Merge remote-tracking branch 'origin/main' into add-rekor-version-option

Author: jku

.github/workflows/scorecards-analysis.yml

@@ -52,6 +52,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@d6bbdef45e766d081b84a2def353b0055f728d3e # v3.29.3
+        uses: github/codeql-action/upload-sarif@4e828ff8d448a8a6e532957b1811f387a63867e8 # v3.29.4
         with:
           sarif_file: results.sarif

install/requirements.txt

@@ -539,9 +539,9 @@ rfc8785==0.1.4 \
     --hash=sha256:520d690b448ecf0703691c76e1a34a24ddcd4fc5bc41d589cb7c58ec651bcd48 \
     --hash=sha256:e545841329fe0eee4f6a3b44e7034343100c12b4ec566dc06ca9735681deb4da
     # via sigstore
-rich==14.0.0 \
-    --hash=sha256:1c9491e1951aac09caffd42f448ee3d04e58923ffe14993f6e83068dc395d7e0 \
-    --hash=sha256:82f1bc23a6a21ebca4ae0c45af9bdbc492ed20231dcb63f297d6d1021a9d5725
+rich==14.1.0 \
+    --hash=sha256:536f5f1785986d6dbdea3c75205c473f970777b4a0d6c6dd1b696aa05a3fa04f \
+    --hash=sha256:e497a48b844b0320d45007cdebfeaeed8db2a4f4bcf49f15e455cfc4af11eaa8
     # via sigstore
 securesystemslib==1.3.0 \
     --hash=sha256:5b53e5989289d97fa42ed7fde1b4bad80985f15dba8c774c043b395a90c908e5 \
@@ -550,7 +550,7 @@ securesystemslib==1.3.0 \
 sigstore==3.6.4 \
     --hash=sha256:76f247a86738c9e076a243e0068ac68625848868890ed38491acc159752a46ac \
     --hash=sha256:d5678a7f4b78b084eb2c1a9eab31af81e6daf1f949abc3b7539a96900220d0d6
-    # via -r requirements.in
+    # via -r install/requirements.in
 sigstore-protobuf-specs==0.3.2 \
     --hash=sha256:50c99fa6747a3a9c5c562a43602cf76df0b199af28f0e9d4319b6775630425ea \
     --hash=sha256:cae041b40502600b8a633f43c257695d0222a94efa1e5110a7ec7ada78c39d99
@@ -575,7 +575,6 @@ typing-extensions==4.14.0 \
     #   pydantic
     #   pydantic-core
     #   pyopenssl
-    #   rich
     #   typing-inspection
 typing-inspection==0.4.1 \
     --hash=sha256:389055682238f53b04f7badcb49b989835495a96700ced5dab2d8feae4b26f51 \

pyproject.toml

@@ -62,7 +62,7 @@ lint = [
   "mypy ~= 1.1",
   # NOTE(ww): ruff is under active development, so we pin conservatively here
   # and let Dependabot periodically perform this update.
-  "ruff < 0.12.5",
+  "ruff < 0.12.6",
   "types-requests",
   "types-pyOpenSSL",
 ]

sigstore/verify/verifier.py

@@ -128,9 +128,18 @@ def _verify_signed_timestamp(
         for certificate_authority in cert_authorities:
             certificates = certificate_authority.certificates(allow_expired=True)
 
-            builder = VerifierBuilder()
-            for certificate in certificates:
-                builder.add_root_certificate(certificate)
+            # We expect at least a signing cert and a root cert but there may be intermediates
+            if len(certificates) < 2:
+                _logger.debug("Unable to verify Timestamp: cert chain is incomplete")
+                continue
+
+            builder = (
+                VerifierBuilder()
+                .tsa_certificate(certificates[0])
+                .add_root_certificate(certificates[-1])
+            )
+            for certificate in certificates[1:-1]:
+                builder = builder.add_intermediate_certificate(certificate)
 
             verifier = builder.build()
             try:

test/assets/tsa/issue1482-message

@@ -56,14 +56,16 @@ def get_cli_params(
 
 @pytest.mark.staging
 @pytest.mark.ambient_oidc
-def test_sign_success_default_output_bundle(capsys, sigstore, asset_integration):
+def test_sign_success_default_output_bundle(
+    capsys, sigstore, asset_integration, tmp_path
+):
     artifact = asset_integration("a.txt")
-    expected_output_bundle = artifact.with_name("a.txt.sigstore.json")
+    expected_output_bundle = tmp_path / "a.txt.sigstore.json"
 
-    assert not expected_output_bundle.exists()
     sigstore(
         *get_cli_params(
             artifact_paths=[artifact],
+            output_directory=tmp_path,
         )
     )
 
@@ -78,8 +80,6 @@ def test_sign_success_default_output_bundle(capsys, sigstore, asset_integration)
             input_=input_file.read(), bundle=bundle, policy=UnsafeNoOp()
         )
 
-    expected_output_bundle.unlink()
-
     captures = capsys.readouterr()
     assert captures.out.endswith(
         f"Sigstore bundle written to {expected_output_bundle}\n"
@@ -88,8 +88,8 @@ def test_sign_success_default_output_bundle(capsys, sigstore, asset_integration)
 
 @pytest.mark.staging
 @pytest.mark.ambient_oidc
-def test_sign_success_multiple_artifacts(capsys, sigstore, asset_integration):
-    artifacts = [
+def test_sign_success_multiple_artifacts(capsys, sigstore, asset_integration, tmp_path):
+    artifacts: list[Path] = [
         asset_integration("a.txt"),
         asset_integration("b.txt"),
         asset_integration("c.txt"),
@@ -98,13 +98,14 @@ def test_sign_success_multiple_artifacts(capsys, sigstore, asset_integration):
     sigstore(
         *get_cli_params(
             artifact_paths=artifacts,
+            output_directory=tmp_path,
         )
     )
 
     captures = capsys.readouterr()
 
     for artifact in artifacts:
-        expected_output_bundle = Path(f"{artifact}.sigstore.json")
+        expected_output_bundle = tmp_path / f"{artifact.name}.sigstore.json"
 
         assert f"Sigstore bundle written to {expected_output_bundle}\n" in captures.out
 
@@ -115,7 +116,6 @@ def test_sign_success_multiple_artifacts(capsys, sigstore, asset_integration):
             open(artifact, "rb") as input_file,
         ):
             bundle = Bundle.from_json(bundle_file.read())
-            expected_output_bundle.unlink()
             verifier.verify_artifact(
                 input_=input_file.read(), bundle=bundle, policy=UnsafeNoOp()
             )
@@ -124,14 +124,14 @@ def test_sign_success_multiple_artifacts(capsys, sigstore, asset_integration):
 @pytest.mark.staging
 @pytest.mark.ambient_oidc
 def test_sign_success_multiple_artifacts_rekor_v2(
-    capsys, sigstore, asset_integration, asset
+    capsys, sigstore, asset_integration, asset, tmp_path
 ):
     """This is a copy of test_sign_success_multiple_artifacts that exists to ensure the
     multi-threaded signing works with rekor v2 as well: this test can be removed when v2
     is the default
     """
 
-    artifacts = [
+    artifacts: list[Path] = [
         asset_integration("a.txt"),
         asset_integration("b.txt"),
         asset_integration("c.txt"),
@@ -141,13 +141,14 @@ def test_sign_success_multiple_artifacts_rekor_v2(
         *get_cli_params(
             artifact_paths=artifacts,
             trust_config_path=asset("trust_config/staging-but-sign-with-rekor-v2.json"),
+            output_directory=tmp_path,
         )
     )
 
     captures = capsys.readouterr()
 
     for artifact in artifacts:
-        expected_output_bundle = Path(f"{artifact}.sigstore.json")
+        expected_output_bundle = tmp_path / f"{artifact.name}.sigstore.json"
 
         assert f"Sigstore bundle written to {expected_output_bundle}\n" in captures.out
 
@@ -158,7 +159,6 @@ def test_sign_success_multiple_artifacts_rekor_v2(
             open(artifact, "rb") as input_file,
         ):
             bundle = Bundle.from_json(bundle_file.read())
-            expected_output_bundle.unlink()
             verifier.verify_artifact(
                 input_=input_file.read(), bundle=bundle, policy=UnsafeNoOp()
             )
@@ -240,14 +240,14 @@ def test_sign_success_no_default_files(capsys, sigstore, asset_integration, tmp_
 
 @pytest.mark.staging
 @pytest.mark.ambient_oidc
-def test_sign_overwrite_existing_bundle(capsys, sigstore, asset_integration):
+def test_sign_overwrite_existing_bundle(capsys, sigstore, asset_integration, tmp_path):
     artifact = asset_integration("a.txt")
-    expected_output_bundle = artifact.with_name("a.txt.sigstore.json")
+    expected_output_bundle = tmp_path / "a.txt.sigstore.json"
 
-    assert not expected_output_bundle.exists()
     sigstore(
         *get_cli_params(
             artifact_paths=[artifact],
+            output_directory=tmp_path,
         )
     )
 
@@ -256,6 +256,7 @@ def test_sign_overwrite_existing_bundle(capsys, sigstore, asset_integration):
     sigstore(
         *get_cli_params(
             artifact_paths=[artifact],
+            output_directory=tmp_path,
             overwrite=True,
         )
     )
@@ -265,6 +266,7 @@ def test_sign_overwrite_existing_bundle(capsys, sigstore, asset_integration):
         sigstore(
             *get_cli_params(
                 artifact_paths=[artifact],
+                output_directory=tmp_path,
                 overwrite=False,
             )
         )
@@ -275,8 +277,6 @@ def test_sign_overwrite_existing_bundle(capsys, sigstore, asset_integration):
         f"Refusing to overwrite outputs without --overwrite: {expected_output_bundle}\n"
     )
 
-    expected_output_bundle.unlink()
-
 
 def test_sign_fails_with_default_files_and_bundle_options(
     capsys, sigstore, asset_integration

test/assets/tsa/issue1482-timestamp-with-no-cert

@@ -29,9 +29,12 @@
 from sigstore.verify.policy import UnsafeNoOp
 
 
-@pytest.mark.parametrize("env", ["staging", "production"])
+# only check the log contents for production: staging is already on
+# rekor v2 and we don't currently support log lookups on rekor v2.
+# This test can likely be removed once prod also uses rekor v2
+@pytest.mark.parametrize("env", ["production"])
 @pytest.mark.ambient_oidc
-def test_sign_rekor_entry_consistent(sign_ctx_and_ident_for_env):
+def test_sign_rekor_entry_consistent(request, sign_ctx_and_ident_for_env):
     ctx_cls, identity = sign_ctx_and_ident_for_env
 
     # NOTE: The actual signer instance is produced lazily, so that parameter
@@ -108,25 +111,20 @@ def test_sct_verify_keyring_error(sign_ctx_and_ident_for_env, monkeypatch):
 
 @pytest.mark.parametrize("env", ["staging", "production"])
 @pytest.mark.ambient_oidc
-def test_identity_proof_claim_lookup(sign_ctx_and_ident_for_env, monkeypatch):
+def test_identity_proof_fallback_claim(sign_ctx_and_ident_for_env, monkeypatch):
     ctx_cls, identity = sign_ctx_and_ident_for_env
 
     ctx: SigningContext = ctx_cls()
     assert identity is not None
 
-    # clear out the known issuers, forcing the `Identity`'s  `proof_claim` to be looked up.
+    # clear out known issuers, forcing the `Identity`'s  `sub` claim to be used
+    # as fall back
     monkeypatch.setattr(sigstore.oidc, "_KNOWN_OIDC_ISSUERS", {})
 
     payload = secrets.token_bytes(32)
 
     with ctx.signer(identity) as signer:
-        expected_entry = signer.sign_artifact(payload).log_entry
-    actual_entry = ctx._rekor.log.entries.get(log_index=expected_entry.log_index)
-
-    assert expected_entry.body == actual_entry.body
-    assert expected_entry.integrated_time == actual_entry.integrated_time
-    assert expected_entry.log_id == actual_entry.log_id
-    assert expected_entry.log_index == actual_entry.log_index
+        signer.sign_artifact(payload)
 
 
 @pytest.mark.staging

test/integration/cli/test_sign.py

@@ -377,3 +377,18 @@ def test_verifier_not_enough_timestamp(
                 Bundle.from_json(asset("tsa/bundle.txt.sigstore").read_bytes()),
                 null_policy,
             )
+
+    def test_verify_signed_timestamp_regression(self, asset):
+        """
+        Ensure we correctly verify a timestamp with no embedded certs.
+
+        This is a regression test for # 1482
+        """
+        verifier = Verifier.staging(offline=True)
+        ts = rfc3161_client.decode_timestamp_response(
+            asset("tsa/issue1482-timestamp-with-no-cert").read_bytes()
+        )
+        res = verifier._verify_signed_timestamp(
+            ts, asset("tsa/issue1482-message").read_bytes()
+        )
+        assert res is not None