Closed bdehamer closed 6 months ago
Closes #128
Regenerated all of the d.txt.* bundles with a new signing certificate that includes both OIDC Issuer and OIDC Issuer V2 extensions.
d.txt.*
New cert:
Certificate: Data: Version: 3 (0x2) Serial Number: 286793732 (0x11182004) Signature Algorithm: ecdsa-with-SHA384 Issuer: CN = sigstore, O = sigstore.mock Validity Not Before: Feb 1 00:00:00 2023 GMT Not After : Feb 1 00:10:00 2023 GMT Subject: Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:77:ae:c5:e5:28:a1:8e:6e:ff:99:d3:cb:00:8e: cd:2d:cb:19:73:49:32:a4:68:54:62:cb:bb:e3:65: a1:4c:45:03:99:ef:a4:0a:c0:61:5e:7c:b9:1e:1b: 0b:9a:7d:22:b2:2d:bc:e1:8c:88:21:3a:b5:33:8d: 2f:96:14:03:07 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature X509v3 Extended Key Usage: Code Signing X509v3 Subject Alternative Name: critical URI:https://github.com/sigstore-conformance/extremely-dangerous-public-oidc-beacon/.github/workflows/extremely-dangerous-oidc-beacon.yml@refs/heads/main X509v3 Subject Key Identifier: E7:C0:77:81:98:F7:3D:22:B6:66:05:E9:8E:68:7C:B8:97:0B:FB:28 X509v3 Authority Key Identifier: 3F:14:5C:64:EC:55:31:B7:FA:04:F2:50:D9:10:5D:2C:EE:46:AC:B8 1.3.6.1.4.1.57264.1.8: .+https://token.actions.githubusercontent.com 1.3.6.1.4.1.57264.1.1: https://token.actions.githubusercontent.com CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : F7:26:CA:A3:41:17:BA:91:65:44:AF:37:34:E9:20:CD: 4C:49:2E:F7:5C:E6:22:8F:DC:04:EE:FF:2F:3F:27:DD Timestamp : Feb 1 00:00:00.000 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:39:11:79:D2:16:11:20:59:76:1E:07:34: BC:E2:5F:A4:C8:D4:F2:06:3B:06:D1:9F:CF:4A:19:78: F9:71:1B:88:02:20:39:7A:49:74:1E:D7:EF:7A:10:D5: AA:33:AF:B9:C3:16:C8:52:01:CB:F1:3D:FE:9E:8E:37: 73:2B:84:01:EF:8D Signature Algorithm: ecdsa-with-SHA384 Signature Value: 30:45:02:20:2a:8b:fa:a2:e9:45:b4:cf:5e:7e:91:8b:f5:48: 77:47:a3:28:13:44:fc:1d:69:9b:dd:6e:3b:27:bf:08:e9:95: 02:21:00:9e:44:64:d6:7f:df:3f:2f:1c:1a:ce:be:8b:ea:bb: 6c:c3:25:f9:7d:82:9b:9d:68:74:8a:cc:23:d3:db:8c:cc
Thanks @bdehamer!
CC @segiddins could you check this as well, since this originally tripped your WIP implementation?
Closes #128
Regenerated all of the
d.txt.*
bundles with a new signing certificate that includes both OIDC Issuer and OIDC Issuer V2 extensions.New cert: