Sigstore bundle #2204
Sigstore bundle #2204
Conversation
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
…fields. Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
…nto sigstore_bundle
|
Rendered README.md |
specs/dotsigstore_bundle/verifier.go
Outdated
| } | ||
| } | ||
|
|
||
| if b.rekorEntry != nil { |
There was a problem hiding this comment.
is it correct that you must also enter this path if/when a certificate (if used) is expired?
There was a problem hiding this comment.
likewise, does the final cert validation wrt to timestamp need to occur here or in the outer loop?
There was a problem hiding this comment.
This will be addressed in an updated coming soon, have it locally but need to run it through once more before pushing. Will add explicit logic for cert validation wrt to timestamp in verifyRekor.
|
Fredrik is out for a couple of weeks, one approach to iterating on this would be to merge as is, and then we can work through all the comments on this PR, generating new PRs as we go. It's going into a temporary spot anyway, WDYAT? |
|
I think I'd prefer to work on a branch/fork, I don't think the diff between "original pass" and "latest pass" is meaningful in this case. Then we don't have to worry about tests etc. |
…osed during review. Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
I think this is main point of disagreement. I was imagining TSAs signing off on Rekor entries, not just the signature bytes. This just feels more consistent to me. If there are multiple Maybe relevant, maybe not: there are [subtle crypto attacks](https://www.bolet.org/~pornin/2005-acns-pornin+stern.pdf](can work backwards) to create a new public key that a fixed signature validates against. I don't think this is actually exploitable in our setting, but IMO the more context in the data that gets countersigned the better.
So, to clarify the plan is "each Rekor kind/version has a corresponding If that's the case, I think I'd want to be more explicit about the mapping. So the doc for But then why not just use the Rekor types directly? Also, what about downstream users who might want to verify other Rekor types? They're supposed to be pluggable, the bundle format should be too IMO.
I would be very worried if client libraries needed to reconstruct the entry by e.g. parsing an Alpine ".apk" file (which is what we'd have to do if we weren't adding another
IMO alignment with Rekor's response as it exists today should be a non-goal; I think there are several proposals floating around right now to improve it. Alignment with Rekor's eventual response is a good idea. However, I think the bundle format should inform the Rekor API, not the other way around.
I don't actually think this is more dev friendly. This means that my function to reconstruct the entry for verification needs to access both the
To me, this complicates the verification flow unnecessarily. "If timestamp, check that the TSA signed X, otherwise, check that Rekor signed Y" seems more complicated than "filter the entries in TimestampVerificationData to find which ones signed X." |
| // policies. | ||
| // When using RFC3161 timestamps together with DSSE envelopes, the message | ||
| // imprint (message digest) MUST be computed over the payload (octets). | ||
| message TimestampVerificationData { |
There was a problem hiding this comment.
IMHO this is not a real concern, today the bundle is only possible to map to two Rekor types:
inotoandhashedrecord.
How deliberate is that? I think we should try to support all of them.
For the verification to succeed an asset in the bundle must be able to correctly be put on different logs with different types, which I would say is not possible. [...]
I worry a little about different versions of the same kind in this context. Not sure whether that's a big deal or not.
But I think you're right overall.
So this is now implicitly verified, but when talking about verification flows, we can make this explicit, that the verifier MUST verify that all entries are of the same type. How about same type with different versions? I think we should start with require the same version too, until we know of any concrete use-case where it may make sense to allow that.
+1
| int64 log_index = 1; | ||
| // The hash digest stored at the root of the merkle tree at the time | ||
| // the proof was generated. | ||
| bytes root_hash = 2; |
There was a problem hiding this comment.
Personal bias here: I want as many types as possible always.
Specifically, every time I see a bytes I have to think "what format is that?" If I see HashOutput I think "that's the output of a hash algorithm, I don't care what format it is."
Agreed that it feels wonky to duplicate the algorithm. So maybe there's room for three (!!) types: HashOutput { bytes }, HashAlgorithm = enum and HashData = (HashOutput, HashAlgorithm). I understand if that seems like too much.
some out-of-band data is already needed, like the public key (which may include parameters/what hash function to use). So there is already a need for certain knowledge of the transparency log, and also sharing what hash function is used for computing the Merkle tree is IMHO not a problem.
I buy that. Should we try to enumerate all these parameters in a new type? That feels like a useful exercise. It would allow creating a cross-language test suite!
(Okay if that's a TODO and we don't do it in this PR)
|
could we lean into this comment: |
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
FWIW I'm pretty happy with this as-is. I still have one high-level concern (articulated in my last comment) but doesn't need to block the PR. That said—what's the benefit of merging the experimental version to the Cosign repo? I think we decided it makes more sense in a new repo long-term anyway. So what if we just made that (even if it's just on a personal GH account for now), then we could merge whatever we want and do some more formal process to pull it back into the |
This is my preference to, like a repo named |
There are a few important topics in that comment, and this PR is already getting quite large. When we get a new repo where the bundle goes, how about I open up some issues with your different questions as I think they can be more efficiently covered separately? edit: s/you/your |
Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Works for me! |
|
Meta comment - It seems like a lot has changed since the last time I looked at it, so I'll need to do another pass. Can we avoid any more significant changes before it's checked in, as it's hard to know what's changing between each pass? |
…tion data' Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
|
A use case for key IDs: #1351 Some KMSes support key rotation, and the same key has different "versions." When we use KMS, we should stick the key version as a hint in the bundle. |
|
https://github.com/sigstore/protobuf-specs is ready whenever this can be moved over. |
|
Thanks @bobcallaway, I'll move and close this PR today. |
|
Closing this PR in favour of sigstore/protobuf-specs#1 |
This library: - Is testable. - Is consistent across the CLI. Related to (does not fix) sigstore#2296 and sigstore#2204. Signed-off-by: Zachary Newman <zjn@chainguard.dev>
This library: - Is testable. - Is consistent across the CLI. Related to (does not fix) sigstore#2296 and sigstore#2204. Signed-off-by: Zachary Newman <zjn@chainguard.dev>
This library: - Is testable. - Is consistent across the CLI. Related to (does not fix) sigstore#2296 and sigstore#2204. Signed-off-by: Zachary Newman <zjn@chainguard.dev>
This library: - Is testable. - Is consistent across the CLI. Related to (does not fix) sigstore#2296 and sigstore#2204. Signed-off-by: Zachary Newman <zjn@chainguard.dev>
This library: - Is testable. - Is consistent across the CLI. Related to (does not fix) sigstore#2296 and sigstore#2204. Signed-off-by: Zachary Newman <zjn@chainguard.dev>
Closes #2131
Authored by @kommendorkapten and @patflynn
Summary
First iteration of the proposed new bundle format for cosign. See
README.mdfor more details. The intent for this PR is not to be merged in this state, it is to start the discussion as decided on the design review meeting at 2022-08-22.Before accepting, make sure these tasks are done:
Release Note
N/A as of now.
Documentation
N/A as of now.