Refactor SCT verification/CT key handling #263
Labels
bug
Something isn't working
component:signing
Core signing functionality
component:verification
Core verification functionality
Comments
woodruffw
added
bug
|
This also has some nice refactoring benefits: we'll be able to define an API like this: class CTKeyring:
def verify(self, key_id: bytes, signature: bytes, digitally_signed: bytes) -> ...:
......and hide some of the current implementation details. |
|
#262 will vendor the new staging instance CT keys. From there, we'll need the keyring impl. |
|
Looks good to me! Another refactoring benefit: I would suggest moving CTFE keys out of the rekor instance ( sigstore-python/sigstore/_sign.py Line 100 in a5091e5 |
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This has come to light during the staging instance's recent sharding: there are now multiple CT signing keys, instead of just
ctfe.pub. The newer signing keys aren't necessarily compatible with the older ones (i.e. they can be ECDSA instead of RSA), and new CT entries are signed with the latest key rather than the older ones.As a result, our assumption of a single CT key (
ctfe.{staging.}pub) is no longer correct. This makes SCT verification fail for newer SCTs, since they're no longer signed with the key that we've vendored.To fix this, we need to refactor our CT key handling. In particular:
dict[KeyID, Key], whereKeyIDis the key ID format described in RFC 6962 s. 3.2.logIDfield, which is really just the key ID.For the time being, we'll create this keychain by vendoring more CT keys (#262). Longer term, the TUF integration planned under #25 will be expected to retrieve all CT key targets, either via their usage metadata or some other identifying feature in the TUF repo.
The text was updated successfully, but these errors were encountered: