x509: cannot verify signature: insecure algorithm SHA1-RSA

[imjasonh]

Description

From head (95b74db)

$ go test ./pkg/cosign/
--- FAIL: TestValidateAndUnpackCertWithSCT (0.00s)
    verify_test.go:457: ValidateAndUnpackCert expected no error, got err = x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "Certificate Transparency CA")
    verify_test.go:464: ValidateAndUnpackCert expected no error, got err = x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "Certificate Transparency CA")
FAIL
FAIL	github.com/sigstore/cosign/pkg/cosign	1.422s
FAIL

Adding the GODEBUG as suggested makes the test pass:

GODEBUG=x509sha1=1 go test ./pkg/cosign/
ok  	github.com/sigstore/cosign/pkg/cosign	1.367s

$ go version
go version go1.18.2 darwin/arm64

Mostly filing this since I couldn't find any other reference to this in issues or code in any sigstore repo. Has anybody seen this before

edit: see golang/go#41682

[haydentherapper]

Looking into this. Interestingly it fails on 1.18, but not 1.19.

[haydentherapper]

Need to generate new test data for certificate-transparency-go that doesn't use SHA1 for the signing algorithm digest.

[dmitris]

go test -v ./pkg/cosign passes now without GODEBUG=x509sha1=1 on the head version (17cc138) with go1.20.3 - has anything changed? @imjasonh - does it work for you now or not? go test ./... works for me as well.

[imjasonh]

Tests also passed for me at head (17cc138) without the env var set. I assume @haydentherapper updated the test data to not rely on SHA1, and the env var is now unnecessary.

Thanks for trying this @dmitris ! 👍

[haydentherapper]

The tests that need x509sha1 require the sct tag, see https://github.com/sigstore/cosign/blob/main/.github/workflows/tests.yaml#L70-L84. I guess e2e tests don't need the flag.

For anyone working in that part of the code, they need to know to specify that tag when running tests, but for the rest of the code, it's not needed.

[dmitris]

@imjasonh to avoid potential confusion, could you edit the issue description to add the sct tag in the command - go test -tags=sct ./..., please?

go test -tags=sct -failfast ./...
--- FAIL: TestValidateAndUnpackCertWithSCT (0.01s)
    verify_sct_test.go:80: ValidateAndUnpackCert expected no error, got err = cert verification failed: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "Certificate Transparency CA"). Check your TUF root (see cosign initialize) or set a custom root with env var SIGSTORE_ROOT_FILE
    verify_sct_test.go:87: ValidateAndUnpackCert expected no error, got err = cert verification failed: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "Certificate Transparency CA"). Check your TUF root (see cosign initialize) or set a custom root with env var SIGSTORE_ROOT_FILE
FAIL
FAIL	github.com/sigstore/cosign/v2/pkg/cosign	4.311s

The test that fails without GODEBUG=x509sha1=1 is TestValidateAndUnpackCertWithSCT from
https://github.com/sigstore/cosign/blob/main/pkg/cosign/verify_sct_test.go#L40.