Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support verifying offline Rekor bundles #52

Closed
haydentherapper opened this issue Apr 28, 2022 · 6 comments · Fixed by #247
Closed

Support verifying offline Rekor bundles #52

haydentherapper opened this issue Apr 28, 2022 · 6 comments · Fixed by #247
Assignees
@woodruffw
Labels
enhancement New feature or request
Milestone
1.0

Comments

@haydentherapper
Copy link
Contributor

Description

As described in the specification, a Rekor response can be stored and verified without hitting the log. The client should:

  • Verify the SET
  • Verify that the signature over the blob matches what's in the payload's body
  • Compare the integrated time against the certificate
  • Compare hashes of the Rekor payload body to the provided blob

See code in Cosign for more details.
@haydentherapper haydentherapper added the enhancement New feature or request label Apr 28, 2022
@di di added this to the Stable release (1.0) milestone Apr 28, 2022
@di di mentioned this issue Sep 6, 2022
Closed
@woodruffw
Copy link
Member

Just sketching this out a bit: I think we'll probably want an --offline flag for sigstore verify.

When --offline is passed, sigstore verify will look for {input}.bundle, similar to how it currently looks for {input}.sig and {input}.crt. It'll then verify the contents of that bundle as a Rekor response, rather than hitting the log.

@woodruffw woodruffw self-assigned this Oct 7, 2022
@haydentherapper
Copy link
Contributor Author

Once the bundle contains the sig and crt, should offline be the default?

@woodruffw
Copy link
Member

Once the bundle contains the sig and crt, should offline be the default?

I see no reason why not!

@woodruffw
Copy link
Member

Double-checking myself: do we not do the Merkle inclusion proof for offline bundles? I can't find it in the cosign source code, and it looks like the bundle JSON itself doesn't contain the inclusionProof attribute that Rekor responses normally contain.

@haydentherapper
Copy link
Contributor Author

Correct - The inclusion proof is an alternative to the bundle - https://github.com/sigstore/rekor/blob/main/openapi.yaml#L448-L457

In terms of security properties, they're roughly equivalent. The SET is a "promise" that needs to be verified via an online lookup, and is a commitment by the log since it's signed. The inclusion proof could always be forked (split view attack) and needs to be verified online, and is also a commitment by the log since the proof includes a signed checkpoint/root hash.

@woodruffw
Copy link
Member

In terms of security properties, they're roughly equivalent. The SET is a "promise" that needs to be verified via an online lookup, and is a commitment by the log since it's signed. The inclusion proof could always be forked (split view attack) and needs to be verified online, and is also a commitment by the log since the proof includes a signed checkpoint/root hash.

Makes sense, thank you! I couldn't wrap my head around what an offline inclusion proof would establish anyways, so that explains it neatly.

This was referenced Oct 11, 2022
Merged
Closed
javanlacerda pushed a commit to javanlacerda/sigstore-python that referenced this issue Feb 23, 2024
@tetsuo-cpp
action.py: Specify absolute path in pytest invocation (sigstore#52)
4b6b3c2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@woodruffw woodruffw

Labels
enhancement New feature or request
Projects
None yet
Milestone
1.0
Development

Successfully merging a pull request may close this issue.

Offline Rekor bundle generation and verification sigstore/sigstore-python
3 participants
@di @woodruffw @haydentherapper