Cannot verify Nvidia container signature #21427

mattdibi · 2024-01-30T09:21:08Z

mattdibi
Jan 30, 2024

As per title I'm not able to properly verify the signature of a container image by Nvidia.

As per Nvidia documentation they use Sigstore's Cosign for container image signature verification. Therefore I expect podman-image-trust to be able to perform the signature verification (please correct me on this).

I'm on RHEL9.3 (podman version 4.6.1) and following this document here.

Following the setup instruction I have the following:

File /etc/containers/registries.d/default.yaml

docker:
    nvcr.io:
        use-sigstore-attachments: true

I set the default policy with:

sudo podman image trust set -t reject default

While /etc/containers/policy.json contains:

"transports": {
        "docker": {
            "nvcr.io/nvidia/deepstream": [
                {
                    "type": "sigstoreSigned",
                    "keyPath": "/path/to/nvidia-key.pub"
                }
            ],
...

Complete policy file

{
    "default": [
        {
            "type": "reject"
        }
    ],
    "transports": {
        "docker": {
            "nvcr.io/nvidia/deepstream": [
                {
                    "type": "sigstoreSigned",
                    "keyPath": "/home/rhel9/Desktop/nvidia-key.pub",
		    "signedIdentity": {"type":"matchRepoDigestOrExact"}
                }
            ],
            "registry.access.redhat.com": [
                {
                    "type": "signedBy",
                    "keyType": "GPGKeys",
                    "keyPaths": [
                        "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release",
                        "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta"
                    ]
                }
            ],
            "registry.redhat.io": [
                {
                    "type": "signedBy",
                    "keyType": "GPGKeys",
                    "keyPaths": [
                        "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release",
                        "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta"
                    ]
                }
            ]
        },
        "docker-daemon": {
            "": [
                {
                    "type": "insecureAcceptAnything"
                }
            ]
        }
    }
}

Where nvidia-key.pub is the key provided by Nvidia in their NGC Catalog and that I downloaded with:

wget https://api.ngc.nvidia.com/v2/catalog/containers/public-key -O nvidia-key.pub

The link is https://api.ngc.nvidia.com/v2/catalog/containers/public-key

When I try to pull unsigned images I get the expected output:

[rhel9@localhost Desktop]$ podman pull nvcr.io/nvidia/deepstream:6.2-iot
Trying to pull nvcr.io/nvidia/deepstream:6.2-iot...
Error: Source image rejected: A signature was required, but no signature exists

... but when I try to pull the signed image I get:

[rhel9@localhost Desktop]$ podman pull nvcr.io/nvidia/deepstream:6.3-samples
Trying to pull nvcr.io/nvidia/deepstream:6.3-samples...
Error: Source image rejected: None of the signatures were accepted, reasons: Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted

Full debug log

[rhel9@localhost Desktop]$ podman pull nvcr.io/nvidia/deepstream:6.3-samples
Error: invalid policy in "/etc/containers/policy.json": invalid character '{' looking for beginning of object key string
[rhel9@localhost Desktop]$ podman pull nvcr.io/nvidia/deepstream:6.3-samples
Trying to pull nvcr.io/nvidia/deepstream:6.3-samples...
Error: Source image rejected: None of the signatures were accepted, reasons: Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted
[rhel9@localhost Desktop]$ podman pull nvcr.io/nvidia/deepstream:6.3-samples
Trying to pull nvcr.io/nvidia/deepstream:6.3-samples...
Error: Source image rejected: reading signature from https://canary.nvcr.io/nvidia/deepstream/nvidia/deepstream@sha256=702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102/signature-1: status 401 (Unauthorized)
[rhel9@localhost Desktop]$ podman pull nvcr.io/nvidia/deepstream:6.3-samples
Trying to pull nvcr.io/nvidia/deepstream:6.3-samples...
Error: Source image rejected: reading signature from https://nvcr.io/nvidia/deepstream/nvidia/deepstream@sha256=702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102/signature-1: status 401 (Unauthorized)
[rhel9@localhost Desktop]$ podman --log-level debug pull nvcr.io/nvidia/deepstream:6.3-samples
INFO[0000] podman filtering at log level debug
DEBU[0000] Called pull.PersistentPreRunE(podman --log-level debug pull nvcr.io/nvidia/deepstream:6.3-samples)
DEBU[0000] Using conmon: "/usr/bin/conmon"
DEBU[0000] Initializing boltdb state at /home/rhel9/.local/share/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver overlay
DEBU[0000] Using graph root /home/rhel9/.local/share/containers/storage
DEBU[0000] Using run root /run/user/1000/containers
DEBU[0000] Using static dir /home/rhel9/.local/share/containers/storage/libpod
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
DEBU[0000] Using volume path /home/rhel9/.local/share/containers/storage/volumes
DEBU[0000] Using transient store: false
DEBU[0000] [graphdriver] trying provided driver "overlay"
DEBU[0000] Cached value indicated that overlay is supported
DEBU[0000] Cached value indicated that overlay is supported
DEBU[0000] Cached value indicated that metacopy is not being used
DEBU[0000] Cached value indicated that native-diff is usable
DEBU[0000] backingFs=xfs, projectQuotaSupported=false, useNativeDiff=true, usingMetacopy=false
DEBU[0000] Initializing event backend journald
DEBU[0000] Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument
DEBU[0000] Configured OCI runtime krun initialization failed: no valid executable found for OCI runtime krun: invalid argument
DEBU[0000] Configured OCI runtime crun-wasm initialization failed: no valid executable found for OCI runtime crun-wasm: invalid argument
DEBU[0000] Configured OCI runtime runc initialization failed: no valid executable found for OCI runtime runc: invalid argument
DEBU[0000] Configured OCI runtime runj initialization failed: no valid executable found for OCI runtime runj: invalid argument
DEBU[0000] Configured OCI runtime ocijail initialization failed: no valid executable found for OCI runtime ocijail: invalid argument
DEBU[0000] Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument
DEBU[0000] Configured OCI runtime youki initialization failed: no valid executable found for OCI runtime youki: invalid argument
DEBU[0000] Using OCI runtime "/usr/bin/crun"
INFO[0000] Setting parallel job count to 7
DEBU[0000] Pulling image nvcr.io/nvidia/deepstream:6.3-samples (policy: always)
DEBU[0000] Looking up image "nvcr.io/nvidia/deepstream:6.3-samples" in local containers storage
DEBU[0000] Normalized platform linux/amd64 to {amd64 linux  [] }
DEBU[0000] Trying "nvcr.io/nvidia/deepstream:6.3-samples" ...
DEBU[0000] reference "[overlay@/home/rhel9/.local/share/containers/storage+/run/user/1000/containers]nvcr.io/nvidia/deepstream:6.3-samples" does not resolve to an image ID
DEBU[0000] Trying "nvcr.io/nvidia/deepstream:6.3-samples" ...
DEBU[0000] reference "[overlay@/home/rhel9/.local/share/containers/storage+/run/user/1000/containers]nvcr.io/nvidia/deepstream:6.3-samples" does not resolve to an image ID
DEBU[0000] Trying "nvcr.io/nvidia/deepstream:6.3-samples" ...
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf"
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf.d/000-shortnames.conf"
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf.d/001-rhel-shortnames.conf"
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf.d/002-rhel-shortnames-overrides.conf"
DEBU[0000] Normalized platform linux/amd64 to {amd64 linux  [] }
DEBU[0000] Attempting to pull candidate nvcr.io/nvidia/deepstream:6.3-samples for nvcr.io/nvidia/deepstream:6.3-samples
DEBU[0000] parsed reference into "[overlay@/home/rhel9/.local/share/containers/storage+/run/user/1000/containers]nvcr.io/nvidia/deepstream:6.3-samples"
Trying to pull nvcr.io/nvidia/deepstream:6.3-samples...
DEBU[0000] Copying source image //nvcr.io/nvidia/deepstream:6.3-samples to destination image [overlay@/home/rhel9/.local/share/containers/storage+/run/user/1000/containers]nvcr.io/nvidia/deepstream:6.3-samples
DEBU[0000] Using registries.d directory /etc/containers/registries.d
DEBU[0000] Trying to access "nvcr.io/nvidia/deepstream:6.3-samples"
DEBU[0000] No credentials matching nvcr.io/nvidia/deepstream found in /run/user/1000/containers/auth.json
DEBU[0000] No credentials matching nvcr.io/nvidia/deepstream found in /home/rhel9/.config/containers/auth.json
DEBU[0000] No credentials matching nvcr.io/nvidia/deepstream found in /home/rhel9/.docker/config.json
DEBU[0000] No credentials matching nvcr.io/nvidia/deepstream found in /home/rhel9/.dockercfg
DEBU[0000] No credentials for nvcr.io/nvidia/deepstream found
DEBU[0000]  Lookaside configuration: using "docker" namespace nvcr.io
DEBU[0000]  No signature storage configuration found for nvcr.io/nvidia/deepstream:6.3-samples, using built-in default file:///home/rhel9/.local/share/containers/sigstore
DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/nvcr.io
DEBU[0000]  Sigstore attachments: using "docker" namespace nvcr.io
DEBU[0000] GET https://nvcr.io/v2/
DEBU[0000] Ping https://nvcr.io/v2/ status 401
DEBU[0000] GET https://nvcr.io/proxy_auth?scope=repository%3Anvidia%2Fdeepstream%3Apull
DEBU[0001] GET https://nvcr.io/v2/nvidia/deepstream/manifests/6.3-samples
DEBU[0001] Content-Type from manifest GET is "application/vnd.docker.distribution.manifest.v2+json"
DEBU[0001] Using blob info cache at /home/rhel9/.local/share/containers/cache/blob-info-cache-v1.boltdb
DEBU[0001] IsRunningImageAllowed for image docker:nvcr.io/nvidia/deepstream:6.3-samples
DEBU[0001]  Using transport "docker" specific policy section nvcr.io/nvidia/deepstream
DEBU[0001] Reading /home/rhel9/.local/share/containers/sigstore/nvidia/deepstream@sha256=702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102/signature-1
DEBU[0001] Looking for sigstore attachments in nvcr.io/nvidia/deepstream:sha256-702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102.sig
DEBU[0001] GET https://nvcr.io/v2/nvidia/deepstream/manifests/sha256-702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102.sig
DEBU[0002] Content-Type from manifest GET is "application/vnd.oci.image.manifest.v1+json"
DEBU[0002] Found a sigstore attachment manifest with 4 layers
DEBU[0002] Fetching sigstore attachment 1/4: sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0002] Downloading /v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0002] GET https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0002] Fetching sigstore attachment 2/4: sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0002] Downloading /v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0002] GET https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0002] Fetching sigstore attachment 3/4: sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0002] Downloading /v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0002] GET https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0003] Fetching sigstore attachment 4/4: sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0003] Downloading /v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0003] GET https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
DEBU[0003] Requirement 0: denied, done
DEBU[0003] Error pulling candidate nvcr.io/nvidia/deepstream:6.3-samples: Source image rejected: None of the signatures were accepted, reasons: Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted
Error: Source image rejected: None of the signatures were accepted, reasons: Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted; Signature for identity canary.nvcr.io/nvidia/deepstream is not accepted
DEBU[0003] Shutting down engines

Is there anything wrong with my setup? Am I missing something (for example in my assumption of this being supposed to work?). Is the output a symptom of a mirror? I tried following the containers-policy.json documentation for handling mirrors but without success...

For context here's the Cosign debug log (please take note of the --insecure-ignore-tlog option used in the cosign command):

./cosign-linux-amd64 verify --insecure-ignore-tlog --key https://api.ngc.nvidia.com/v2/catalog/containers/public-key nvcr.io/nvidia/deepstream:6.3-samples

Cosign debug log

WARNING: Skipping tlog verification is an insecure practice that lacks of transparency and auditability verification for the signature.
2024/01/30 13:16:57 --> GET https://nvcr.io/v2/
2024/01/30 13:16:57 GET /v2/ HTTP/1.1
Host: nvcr.io
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Accept-Encoding: gzip


2024/01/30 13:16:58 <-- 401 https://nvcr.io/v2/ (903.998644ms)
2024/01/30 13:16:58 HTTP/2.0 401 Unauthorized
Content-Length: 179
Content-Type: text/html
Date: Tue, 30 Jan 2024 13:16:58 GMT
Docker-Distribution-Api-Version: registry/2.0
Server: nginx/1.22.1
Www-Authenticate: Bearer realm="https://nvcr.io/proxy_auth",scope=""

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

2024/01/30 13:16:58 --> GET https://nvcr.io/proxy_auth?scope=repository%3Anvidia%2Fdeepstream%3Apull&service= [body redacted: basic token response contains credentials]
2024/01/30 13:16:58 GET /proxy_auth?scope=repository%3Anvidia%2Fdeepstream%3Apull&service= HTTP/1.1
Host: nvcr.io
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Accept-Encoding: gzip


2024/01/30 13:16:58 <-- 200 https://nvcr.io/proxy_auth?scope=repository%3Anvidia%2Fdeepstream%3Apull&service= (466.722179ms) [body redacted: basic token response contains credentials]
2024/01/30 13:16:58 HTTP/2.0 200 OK
Connection: close
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Tue, 30 Jan 2024 13:16:58 GMT
Expires: 0
Pragma: no-cache
Server: nginx/1.22.1
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 0


2024/01/30 13:16:58 --> GET https://nvcr.io/v2/nvidia/deepstream/manifests/6.3-samples
2024/01/30 13:16:58 GET /v2/nvidia/deepstream/manifests/6.3-samples HTTP/1.1
Host: nvcr.io
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Accept: application/vnd.docker.distribution.manifest.v1+json,application/vnd.docker.distribution.manifest.v1+prettyjws,application/vnd.docker.distribution.manifest.v2+json,application/vnd.oci.image.manifest.v1+json,application/vnd.docker.distribution.manifest.list.v2+json,application/vnd.oci.image.index.v1+json
Authorization: <redacted>
Accept-Encoding: gzip


2024/01/30 13:16:58 <-- 200 https://nvcr.io/v2/nvidia/deepstream/manifests/6.3-samples (380.171752ms)
2024/01/30 13:16:58 HTTP/2.0 200 OK
Content-Length: 6176
Content-Type: application/vnd.docker.distribution.manifest.v2+json
Date: Tue, 30 Jan 2024 13:16:58 GMT
Docker-Content-Digest: sha256:702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102
Docker-Distribution-Api-Version: registry/2.0
Etag: "sha256:702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102"
Server: nginx/1.22.1
X-Content-Type-Options: nosniff

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 25879,
      "digest": "sha256:5f29bebf25dcca88aa5940a41c2cc7cbdb7d815737e904f45dd5f1ac59cf7fc6"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 28580519,
         "digest": "sha256:f0412dfb1aaea4892c13dab6f771bcd79641a4bdcb521ce881f5dcfc0df9a7a5"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 7943135,
         "digest": "sha256:c47d20236835e25bd38014cb52a2d5bd6ed1ba17d1b60866e5f04edea13a9438"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 55728290,
         "digest": "sha256:1b69bdafde25578c962f123e89430e887d48073725ac2fb81171c2f5bf829751"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 185,
         "digest": "sha256:c3ae6280fca3ea4d1ac177f807c2f5a744ddfb6a42956dc776af32876e2bdd6c"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 6881,
         "digest": "sha256:8da36c68c047bb7846084442ee03acdf85d5d52d6528ea73f22e0069756618d4"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1329001783,
         "digest": "sha256:ec38becd2e0055017833ce73bf85cd0fa1608330b1f62695eb8627d399988974"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 62482,
         "digest": "sha256:402547329f82ee82a7db3a250172ac6fa145767126aba03e6e6febe3bd646c25"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1683,
         "digest": "sha256:48f62bb746efced18e2af9c31df17dec12f1d83109dc1c24bff83d94a82d7fa1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1521,
         "digest": "sha256:4ff940e06896747eeac1e2e2465ba6bb6554ac3796424bdef45702ef9a403a96"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 61304340,
         "digest": "sha256:73953b3d4d082c3230d258bfcbae39768e11667ca7a69bc8440d09b51b81e35b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 2309835,
         "digest": "sha256:3df140e9d7d8efb28950f890e060d394d94f818e185432d7aeab3034fb7dfce5"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 169404376,
         "digest": "sha256:93ccef9f34c6912edc3077cdb1defcc7c3f43cc6e0c20693e6ac969be565c7a9"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 3990827985,
         "digest": "sha256:1f1a55f0576a9747319f6d5f063bb2d84c8d46f16e2a805b18f474965bdd8f89"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 301,
         "digest": "sha256:4eed408e0051b6421c081ed5f299d4dd2c70c74ea2e3c91c665244d97a9557db"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 188,
         "digest": "sha256:830754430e212e6f772bd78e43c45fbea470f237953c5f6998036f542f2f11f4"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 323,
         "digest": "sha256:7330ead743c97563ca712cb2d8ba79ba5d43cb90233ccf6f46582d818962f709"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 356,
         "digest": "sha256:a0e30500daa29b444960bf0f4d87c9b1bb683d326611c3fb40accfa7c720a090"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 894,
         "digest": "sha256:5ff0fcacb301f8a81b52c2087dc3b891bc0b2b78dcf73ff3c4572e19607428a2"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 107226156,
         "digest": "sha256:deb68f4eb2ad4e96cb57910eda10790fe2ccba6d47c0dc51c425bd1838721ba5"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 141,
         "digest": "sha256:59326ea0a622fc836516ed94a33ac0d9677048eb89a85a768b0f98b7993ed73c"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 16106,
         "digest": "sha256:70497debbbbd84ac34f6e43c1d5cfbd191ba82b92fbca68504e89caf220ac333"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 223,
         "digest": "sha256:dc5f992c44e1d938c2a4bec6dce00d98e5c9e7e596531640b570573a0eff4f6c"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 215,
         "digest": "sha256:abffb3f1b661eb49f1574a33cb2b492a05e8b80f99cf1ecccdff02fa4ab974f5"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 234,
         "digest": "sha256:1edf8a6826a968349e66dd44f375bbb495c2e0bfc68caa9d3bf3e1e1ace8ef5f"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 323,
         "digest": "sha256:47027df9e47b86e6c427482701c22d2a12bae8759350c0f498f2fecf1bb928a1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 413,
         "digest": "sha256:fbd98f7a771f0a11a539d9dcf4d13b00eb63458aa44afb54781f925d02dd3f5e"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 901244616,
         "digest": "sha256:0480a95d519c72c4373abdf955b9c17b6c4b16149e9ef819aa950be7cd9b3db9"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 124,
         "digest": "sha256:90746d271c30c108a990ac6ef8eec0aa356bd9d0f3e7e767b56e2b4b58fd3827"
      }
   ]
}
2024/01/30 13:16:58 --> GET https://nvcr.io/v2/nvidia/deepstream/manifests/sha256-702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102.sig
2024/01/30 13:16:58 GET /v2/nvidia/deepstream/manifests/sha256-702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102.sig HTTP/1.1
Host: nvcr.io
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Accept: application/vnd.docker.distribution.manifest.v1+json,application/vnd.docker.distribution.manifest.v1+prettyjws,application/vnd.docker.distribution.manifest.v2+json,application/vnd.oci.image.manifest.v1+json,application/vnd.docker.distribution.manifest.list.v2+json,application/vnd.oci.image.index.v1+json
Authorization: <redacted>
Accept-Encoding: gzip


2024/01/30 13:16:59 <-- 200 https://nvcr.io/v2/nvidia/deepstream/manifests/sha256-702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102.sig (368.251644ms)
2024/01/30 13:16:59 HTTP/2.0 200 OK
Content-Length: 1507
Content-Type: application/vnd.oci.image.manifest.v1+json
Date: Tue, 30 Jan 2024 13:16:59 GMT
Docker-Content-Digest: sha256:420afe246e48704a6eca478e02c1b0d49b18a09188e8865995a49699b4b12a22
Docker-Distribution-Api-Version: registry/2.0
Etag: "sha256:420afe246e48704a6eca478e02c1b0d49b18a09188e8865995a49699b4b12a22"
Server: nginx/1.22.1
X-Content-Type-Options: nosniff

{"schemaVersion":2,"mediaType":"application/vnd.oci.image.manifest.v1+json","config":{"mediaType":"application/vnd.oci.image.config.v1+json","size":570,"digest":"sha256:647f8b0db008ced50347628e300bdd27428e57b48e1fa571312b7c46701a5b39"},"layers":[{"mediaType":"application/vnd.dev.cosign.simplesigning.v1+json","size":249,"digest":"sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0","annotations":{"dev.cosignproject.cosign/signature":"MEYCIQCMJSgeJVvDsTWoJyi1wwv2O4v0JiipdQy2+L6oIx68+AIhAPbpamO6dpsC\nWq/N5A8iIzzzZpg+uZZ0b0etbVNUJd2e\n"}},{"mediaType":"application/vnd.dev.cosign.simplesigning.v1+json","size":249,"digest":"sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0","annotations":{"dev.cosignproject.cosign/signature":"MEYCIQCALNwxdtU71h7/fZUYrIyxhd3426jGSiV8Js9r3GpkbAIhALdtGc3X29AH\n4pm9wEg5HtfldHSdUGW3hf2RDHrJe3LX\n"}},{"mediaType":"application/vnd.dev.cosign.simplesigning.v1+json","size":249,"digest":"sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0","annotations":{"dev.cosignproject.cosign/signature":"MEQCIBSKaPpY2DMGsPs+2XH9oU7e3jclPAzFkbpukglgHqN5AiBAqI/mkjVubCbR\nIoiCMm5yARlF3Dw+h+SycrHOVJgO+w==\n"}},{"mediaType":"application/vnd.dev.cosign.simplesigning.v1+json","size":249,"digest":"sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0","annotations":{"dev.cosignproject.cosign/signature":"MEUCIBJuCaj3CIT0GDoXea4EEVBetnoeM06xAiDAstc6Buo0AiEA1hHVhVmHkfVY\nGN/1RGyb7sj3x+Z+DnLWj6eEyDqHYXY=\n"}}]}
2024/01/30 13:16:59 --> GET https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 --> GET https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 --> GET https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 GET /v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 HTTP/1.1
Host: nvcr.io
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Authorization: <redacted>
Accept-Encoding: gzip


2024/01/30 13:16:59 GET /v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 HTTP/1.1
Host: nvcr.io
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Authorization: <redacted>
Accept-Encoding: gzip


2024/01/30 13:16:59 --> GET https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 GET /v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 HTTP/1.1
Host: nvcr.io
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Authorization: <redacted>
Accept-Encoding: gzip


2024/01/30 13:16:59 GET /v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 HTTP/1.1
Host: nvcr.io
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Authorization: <redacted>
Accept-Encoding: gzip


2024/01/30 13:16:59 <-- 307 https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 (196.499447ms) [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 HTTP/2.0 307 Temporary Redirect
Content-Type: application/octet-stream
Date: Tue, 30 Jan 2024 13:16:59 GMT
Docker-Distribution-Api-Version: registry/2.0
Location: https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619
Server: nginx/1.22.1
X-Content-Type-Options: nosniff
Content-Length: 0


2024/01/30 13:16:59 --> GET https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 GET /containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 HTTP/1.1
Host: ngc.download.nvidia.com
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Referer: https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
Accept-Encoding: gzip


2024/01/30 13:16:59 <-- 307 https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 (202.787781ms) [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 HTTP/2.0 307 Temporary Redirect
Content-Type: application/octet-stream
Date: Tue, 30 Jan 2024 13:16:59 GMT
Docker-Distribution-Api-Version: registry/2.0
Location: https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619
Server: nginx/1.22.1
X-Content-Type-Options: nosniff
Content-Length: 0


2024/01/30 13:16:59 --> GET https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 <-- 307 https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 (202.689152ms) [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 HTTP/2.0 307 Temporary Redirect
Content-Type: application/octet-stream
Date: Tue, 30 Jan 2024 13:16:59 GMT
Docker-Distribution-Api-Version: registry/2.0
Location: https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619
Server: nginx/1.22.1
X-Content-Type-Options: nosniff
Content-Length: 0


2024/01/30 13:16:59 --> GET https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 GET /containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 HTTP/1.1
Host: ngc.download.nvidia.com
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Referer: https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
Accept-Encoding: gzip


2024/01/30 13:16:59 GET /containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 HTTP/1.1
Host: ngc.download.nvidia.com
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Referer: https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
Accept-Encoding: gzip


2024/01/30 13:16:59 <-- 307 https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0 (202.965803ms) [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 HTTP/2.0 307 Temporary Redirect
Content-Type: application/octet-stream
Date: Tue, 30 Jan 2024 13:16:59 GMT
Docker-Distribution-Api-Version: registry/2.0
Location: https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619
Server: nginx/1.22.1
X-Content-Type-Options: nosniff
Content-Length: 0


2024/01/30 13:16:59 --> GET https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 GET /containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 HTTP/1.1
Host: ngc.download.nvidia.com
User-Agent: cosign/v2.2.2 (linux; amd64) go-containerregistry/v0.17.0
Referer: https://nvcr.io/v2/nvidia/deepstream/blobs/sha256:107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0
Accept-Encoding: gzip


2024/01/30 13:16:59 <-- 200 https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 (86.072857ms) [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 HTTP/2.0 200 OK
Content-Length: 249
Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/octet-stream
Date: Tue, 30 Jan 2024 13:16:59 GMT
Etag: "bbb653c22386f68d3328a88a10fb5b04"
Expires: Tue, 30 Jan 2024 13:16:59 GMT
Last-Modified: Tue, 08 Aug 2023 16:47:28 GMT
Pragma: no-cache
Server: AmazonS3
X-Amz-Id-2: hj+bClM6TdNVtE5On4NM0Ph1Hhcx/EDUQq+ixnHlXaBj0vJLIxO58p1JZPKXaYUeM4cSK5XI94M=
X-Amz-Replication-Status: COMPLETED
X-Amz-Request-Id: K0CCWEBZ3RTQ1P14
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: Hun0Spo2iilhcQpMSVOxK.HsOXKo9OLw


2024/01/30 13:16:59 <-- 200 https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 (86.672869ms) [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 HTTP/2.0 200 OK
Content-Length: 249
Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/octet-stream
Date: Tue, 30 Jan 2024 13:16:59 GMT
Etag: "bbb653c22386f68d3328a88a10fb5b04"
Expires: Tue, 30 Jan 2024 13:16:59 GMT
Last-Modified: Tue, 08 Aug 2023 16:47:28 GMT
Pragma: no-cache
Server: AmazonS3
X-Amz-Id-2: hj+bClM6TdNVtE5On4NM0Ph1Hhcx/EDUQq+ixnHlXaBj0vJLIxO58p1JZPKXaYUeM4cSK5XI94M=
X-Amz-Replication-Status: COMPLETED
X-Amz-Request-Id: K0CCWEBZ3RTQ1P14
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: Hun0Spo2iilhcQpMSVOxK.HsOXKo9OLw


2024/01/30 13:16:59 <-- 200 https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 (93.031487ms) [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 HTTP/2.0 200 OK
Content-Length: 249
Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/octet-stream
Date: Tue, 30 Jan 2024 13:16:59 GMT
Etag: "bbb653c22386f68d3328a88a10fb5b04"
Expires: Tue, 30 Jan 2024 13:16:59 GMT
Last-Modified: Tue, 08 Aug 2023 16:47:28 GMT
Pragma: no-cache
Server: AmazonS3
X-Amz-Id-2: hj+bClM6TdNVtE5On4NM0Ph1Hhcx/EDUQq+ixnHlXaBj0vJLIxO58p1JZPKXaYUeM4cSK5XI94M=
X-Amz-Replication-Status: COMPLETED
X-Amz-Request-Id: K0CCWEBZ3RTQ1P14
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: Hun0Spo2iilhcQpMSVOxK.HsOXKo9OLw


2024/01/30 13:16:59 <-- 200 https://ngc.download.nvidia.com/containers/registry//docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data?ak-token=exp=1706621819~acl=/containers/registry/docker/registry/v2/blobs/sha256/10/107ee1d7adfd79c69466a0cc22003753dcd9bed0a4e2e55b9f535f317cfc18b0/data*~hmac=941dbf3012902607c9e186bb9f1603987230bd85640493b68897a125247d3619 (87.817883ms) [body redacted: omitting binary blobs from logs]
2024/01/30 13:16:59 HTTP/2.0 200 OK
Content-Length: 249
Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/octet-stream
Date: Tue, 30 Jan 2024 13:16:59 GMT
Etag: "bbb653c22386f68d3328a88a10fb5b04"
Expires: Tue, 30 Jan 2024 13:16:59 GMT
Last-Modified: Tue, 08 Aug 2023 16:47:28 GMT
Pragma: no-cache
Server: AmazonS3
X-Amz-Id-2: hj+bClM6TdNVtE5On4NM0Ph1Hhcx/EDUQq+ixnHlXaBj0vJLIxO58p1JZPKXaYUeM4cSK5XI94M=
X-Amz-Replication-Status: COMPLETED
X-Amz-Request-Id: K0CCWEBZ3RTQ1P14
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: Hun0Spo2iilhcQpMSVOxK.HsOXKo9OLw



Verification for nvcr.io/nvidia/deepstream:6.3-samples --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

[
    {
        "critical": {
            "identity": {
                "docker-reference": "canary.nvcr.io/nvidia/deepstream"
            },
            "image": {
                "docker-manifest-digest": "sha256:702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102"
            },
            "type": "cosign container image signature"
        },
        "optional": null
    },
    {
        "critical": {
            "identity": {
                "docker-reference": "canary.nvcr.io/nvidia/deepstream"
            },
            "image": {
                "docker-manifest-digest": "sha256:702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102"
            },
            "type": "cosign container image signature"
        },
        "optional": null
    },
    {
        "critical": {
            "identity": {
                "docker-reference": "canary.nvcr.io/nvidia/deepstream"
            },
            "image": {
                "docker-manifest-digest": "sha256:702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102"
            },
            "type": "cosign container image signature"
        },
        "optional": null
    },
    {
        "critical": {
            "identity": {
                "docker-reference": "canary.nvcr.io/nvidia/deepstream"
            },
            "image": {
                "docker-manifest-digest": "sha256:702912b959b8905a5632f6b0b9676e1dcecdfcd478e7fffb04138a6f9798f102"
            },
            "type": "cosign container image signature"
        },
        "optional": null
    }
]

Answered by mattdibi

Jan 30, 2024

Apparently it was a configuration issue on my end. The correct /etc/containers/policy.json file is:

"nvcr.io/nvidia/deepstream": [
    {
        "type": "sigstoreSigned",
        "keyPath": "/path/to/nvidia-key.pub",
        "signedIdentity": {
            "type":"exactRepository",
            "dockerRepository": "canary.nvcr.io/nvidia/deepstream"
        }
    }
],

I admit I only partially understand what happened here (looks like Nvidia is using a different identity for signing? Feel free to correct me on this) but everything is working as expected:

Unsigned image

[rhel9@localhost Desktop]$ podman pull nvcr.io/nvidia/deepstream:6.2-iot
Trying to pull nvcr.io/nvidia/deepstream:6.2-iot...…

View full answer

mattdibi · 2024-01-30T14:00:35Z

mattdibi
Jan 30, 2024
Author

Apparently it was a configuration issue on my end. The correct /etc/containers/policy.json file is:

"nvcr.io/nvidia/deepstream": [
    {
        "type": "sigstoreSigned",
        "keyPath": "/path/to/nvidia-key.pub",
        "signedIdentity": {
            "type":"exactRepository",
            "dockerRepository": "canary.nvcr.io/nvidia/deepstream"
        }
    }
],

I admit I only partially understand what happened here (looks like Nvidia is using a different identity for signing? Feel free to correct me on this) but everything is working as expected:

Unsigned image

[rhel9@localhost Desktop]$ podman pull nvcr.io/nvidia/deepstream:6.2-iot
Trying to pull nvcr.io/nvidia/deepstream:6.2-iot...
Error: Source image rejected: A signature was required, but no signature exists

Signed image

[rhel9@localhost Desktop]$ podman  pull nvcr.io/nvidia/deepstream:6.3-samples
Trying to pull nvcr.io/nvidia/deepstream:6.3-samples...
Getting image source signatures
Checking if image destination supports signatures
Copying blob ec38becd2e00 [=>------------------------------------] 54.8MiB / 1.2GiB
Copying blob f0412dfb1aae done

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Cannot verify Nvidia container signature #21427

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Cannot verify Nvidia container signature #21427

Uh oh!

Uh oh!

mattdibi Jan 30, 2024

Replies: 1 comment

Uh oh!

mattdibi Jan 30, 2024 Author

mattdibi
Jan 30, 2024

mattdibi
Jan 30, 2024
Author