablehttp in DiscoverKeys and pkg/apk #1398
+9
−2
Chainguard Enforce / Enforce - Commit Signing
succeeded
Nov 11, 2024 in 1s
Successfully verified commit signature.
| CLAIM | DESCRIPTION | |
|---|---|---|
| ✅ | Found Git signature | |
| ✅ | Validated Git signature | |
| ✅ | Validated Rekor entry | |
| ✅ | Allowed by policy |
Details
Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297444789389744914786746836443121212663991047621 (0x3419e2ba05de7351c74f950c70aa8c043a0315c5)
Signature Algorithm: ECDSA-SHA384
Issuer: O=sigstore.dev,CN=sigstore-intermediate
Validity
Not Before: Nov 11 19:29:46 2024 UTC
Not After : Nov 11 19:39:46 2024 UTC
Subject: Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
52:d5:5e:45:8b:3c:d0:7e:38:2e:88:ae:0d:bd:33:
8d:b8:39:3f:50:dc:ff:1f:a9:93:01:d3:d5:a4:7f:
0b:ab
Y:
8c:17:38:6a:4e:12:19:c6:4f:dd:ce:d2:66:fe:e8:
73:ee:79:50:92:44:7b:3f:a3:6b:2b:d6:ee:7f:59:
a1:8e
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
Code Signing
X509v3 Subject Key Identifier:
7C:81:EC:2B:FF:6F:34:70:79:9A:C3:6B:3A:92:D4:4F:62:B6:C9:A3
X509v3 Authority Key Identifier:
keyid:DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
X509v3 Subject Alternative Name: critical
email:[email protected]
oidcIssuer:
https://accounts.google.com
Unknown extension 1.3.6.1.4.1.57264.1.8
Signed Certificate Timestamp:
BHsAeQB3AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABkxy0HroAAAQDAEgwRgIhAI+LFg/XZ53vq4qE7cJvXpavXDVYvKXal0Mjrz5T4LRaAiEApsMbbgHFGCBekdKXlvdrlQGQfbUtf6JmuzL75JoOjBg=
Signature Algorithm: ECDSA-SHA384
30:66:02:31:00:f8:8e:9e:7e:64:88:49:fd:ac:0a:2f:44:75:
32:a5:a9:f9:23:0a:5e:26:71:2e:b2:85:7d:c5:e7:bb:91:f3:
ea:db:3b:0f:32:4d:12:1d:f0:2d:9d:98:36:ec:1a:f6:8a:02:
31:00:95:cf:8a:f7:ed:26:fb:69:ee:bc:26:84:f9:fe:28:fa:
9d:60:c0:79:14:c5:b3:3a:33:3e:ce:09:0e:07:2e:c6:37:3f:
b9:16:d5:5c:36:cf:a9:cc:86:89:e2:35:ad:7a
Rekor Entry
{
"body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJhNzc1OTQzN2FhOGRjMThiYjBkODc3YjhlY2IzMjBjM2NjOWM1OTAwMGFhMDU0OTc0OThjNDU5ZDk4YmNiZWJlIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJSGt2OENzVXE1bCsyMm9JWFpubVU1enJrVmg1LzJjV0NmY2FScEZkejZ4NUFpQTN6S1pXbUI3dXlqREdoNlp4TEtScDJ0UGM0UEx2N2FmTCtNbzZWTEY1dUE9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjZla05EUVd4VFowRjNTVUpCWjBsVlRrSnVhWFZuV0dWak1VaElWRFZWVFdOTGNVMUNSRzlFUm1OVmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFJlRTFVUlhoTlZHdDVUMVJSTWxkb1kwNU5hbEY0VFZSRmVFMVVhM3BQVkZFeVYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZWZEZabFVsbHpPREJJTkRSTWIybDFSR0l3ZW1waVp6VlFNVVJqTDNncmNHdDNTRlFLTVdGU0wwTTJkVTFHZW1oeFZHaEpXbmhyTDJSNmRFcHRMM1ZvZWpkdWJGRnJhMUkzVURaT2NrczVZblZtTVcxb2FuRlBRMEZZVFhkblowWjJUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZtU1VoekNrc3ZPWFpPU0VJMWJYTk9jazl3VEZWVU1rc3llV0ZOZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBsbldVUldVakJTUVZGSUwwSkNaM2RHYjBWVllXMUdlbUl5TlVGWk1taG9ZVmMxYm1SWFJubGFRelZyV2xoWmQwdFJXVXRMZDFsQ1FrRkhSQXAyZWtGQ1FWRlJZbUZJVWpCalNFMDJUSGs1YUZreVRuWmtWelV3WTNrMWJtSXlPVzVpUjFWMVdUSTVkRTFEYzBkRGFYTkhRVkZSUW1jM09IZEJVV2RGQ2toUmQySmhTRkl3WTBoTk5reDVPV2haTWs1MlpGYzFNR041Tlc1aU1qbHVZa2RWZFZreU9YUk5TVWRNUW1kdmNrSm5SVVZCWkZvMVFXZFJRMEpJTUVVS1pYZENOVUZJWTBFelZEQjNZWE5pU0VWVVNtcEhValJqYlZkak0wRnhTa3RZY21wbFVFc3pMMmcwY0hsblF6aHdOMjgwUVVGQlIxUklURkZsZFdkQlFRcENRVTFCVTBSQ1IwRnBSVUZxTkhOWFJEbGtibTVsSzNKcGIxUjBkMjA1Wld4eE9XTk9WbWs0Y0dSeFdGRjVUM1pRYkZCbmRFWnZRMGxSUTIxM2VIUjFDa0ZqVlZsSlJqWlNNSEJsVnpreWRWWkJXa0k1ZEZNeEwyOXRZVGROZG5acmJXYzJUVWRFUVV0Q1oyZHhhR3RxVDFCUlVVUkJkMDV3UVVSQ2JVRnFSVUVLSzBrMlpXWnRVMGxUWmpKelEyazVSV1JVUzJ4eFptdHFRMncwYldOVE5ubG9XRE5HTlRkMVVqZ3JjbUpQZHpoNVZGSkpaRGhETW1SdFJHSnpSM1poU3dwQmFrVkJiR01yU3prck1HMHJNbTUxZGtOaFJTdG1ORzhyY0RGbmQwaHJWWGhpVFRaTmVqZFBRMUUwU0V4eldUTlFOMnRYTVZaM01ubzJiazFvYjI1cENrNWhNVFlLTFMwdExTMUZUa1FnUTBWU1ZFbEdTVU5CVkVVdExTMHRMUW89In19fX0=",
"integratedTime": 1731353387,
"logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"logIndex": 148227672,
"verification": {
"inclusionProof": {
"checkpoint": "rekor.sigstore.dev - 1193050959916656506\n26323416\nEu9miK9bih5TgUO/uTtF8H3nTEgULwhw+90l2vTj2Y8=\n\n— rekor.sigstore.dev wNI9ajBGAiEAr78ESl8tyJVCIg1WjLq7TmZAkR/abzaFPh7gBJGO/DoCIQD/eRwR8gUz2zsepqEtiU+ORjFNfEuCVcZvSggSHzCbwA==\n",
"hashes": [
"1f256db62e17f6516f943e3049e322cc16c858ed149f58e527134866cea83864",
"8aefc04e7d5cd3101e03da42a9fafeac6335ab7c03ef5ef43e544deade37ea2e",
"d52418103e170dba2897d7fd8edc63bef049749bacea883d6b640e499b42c71e",
"c3668bdc33d36279940fcd1d21777385ab3519d561b287690eb9e0f0a65373ae",
"ecf23a9f8c73239a333c65ca43939e031edb03090a00d4d28ba12b07bb8f48ce",
"9415c65606a38bfb50e26a82fac6806fcca95290c9d6b53044556b450f7b2e09",
"57c873e3042c211fe445e2c2436401b66bb3c4d8b585f90c1f13c46d6616ff5d",
"dd13078f0ee54bf52ab74a726139711174d1657e83a7b1091296096b6d24a2a9",
"bd273c39a4269b2e7d0cb21b83834d8c2e10dea1f92e445526ca167387dad624",
"3913d136c5fba008b75b6d980e754fa459cd940b16fdefa5dec3115f1f5030ea",
"efb31866e05d2028ba8fe767184c15a88e8aef4af7ce1c931152aff723c4ae06",
"a6ab4e4da2b8935eb7b64babe5319cf8792d35818018cee8f4c319937a06dd05",
"e25505d183aef579080d7297034c0c4b377a55e0d8dd3640826a0e796992dbe6",
"81ffbd9b9e760773e79169ced28e0a755be3713dd65472eb09b7f50e8558285c"
],
"logIndex": 26323410,
"rootHash": "12ef6688af5b8a1e538143bfb93b45f07de74c48142f0870fbdd25daf4e3d98f",
"treeSize": 26323416
},
"signedEntryTimestamp": "MEQCIAPPIUQ8dpwRuw9r6WtqQcH7eNp7Bm39Iia5Vs8s1mcvAiAiZGqBmR/jDrlBfPjC3sPyAeLxc69SqP67ftUEdW980w=="
}
}
Loading