Signature logs
Signature logs provides a list of signature events, including:
Fields | Description |
|---|---|
Date | This entry identifies the date the signature took place. |
Status | This entry identifies if the signature was successful or failed. |
Signer | This entry identifies who performed the signing. |
Keypair alias | This entry identifies the keypair used to sign. |
Keypair ID | This entry identifies the keypair ID used to sign. |
Keypair type | This entry identifies if a static or dynamic keypair was used to sign. |
Algorithm | This entry identifies the cryptographic algorithm of the keypair used to sign. |
Signature type | This entry identifies if a production or test keypair was used to sign. |
Hash | This entry identifies the hash value that uniquely represents the raw data (the code being signed) using a specific hash algorithm. This hash value helps ensure the integrity and authenticity of the signed code. |
Signature | This entry identifies the digital signature generated from the hash or digest of the code being signed using a private key. This signature represents the code's authenticity and integrity, as it can be verified using the corresponding public key. |
Client IP | This entry identifies the IP address of the client detected when the signature occurred. |
Signature metadata
Signature logs display the following signature metadata types:
Field | Description |
|---|---|
Checksum-after-signing | This entry identifies the cryptographic checksum generated for the file after signing to ensure its integrity and authenticity. |
Checksum-before-signing | This entry identifies the cryptographic checksum of the file before it undergoes the signing process. |
Digest-algorithm | This entry identifies the algorithm used for generating the cryptographic digest or checksum, such as SHA-256. |
File-location | This entry identifies the directory path or URL where the file to be signed is located. |
File-name | This entry identifies the name of the file to be signed. |
Signing-tool | This entry describes the software or tool used for signing the file, such as OpenSSL or Microsoft SignTool. |
Timestamp | This entry indicates if the timestamp was done. |
TSA-url | This entry identifies the URL of the Time Stamp Authority (TSA) used for timestamping the signature, ensuring its validity beyond the signing certificate's expiration. |
The following information is shown for each of the signature metadata mentioned above:
Field | Description |
|---|---|
Metadata key | This entry provides the metadata name, such as:
|
Metadata value | This entry provides the value of the metadata key. |
Metadata primary | This entry display Yes if the metadata is one of the above defined metadata, or No if the custom metadata is provided. |
Metadata source | This entry identifies the name of the source that provided the metadata. |