JankariTechUG/GitTrustedTimestamps
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

script to validate whether the hash of the trustanchors folder changed #4

Merged
artur merged 2 commits from validate_trustanchors_hash into main 2025-01-24 07:58:27 +00:00
Conversation 1 Commits 2 Files Changed 1 +26
artur commented 2025-01-22 08:33:08 +00:00
Owner
Copy Link

this is useful to make sure the same set of TSA are used on different
machines and that they haven't been changed.
E.g. I want to make sure I use the same TSA on my local machine as in CI
and I want to make sure the imported certificates in CI are the same as
in my local machine, so that I can trust them.

this is useful to make sure the same set of TSA are used on different machines and that they haven't been changed. E.g. I want to make sure I use the same TSA on my local machine as in CI and I want to make sure the imported certificates in CI are the same as in my local machine, so that I can trust them.
artur added 2 commits 2025-01-22 08:33:08 +00:00
script to validate whether the hash of the trustanchors folder changed 9006f166f7 
this is useful to make sure the same set of TSA are used on different
machines and that they haven't been changed.
E.g. I want to make sure I use the same TSA on my local machine as in CI
and I want to make sure the imported certificates in CI are the same as
in my local machine, so that I can trust them.
-----TIMESTAMP COMMIT----- 4f911c69d4 
Version: 1

Algorithm: sha1

Preimage: version:1,parent:9006f166f79aff8463e0b94a40816b5809d26f59,tree:5132ba0a84fb9f255de095c750a3ee66b99743bc

Digest: 41c32d5c57c86c73e17431d985431dcfa11b0794

Timestamp: https://freetsa.org/tsr
 Info: Timestamp generated with GitTrustedTimestamps by Mabulous GmbH

 Version: 1
 Policy OID: tsa_policy1
 Hash Algorithm: sha1
 Message data:
     0000 - 41 c3 2d 5c 57 c8 6c 73-e1 74 31 d9 85 43 1d cf   A.-\W.ls.t1..C..
     0010 - a1 1b 07 94                                       ....
 Serial number: 0x051E7BA6
 Time stamp: Jan 22 08:32:24 2025 GMT
 Accuracy: unspecified
 Ordering: yes
 Nonce: 0x7C7126C79B4BBE42
 TSA: DirName:/O=Free TSA/OU=TSA/description=This certificate digitally signs documents and time stamp requests made using the freetsa.org online services/CN=www.freetsa.org/emailAddress=busilezas@gmail.com/L=Wuerzburg/C=DE/ST=Bayern
 Extensions:

 -----BEGIN RFC3161 TOKEN-----
 MIIFNwYJKoZIhvcNAQcCoIIFKDCCBSQCAQMxDzANBglghkgBZQMEAgMFADCCAX4G
 CyqGSIb3DQEJEAEEoIIBbQSCAWkwggFlAgEBBgQqAwQBMCEwCQYFKw4DAhoFAAQU
 QcMtXFfIbHPhdDHZhUMdz6EbB5QCBAUee6YYDzIwMjUwMTIyMDgzMjI0WgEB/wII
 fHEmx5tLvkKgggERpIIBDTCCAQkxETAPBgNVBAoTCEZyZWUgVFNBMQwwCgYDVQQL
 EwNUU0ExdjB0BgNVBA0TbVRoaXMgY2VydGlmaWNhdGUgZGlnaXRhbGx5IHNpZ25z
 IGRvY3VtZW50cyBhbmQgdGltZSBzdGFtcCByZXF1ZXN0cyBtYWRlIHVzaW5nIHRo
 ZSBmcmVldHNhLm9yZyBvbmxpbmUgc2VydmljZXMxGDAWBgNVBAMTD3d3dy5mcmVl
 dHNhLm9yZzEiMCAGCSqGSIb3DQEJARYTYnVzaWxlemFzQGdtYWlsLmNvbTESMBAG
 A1UEBxMJV3VlcnpidXJnMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmF5ZXJuMYID
 ijCCA4YCAQEwgaMwgZUxETAPBgNVBAoTCEZyZWUgVFNBMRAwDgYDVQQLEwdSb290
 IENBMRgwFgYDVQQDEw93d3cuZnJlZXRzYS5vcmcxIjAgBgkqhkiG9w0BCQEWE2J1
 c2lsZXphc0BnbWFpbC5jb20xEjAQBgNVBAcTCVd1ZXJ6YnVyZzEPMA0GA1UECBMG
 QmF5ZXJuMQswCQYDVQQGEwJERQIJAMHphhYNqOmCMA0GCWCGSAFlAwQCAwUAoIG4
 MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAcBgkqhkiG9w0BCQUxDxcNMjUw
 MTIyMDgzMjI0WjArBgsqhkiG9w0BCRACDDEcMBowGDAWBBSRbaPYYOzKguNLxZ0X
 k+fpaIdfFDBPBgkqhkiG9w0BCQQxQgRAg6ToWoufJdhvp/UBOzM/qmSW83npLW3A
 WJkk3KU9uKvj1jCy9NUAL4dctJtRhWi1ObKqfg6tVkJUjUWfDg6OADANBgkqhkiG
 9w0BAQEFAASCAgCWzbvex3bQtr9zF0ZaICp1l3x15RzKOTLm3HXzLCeY+9ICwwZI
 3bWE4WAXlkebzQ99EmYYDFFBPKLYFDXl7pQMLcTNpng+fCx/xfiKh1baS4Zzlt51
 Tg0GZN4Vr3Zubp5qaRgDRe+761R6nfbsf1SECHI5N1kn0eURHl4J+9tF2hVhMQ33
 NMkFSrBlLJSd5b/rZHI5Qpq70NnUdLhJwNLRGs6i2EBFlm2T393VdjkOlaIVM/id
 5WrtnTAzScRuOayTE25IBxsDSX18tE9bD1ijlQbQSdspFkk1V3tpAHCUFAzvrgfO
 Ehm4eGKVDIkedPsUkJAL73QKDINLd5ycvb+bjIVLbt8VxSz8c7pso0BX+xgXRuQ3
 HvRIPi+bfpV4hXVw12VOAnHUu68f/po9G4aQM+XPzSy9L1kjbak1G1+zPW/3ohzt
 o4rNmpm4I915U1pl17xoLm48YCYoJWry/bf8VvBmHaXe8TDvaKr2rvJv9ZrTbwoB
 vBGLnh7XtRB4Wip3CAz+aifCs9cBdeM1IirQamBo9fP9qhhVDSxQqqeb+xN11xs4
 9spjC22ocoKe5PnhA34EAAuhyBqx1KBiuUCwUz25mqntEI91B+T+bj1TQ/EJ5fZs
 V726SJTW740a2z+pVTwtUPfyNl6/SllmQvjIMrLl2+kYiUOBonrchy0r3Q==
 -----END RFC3161 TOKEN-----

Timestamp: https://tsa.cesnet.cz:3162/tsa
 Info: Timestamp generated with GitTrustedTimestamps by Mabulous GmbH

 Version: 1
 Policy OID: 1.3.6.1.4.1.22408.1.2.3.45
 Hash Algorithm: sha1
 Message data:
     0000 - 41 c3 2d 5c 57 c8 6c 73-e1 74 31 d9 85 43 1d cf   A.-\W.ls.t1..C..
     0010 - a1 1b 07 94                                       ....
 Serial number: 0x29DD5895563F759F
 Time stamp: Jan 22 08:32:25 2025 GMT
 Accuracy: unspecified
 Ordering: no
 Nonce: 0x8A22D2B54B5700A0
 TSA: DirName:/DC=cz/DC=cesnet-ca/O=CESNET/CN=tsa.cesnet.cz
 Extensions:

 -----BEGIN RFC3161 TOKEN-----
 MIID1QYJKoZIhvcNAQcCoIIDxjCCA8ICAQMxDzANBglghkgBZQMEAgEFADCBzgYL
 KoZIhvcNAQkQAQSggb4EgbswgbgCAQEGDCsGAQQBga8IAQIDLTAhMAkGBSsOAwIa
 BQAEFEHDLVxXyGxz4XQx2YVDHc+hGweUAggp3ViVVj91nxgPMjAyNTAxMjIwODMy
 MjVaAgkAiiLStUtXAKCgXKRaMFgxEjAQBgoJkiaJk/IsZAEZFgJjejEZMBcGCgmS
 JomT8ixkARkWCWNlc25ldC1jYTEPMA0GA1UECgwGQ0VTTkVUMRYwFAYDVQQDDA10
 c2EuY2VzbmV0LmN6MYIC2TCCAtUCAQEwbDBgMRIwEAYKCZImiZPyLGQBGRYCY3ox
 GTAXBgoJkiaJk/IsZAEZFgljZXNuZXQtY2ExEjAQBgNVBAoMCUNFU05FVCBDQTEb
 MBkGA1UEAwwSUGVyc29uYWwgU2lnbmluZyAyAghq94ZoOsDXcDANBglghkgBZQME
 AgEFAKCCAT4wGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMBwGCSqGSIb3DQEJ
 BTEPFw0yNTAxMjIwODMyMjVaMC0GCSqGSIb3DQEJNDEgMB4wDQYJYIZIAWUDBAIB
 BQChDQYJKoZIhvcNAQELBQAwLwYJKoZIhvcNAQkEMSIEIOWdZojHJbm/TmIOeWoB
 kvA3fXcB43GN+ZV8RMo+bDvnMIGhBgsqhkiG9w0BCRACDDGBkTCBjjCBizCBiAQU
 UCTsC5lLIjDwCg+Qpg0dKB0bP74wcDBkpGIwYDESMBAGCgmSJomT8ixkARkWAmN6
 MRkwFwYKCZImiZPyLGQBGRYJY2VzbmV0LWNhMRIwEAYDVQQKDAlDRVNORVQgQ0Ex
 GzAZBgNVBAMMElBlcnNvbmFsIFNpZ25pbmcgMgIIaveGaDrA13AwDQYJKoZIhvcN
 AQELBQAEggEAFSYXAxsh2Mxm268N3ESz/VYSJxMo8hcH5hGSicGJv1YIWI8QhV0t
 Wp6wOtk1sUcnAe5QZlQ6IzBc1PT+NIqNEEUydM9riyOmNIMZXnBiyI/DuRxo9mJd
 BBcmYthx4borfmBmClj7hIMjLtBB+hlChwryH45TBXDCJxMnKR0i8sd4Cc0kdyGr
 oey9DkIWRo5aH7otfZrRF9iUIMptnMS2eO3+6RsdqZgvNcVJq8HXvldmmQ7RZ3V5
 DrpPTxEaWgPdMh8Bo3z26c3U9vpnsKuAtViaAhoyvBVX7HnUXn+v1cPgqdRNMOQU
 e0rA1gZ+mA2aT0A52fmOBhiqL4ecT4FO0Q==
 -----END RFC3161 TOKEN-----
artur requested review from phil 2025-01-22 08:33:13 +00:00
phil approved these changes 2025-01-24 06:57:06 +00:00
artur force-pushed validate_trustanchors_hash from 4f911c69d4 to 49f05d35b8 2025-01-24 07:58:12 +00:00 Compare
artur merged commit 9eb12b9101 into main 2025-01-24 07:58:27 +00:00
phil deleted branch validate_trustanchors_hash 2025-02-06 04:34:36 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
phil
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
artur jankaritech phil
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: JankariTechUG/GitTrustedTimestamps#4
No description provided.
Delete Branch "validate_trustanchors_hash"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?