Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adds in-toto flavored GPG Key, Signer, and Signature #538

Merged
merged 5 commits into from
Feb 6, 2023

Conversation

PradyumnaKrishna
Copy link
Contributor

@PradyumnaKrishna PradyumnaKrishna commented Jan 27, 2023

Fixes issue #534: Add custom Key, Signer and Signature implementations for in-toto flavored GPG

Description of the changes being introduced by the pull request:

Adds in-toto flavored legacy GPGKey, GPGSigner, and GPGSignature to be used with other Signer implementation added with the DSSE.

DSSE won't support this legacy GPG api but it is useful in supporting old signature wrapper with gpg compatibilities, i.e. Metablock to generate in-toto Metadata and signing with GPG.

This newer GPGSigner and GPGKey implementation provided by securesystemslib utilizes updated metadata formats, that is incompatible with current in-toto signature wrappers.

Hence, these _LegacyGPGSigner and _LegacyGPGKey implementation is provided to continue old wrapper support without any breaking change.

Signed-off-by: Pradyumna Krishna [email protected]

Please verify and check that the pull request fulfills the following
requirements
:

  • The code follows the Code Style Guidelines
  • Tests have been added for the bug fix or new feature
  • Docs have been added for the bug fix or new feature

Adds in-toto flavored legacy GPGKey, GPGSigner, and GPGSignature
to be used with other Signer implementation added with the DSSE.

DSSE won't support this legacy GPG api but it is useful in
supporting old signature wrapper with gpg compatibilities, i.e.
`Metablock` to generate in-toto Metadata and signing with GPG.

This newer `GPGSigner` and `GPGKey` implementation provided by
securesystemslib utilizes updated metadata formats, that is
incompatible with current in-toto signature wrappers.

Hence, these `_LegacyGPGSigner` and `_LegacyGPGKey` implementation
is provided to continue old wrapper support without any breaking
change.

Signed-off-by: Pradyumna Krishna <[email protected]>
Adds testcase to validate the working of _LegacyGPGSigner,
_LegacyGPGKey and _LegacyGPGSignature.

Signed-off-by: Pradyumna Krishna <[email protected]>
@PradyumnaKrishna PradyumnaKrishna marked this pull request as ready for review January 30, 2023 02:44
Copy link
Member

@lukpueh lukpueh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR, @PradyumnaKrishna! Here's a first batch of comments. I'll leave more tomorrow.

gpg.py

<Author>
Lukas Puehringer <[email protected]>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm flattered, but I think you should be the author. :)

)

@classmethod
def from_legacy_dict(cls, key_dict: Dict[str, Any]):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this class needs separate from_dict and from_legacy_dict

Copy link
Contributor Author

@PradyumnaKrishna PradyumnaKrishna Feb 1, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

from_dict is a derived method and pylint throws arguments-differ if I remove keyid argument from it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay, makes sense. _LegacyGPGKey.from_legacy_dict will be the pendant to SSlibKey.from_securesystemslib_key.

Boolean. True if the signature is valid, False otherwise.
"""

return gpg.verify_signature(signature.to_dict(), self.to_dict(), data)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you take a look at verify_signature functions in securesystemslib? They should raise or return None (see e.g. secure-systems-lab/securesystemslib#488)

_LegacyGPGKey verify_signature method returns True if
verification succeeds and False otherwise. This method lacks
information behind the failure in verification. Hence, the
method now returns None if verification passes, and raises an
exception accordingly for the verification failure.

* Tests updated accordingly.

Signed-off-by: Pradyumna Krishna <[email protected]>
Copy link
Member

@lukpueh lukpueh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should work. Thanks, @PradyumnaKrishna!! Let's merge and see how it plays with your dsse PR.

Though, maybe we can first make the module non-public? What do you think about calling it _signer? IMO then it would even be fine to just call the classes GPGSignature, GPGSigner and GPGKey.

Please also address my comments inline and this is good to go.

Comment on lines 119 to 120
The executed base command is defined in
securesystemslib.gpg.constants.GPG_SIGN_COMMAND.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The executed base command is defined in
securesystemslib.gpg.constants.GPG_SIGN_COMMAND.

This constant has changed. I think we can just remove the comment.

with self.assertRaises(VerificationError):
key.verify_signature(signature, self.test_data)

def test_gpg_signer_serialization(self):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor nit: This should be

Suggested change
def test_gpg_signer_serialization(self):
def test_gpg_signature_serialization(self):

Right?

models.gpg apis made non-public and moved to models._signer
All ``_LegacyGPGSignature``, ``_LegacyGPGSigner``, and
``_LegacyGPGKey`` are renamed ``GPGSignature``, ``GPGSigner`` and
``GPGKey`` respectively.

Tests are updated accordingly.

Signed-off-by: Pradyumna Krishna <[email protected]>
Copy link
Member

@lukpueh lukpueh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cheers! 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants