Unify Rekor v1 and v2 verifiers

Signed-off-by: Aaron Lew <[email protected]>

Author: aaronlew02

sigstore-java/src/main/java/dev/sigstore/rekor/client/RekorVerifier.java

@@ -20,6 +20,7 @@
 import dev.sigstore.merkle.InclusionProofVerificationException;
 import dev.sigstore.merkle.InclusionProofVerifier;
 import dev.sigstore.rekor.client.RekorEntry.Checkpoint;
+import dev.sigstore.rekor.client.RekorEntry.CheckpointSignature;
 import dev.sigstore.trustroot.SigstoreTrustedRoot;
 import dev.sigstore.trustroot.TransparencyLog;
 import java.nio.charset.StandardCharsets;
@@ -31,6 +32,7 @@
 import java.util.Arrays;
 import java.util.Base64;
 import java.util.List;
+import java.util.Optional;
 import org.bouncycastle.util.encoders.Hex;
 
 /** Verifier for rekor entries. */
@@ -50,42 +52,39 @@ private RekorVerifier(List<TransparencyLog> tlogs) {
   }
 
   /**
-   * Verify that a Rekor Entry is signed with the rekor public key loaded into this verifier
+   * Verifies a Rekor entry by checking the inclusion proof and checkpoint against the configured
+   * transparency logs. For v1 entries, it also verifies the Signed Entry Timestamp (SET).
    *
-   * @param entry the entry to verify
-   * @throws RekorVerificationException if the entry cannot be verified
+   * @param entry The RekorEntry to verify.
+   * @throws RekorVerificationException if the entry cannot be verified for any reason, such as an
+   *     invalid proof or signature.
    */
   public void verifyEntry(RekorEntry entry) throws RekorVerificationException {
-    if (entry.getVerification() == null) {
-      throw new RekorVerificationException("No verification information in entry.");
-    }
-
-    if (entry.getVerification().getSignedEntryTimestamp() == null) {
-      throw new RekorVerificationException("No signed entry timestamp found in entry.");
+    if (entry.getVerification().getInclusionProof() == null) {
+      throw new RekorVerificationException("No inclusion proof in entry.");
     }
 
     var tlog =
-        TransparencyLog.find(tlogs, Hex.decode(entry.getLogID()), entry.getIntegratedTimeInstant())
+        TransparencyLog.find(tlogs, Hex.decode(entry.getLogID()))
             .orElseThrow(
                 () ->
                     new RekorVerificationException(
-                        "Log entry (logid, timestamp) does not match any provided transparency logs."));
-
-    try {
-      var verifier = Verifiers.newVerifier(tlog.getPublicKey().toJavaPublicKey());
-      if (!verifier.verify(
-          entry.getSignableContent(),
-          Base64.getDecoder().decode(entry.getVerification().getSignedEntryTimestamp()))) {
-        throw new RekorVerificationException("Entry SET was not valid");
+                        "Log entry (logid) does not match any provided transparency logs."));
+
+    if (entry.getVerification().getSignedEntryTimestamp() != null) {
+      try {
+        var verifier = Verifiers.newVerifier(tlog.getPublicKey().toJavaPublicKey());
+        if (!verifier.verify(
+            entry.getSignableContent(),
+            Base64.getDecoder().decode(entry.getVerification().getSignedEntryTimestamp()))) {
+          throw new RekorVerificationException("Entry SET was not valid");
+        }
+      } catch (InvalidKeySpecException
+          | InvalidKeyException
+          | SignatureException
+          | NoSuchAlgorithmException e) {
+        throw new RekorVerificationException("Entry SET verification failed: " + e.getMessage(), e);
       }
-    } catch (InvalidKeySpecException ike) {
-      throw new RekorVerificationException("Public Key could be parsed", ike);
-    } catch (InvalidKeyException ike) {
-      throw new RekorVerificationException("Public Key was invalid", ike);
-    } catch (SignatureException se) {
-      throw new RekorVerificationException("Signature was invalid", se);
-    } catch (NoSuchAlgorithmException nsae) {
-      throw new AssertionError("Required verification algorithm 'SHA256withECDSA' not found.");
     }
 
     // verify inclusion proof
@@ -126,34 +125,54 @@ private void verifyInclusionProof(RekorEntry entry) throws RekorVerificationExce
 
   private void verifyCheckpoint(RekorEntry entry, TransparencyLog tlog)
       throws RekorVerificationException {
-    Checkpoint checkpoint;
+    Checkpoint parsedCheckpoint;
     try {
-      checkpoint = entry.getVerification().getInclusionProof().parsedCheckpoint();
+      parsedCheckpoint = entry.getVerification().getInclusionProof().parsedCheckpoint();
     } catch (RekorParseException ex) {
-      throw new RekorVerificationException("Could not parse checkpoint", ex);
+      throw new RekorVerificationException("Could not parse checkpoint from envelope", ex);
+    }
+
+    final int MAX_CHECKPOINT_SIGNATURES = 20;
+    if (parsedCheckpoint.getSignatures().size() > MAX_CHECKPOINT_SIGNATURES) {
+      throw new RekorVerificationException(
+          "Checkpoint contains an excessive number of signatures ("
+              + parsedCheckpoint.getSignatures().size()
+              + "), exceeding the maximum allowed of "
+              + MAX_CHECKPOINT_SIGNATURES);
     }
 
     byte[] inclusionRootHash =
         Hex.decode(entry.getVerification().getInclusionProof().getRootHash());
-    byte[] checkpointRootHash = Base64.getDecoder().decode(checkpoint.getBase64Hash());
+    byte[] checkpointRootHash = Base64.getDecoder().decode(parsedCheckpoint.getBase64Hash());
 
     if (!Arrays.equals(inclusionRootHash, checkpointRootHash)) {
       throw new RekorVerificationException(
           "Checkpoint root hash does not match root hash provided in inclusion proof");
     }
-    var keyHash = Hashing.sha256().hashBytes(tlog.getPublicKey().getRawBytes()).asBytes();
-    // checkpoint 0 is always the log, not any of the cross signing verifiers/monitors
-    var sig = checkpoint.getSignatures().get(0);
-    for (int i = 0; i < 4; i++) {
-      if (sig.getKeyHint()[i] != keyHash[i]) {
-        throw new RekorVerificationException(
-            "Checkpoint key hint did not match provided log public key");
-      }
+
+    Optional<CheckpointSignature> matchingSig =
+        parsedCheckpoint.getSignatures().stream()
+            .filter(sig -> sig.getIdentity().equals(tlog.getBaseUrl().getHost()))
+            .findFirst();
+
+    if (!matchingSig.isPresent()) {
+      throw new RekorVerificationException(
+          "No matching checkpoint signature found for transparency log: "
+              + tlog.getBaseUrl().getHost());
+    }
+
+    var keyId = tlog.getLogId().getKeyId();
+    var keyHint = Arrays.copyOfRange(keyId, 0, 4);
+    if (!Arrays.equals(matchingSig.get().getKeyHint(), keyHint)) {
+      throw new RekorVerificationException(
+          "Checkpoint key hint did not match provided log public key");
     }
-    var signedData = checkpoint.getSignedData();
+
+    var signedData = parsedCheckpoint.getSignedData();
+
     try {
       if (!Verifiers.newVerifier(tlog.getPublicKey().toJavaPublicKey())
-          .verify(signedData.getBytes(StandardCharsets.UTF_8), sig.getSignature())) {
+          .verify(signedData.getBytes(StandardCharsets.UTF_8), matchingSig.get().getSignature())) {
         throw new RekorVerificationException("Checkpoint signature was invalid");
       }
     } catch (NoSuchAlgorithmException

sigstore-java/src/main/java/dev/sigstore/rekor/v2/client/RekorV2Client.java

@@ -15,8 +15,8 @@
  */
 package dev.sigstore.rekor.v2.client;
 
-import dev.sigstore.proto.rekor.v1.TransparencyLogEntry;
 import dev.sigstore.proto.rekor.v2.HashedRekordRequestV002;
+import dev.sigstore.rekor.client.RekorEntry;
 import dev.sigstore.rekor.client.RekorParseException;
 import java.io.IOException;
 
@@ -26,8 +26,8 @@ public interface RekorV2Client {
    * Put a new hashedrekord entry on the Rekor log.
    *
    * @param hashedRekordRequest the request to send to rekor
-   * @return a {@link TransparencyLogEntry} with information about the log entry
+   * @return a {@link RekorEntry} with information about the log entry
    */
-  TransparencyLogEntry putEntry(HashedRekordRequestV002 hashedRekordRequest)
+  RekorEntry putEntry(HashedRekordRequestV002 hashedRekordRequest)
       throws IOException, RekorParseException;
 }

sigstore-java/src/main/java/dev/sigstore/rekor/v2/client/RekorV2ClientHttp.java

@@ -20,24 +20,18 @@
 import com.google.api.client.http.HttpRequest;
 import com.google.api.client.http.HttpResponse;
 import com.google.api.client.util.Preconditions;
-import com.google.gson.reflect.TypeToken;
-import com.google.protobuf.InvalidProtocolBufferException;
 import com.google.protobuf.util.JsonFormat;
 import dev.sigstore.http.HttpClients;
 import dev.sigstore.http.HttpParams;
 import dev.sigstore.http.ImmutableHttpParams;
-import dev.sigstore.json.GsonSupplier;
-import dev.sigstore.json.ProtoJson;
-import dev.sigstore.proto.rekor.v1.TransparencyLogEntry;
+import dev.sigstore.proto.rekor.v2.CreateEntryRequest;
 import dev.sigstore.proto.rekor.v2.HashedRekordRequestV002;
+import dev.sigstore.rekor.client.RekorEntry;
 import dev.sigstore.rekor.client.RekorParseException;
 import dev.sigstore.trustroot.Service;
 import java.io.IOException;
-import java.lang.reflect.Type;
 import java.net.URI;
-import java.util.HashMap;
 import java.util.Locale;
-import java.util.Map;
 
 /** A client to communicate with a rekor v2 service instance over http. */
 public class RekorV2ClientHttp implements RekorV2Client {
@@ -81,24 +75,16 @@ public RekorV2ClientHttp build() {
   }
 
   @Override
-  public TransparencyLogEntry putEntry(HashedRekordRequestV002 hashedRekordRequest)
+  public RekorEntry putEntry(HashedRekordRequestV002 hashedRekordRequest)
       throws IOException, RekorParseException {
     URI rekorPutEndpoint = uri.resolve(REKOR_ENTRIES_PATH);
 
-    String jsonPayload;
-    try {
-      String innerJson = JsonFormat.printer().print(hashedRekordRequest);
-
-      Type type = new TypeToken<Map<String, Object>>() {}.getType();
-      Map<String, Object> innerMap = GsonSupplier.GSON.get().fromJson(innerJson, type);
-
-      var requestMap = new HashMap<String, Object>();
-      requestMap.put("hashedRekordRequestV002", innerMap);
-
-      jsonPayload = GsonSupplier.GSON.get().toJson(requestMap);
-    } catch (InvalidProtocolBufferException e) {
-      throw new RekorParseException("Failed to serialize HashedRekordRequestV002 to JSON", e);
-    }
+    String jsonPayload =
+        JsonFormat.printer()
+            .print(
+                CreateEntryRequest.newBuilder()
+                    .setHashedRekordRequestV002(hashedRekordRequest)
+                    .build());
 
     HttpRequest req =
         HttpClients.newRequestFactory(httpParams)
@@ -120,12 +106,6 @@ public TransparencyLogEntry putEntry(HashedRekordRequestV002 hashedRekordRequest
 
     String respEntryJson = resp.parseAsString();
 
-    try {
-      TransparencyLogEntry.Builder builder = TransparencyLogEntry.newBuilder();
-      ProtoJson.parser().merge(respEntryJson, builder);
-      return builder.build();
-    } catch (InvalidProtocolBufferException e) {
-      throw new RekorParseException("Failed to parse Rekor response JSON", e);
-    }
+    return RekorEntry.fromTLogEntryJson(respEntryJson);
   }
 }