Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify not working if the certificate annotation is present and there is no bundle annotation #135

Closed
raulcabello opened this issue Sep 29, 2022 · 2 comments · Fixed by #142
Closed

Verify not working if the certificate annotation is present and there is no bundle annotation #135

raulcabello opened this issue Sep 29, 2022 · 2 comments · Fixed by #142
Assignees
@raulcabello
Labels
bug Something isn't working

Comments

@raulcabello
Copy link
Contributor

raulcabello commented Sep 29, 2022
edited
Loading

Description

Both certificate and bundle are optional parameters when signing with cosign. If the certificate annotation is present and there is no bundle annotation, verification fails with the following error:

2022-09-29T14:56:46.298309Z  INFO sigstore::cosign::signature_layers: Skipping OCI layer because of error error=SigstoreRekorBundleNotFoundError
Image verification failed: No Signature Layer passed verification

This happens when providing a certificate when signing with cosign using a keypair and without enabling COSIGN_EXPERIMENTAL

How to reproduce it?

raulcabm/sigstore-test:1 was signed with cosign and pkcs11. dev.cosignproject.cosign/signature and dev.sigstore.cosign/certificate annotations are present, which is a valid scenario.

crane manifest $(cosign triangulate raulcabm/sigstore-test:1) | jq

{
  "schemaVersion": 2,
  "mediaType": "application/vnd.oci.image.manifest.v1+json",
  "config": {
    "mediaType": "application/vnd.oci.image.config.v1+json",
    "size": 248,
    "digest": "sha256:2d4f0c0130a23ca7ab0aa545aadb91674ba7eef0bb38ebada113b047d6508bad"
  },
  "layers": [
    {
      "mediaType": "application/vnd.dev.cosign.simplesigning.v1+json",
      "size": 254,
      "digest": "sha256:25fa425dace3302722778703a6b4387251af7c3a8513827f05010c0d0785d9f4",
      "annotations": {
        "dev.cosignproject.cosign/signature": "brAE3zRaN0Tcj7P9dcSe0yghHl0ToOqUMm8T2ll8uJLBJGmskDuyRtbZTNy8oNvHL6vvLpmX4SL29o+YGBk4GB+q8EPigvKLVgh3qD8u+7EiWltcDJyj8V/Re6LPdei6BDx5QtvHK4Dfq13Hc3JPlor7vOZkBvfr3LY3t/r9V2G+tE3ge8kvEj1XGPjhiJ5vYezuLZ0pxq1nqp18s+zzYLjTov6JqWflEltmQnZQAoNjfjGEH/4GAbpVZm3AyiBWfgmGqhsV0cdQzroJ6ruPRapIzlKJtg11n+KhtLsEViZE9BoA046E89XKWudKV7VJkcBz4wWlXhhDrQrVuaaqxw==",
        "dev.sigstore.cosign/certificate": "-----BEGIN CERTIFICATE-----\nMIIDETCCAfkCFAqyt8DGE5KXNAOHhfLMbY4bzTIIMA0GCSqGSIb3DQEBCwUAMEUx\nCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\ncm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjIwOTI5MTM1OTE4WhcNMzIwOTMwMTM1\nOTE4WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE\nCgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEA0LWSY//4shTayWKm8U0AOIN6sKh1Umh8eGIT31Wr4ULdWQjz\nraG0bd/tm1zUQjm8DIvzobIKPoZvKZxfN7cBiqCgHhCVwYKjs/4fIWq66dSHLRGD\nw1I6yEKpX+Fq8ZcmyhOmLIyfyh0p0BkRVjoOb0nQNPrNr1pIYd0uCn+GnQAL2dJZ\nAmhx+J5UEb0XF/3PMD7U8rNHj8Ah3NZnrosK51X5c05n8eIJUyEo/IMgmhbiylzO\nYM61yCSehZITCNSBKwEMpt3BENfaO4wGwBwQmou+Yjptdv4UvejrCCkApFmnyj6P\n/ko1Bl/MCF85IGrolKUX6NCGB6AgBSQp0GLYLwIDAQABMA0GCSqGSIb3DQEBCwUA\nA4IBAQAf1WTO1PnkRO1ZxOSLsU0UEXPp4oXQgU4nhC/mWf3Arn89KxB8LJawXKnc\nNWJQLIWGCwPPWMad0LK8yVUT0ZBFMVvOf5il9crmptpkkqLCilvi8mfLqR666pFk\nuFi28IMfz396qu5gSwd4lkJ7oaf9IyivibH+Zo/toXOyPFuaTKlPhS2q8hBtbDl1\nvbgIsC7dGFMQz59XPkqdWjoKsmUbpztIc709zOsvuOcmIwxGEpUc7rtWpdnwTK5f\nmjyRSrvnLQOJnlYBt6qqXTdz56r6rfs0eBi549IPIQ0fyurfzat+xG3TpAeT/f+K\nie75PIN1Zt+t59D6rGb4YPa+qSS6\n-----END CERTIFICATE-----\n"
      }
    }
  ]
}

Verification with cosign is successful, however sigstore-rs returns the SigstoreRekorBundleNotFoundError error. This can be tested with:

cargo run --example verify -- \
  --rekor-pub-key ~/.sigstore/root/targets/rekor.pub \
  --fulcio-cert fulcio.crt.pem  \
  -k pubkey.pem raulcabm/sigstore-test:1

Version

v0.4.0

This issue was raised in kubewarden/verify-image-signatures#20 (comment)
@raulcabello raulcabello added the bug Something isn't working label Sep 29, 2022
@raulcabello raulcabello mentioned this issue Sep 29, 2022
Closed
1 task
@flavio
Copy link
Member

flavio commented Sep 29, 2022

Assigned to @raulcabello, who is already looking into that

@raulcabello
Copy link
Contributor Author

raulcabello commented Sep 30, 2022
edited
Loading

We are always trying to verify that the certificate in the dev.sigstore.cosign/certificate annotation was issued by fulcio inside the from_certificate method. For that we need a bundle, and if the bundle is not found the error SigstoreRekorBundleNotFoundError is returned.

It is possible that this certificate was not issued by fulcio. This certificate can be added when signing with cosign without the COSIGN_EXPERIMENTAL mode.

We can add a flag similar to COSIGN_EXPERIMENTAL to verify certificates with fulcio and rekor. If this flag is not enabled, fulcio validation for the certificate will not be performed. In cosign this validation is performed just if COSIGN_EXPERIMENTAL is enabled. If COSIGN_EXPERIMENTAL is not enabled co.RekorClient is nil

What do you think about this approach?

flavio added a commit to flavio/sigstore-rs that referenced this issue Oct 12, 2022
@flavio
fix: support signatures produced with PKCS11 token
523650e 
The `cosign` tool can produce signatures using a PKCS11 token. These
signatures feature a `certificate` annotation inside of their OCI layer.

However, when `COSIGN_EXPERIMENTAL` is not enabled, the layer will not
feature a Rekor bundle.

Prior to this commit, the code assumed signature layers could have a
`certificate` annotation only when using the Fulcio integration. Because
of that, layers with a `certificate` but without a Rekor bundle were
discarded. That was done to ensure the robustness of keyless
verification.

This commit changes the code that creates `SignatureLayer` objects to not
raise errors when an embedded certificate cannot be verified. Be it
because it has been forged/invalid/etc or because the Rekor bundle is
not found inside of the layer.

The resulting `SignatureLayer` will not be discarded, but it will have
its `certificate_signature` attribute set to `None`.

> **Note:** `SignatureLayer::certificate_signature` was already a `Option`
> before of this commit.

The verification constraints implementing keyless verification will
discard these kind of layers because they do not have a
`certificate_signature`.

However, the public key based verifier will be able to verify the
signature stored inside of the layer.

This solves the following scenario:

> As a user,
> Given Alice signed a container image using a PKCS11 token but without having cosign's Rekor integration enabled
> When verifying the container image signature using the public key associated with the certificate stored on her PKCS11 token
> Then the container image will be reported as successfully verified

Fixes sigstore#135

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
@flavio flavio mentioned this issue Oct 12, 2022
Merged
flavio added a commit to flavio/sigstore-rs that referenced this issue Oct 12, 2022
@flavio
fix: support signatures produced with PKCS11 token
5b1fae7 
The `cosign` tool can produce signatures using a PKCS11 token. These
signatures feature a `certificate` annotation inside of their OCI layer.

However, when `COSIGN_EXPERIMENTAL` is not enabled, the layer will not
feature a Rekor bundle.

Prior to this commit, the code assumed signature layers could have a
`certificate` annotation only when using the Fulcio integration. Because
of that, layers with a `certificate` but without a Rekor bundle were
discarded. That was done to ensure the robustness of keyless
verification.

This commit changes the code that creates `SignatureLayer` objects to not
raise errors when an embedded certificate cannot be verified. Be it
because it has been forged/invalid/etc or because the Rekor bundle is
not found inside of the layer.

The resulting `SignatureLayer` will not be discarded, but it will have
its `certificate_signature` attribute set to `None`.

> **Note:** `SignatureLayer::certificate_signature` was already a `Option`
> before of this commit.

The verification constraints implementing keyless verification will
discard these kind of layers because they do not have a
`certificate_signature`.

However, the public key based verifier will be able to verify the
signature stored inside of the layer.

This solves the following scenario:

> Given Alice signed a container image using a PKCS11 token but without having cosign's Rekor integration enabled
> When verifying the container image signature using the public key associated with the certificate stored on her PKCS11 token
> Then the container image will be reported as successfully verified

Fixes sigstore#135

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@raulcabello raulcabello

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix verification of signatures produced with pki11 flavio/sigstore-rs
2 participants
@flavio @raulcabello