Rework trusted root injection

While this will allow anyone to inject a trustedRoot instead of using sigstore public good, its been primarily included to allow conformance to inject alt trusted roots Signed-off-by: Appu Goundan <[email protected]>
sigstore · Dec 28, 2023 · a6ff3f3 · a6ff3f3
1 parent 8d2d442
commit a6ff3f3
Show file tree

Hide file tree

Showing 36 changed files with 88 additions and 814 deletions.
diff --git a/.github/workflows/conformance.yml b/.github/workflows/conformance.yml
@@ -31,6 +31,6 @@ jobs:
       - name: Unpack sigstore-java distribution
         run: tar -xvf ${{ github.workspace }}/sigstore-cli/build/distributions/sigstore-cli-*.tar --strip-components 1
 
-      - uses: sigstore/sigstore-conformance@00922385de455be5ec46288a947044aa44fb0981 # v0.0.8
+      - uses: sigstore/sigstore-conformance@c8d17eb7ee884cf86b93a3a3f471648fb0a83819 # v0.0.9
         with:
           entrypoint: ${{ github.workspace }}/bin/sigstore-cli
diff --git a/sigstore-cli/src/main/java/dev/sigstore/cli/Sign.java b/sigstore-cli/src/main/java/dev/sigstore/cli/Sign.java
@@ -22,6 +22,7 @@
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.util.Base64;
 import java.util.concurrent.Callable;
 import picocli.CommandLine.ArgGroup;
 import picocli.CommandLine.Command;
@@ -57,7 +58,9 @@ public Integer call() throws Exception {
     var signer = signerBuilder.build();
     var signingResult = signer.signFile(artifact);
     if (signatureFiles.sigAndCert != null) {
-      Files.write(signatureFiles.sigAndCert.signatureFile, signingResult.getSignature());
+      Files.write(
+          signatureFiles.sigAndCert.signatureFile,
+          Base64.getEncoder().encode(signingResult.getSignature()));
       Files.write(
           signatureFiles.sigAndCert.certificateFile,
           Certificates.toPemBytes(signingResult.getCertPath()));

diff --git a/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java b/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java
@@ -30,6 +30,7 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.security.cert.CertPath;
+import java.util.Base64;
 import java.util.concurrent.Callable;
 import picocli.CommandLine.ArgGroup;
 import picocli.CommandLine.Command;
@@ -50,6 +51,12 @@ public class Verify implements Callable<Integer> {
   @ArgGroup(multiplicity = "0..1", exclusive = false)
   Policy policy;
 
+  @Option(
+      names = {"--trusted-root"},
+      description = "an alternative to the TUF managed sigstore public good trusted root",
+      required = false)
+  Path trustedRoot;
+
   static class Policy {
     @Option(
         names = {"--certificate-identity"},
@@ -70,7 +77,8 @@ public Integer call() throws Exception {
     KeylessSignature keylessSignature;
 
     if (signatureFiles.sigAndCert != null) {
-      byte[] signature = Files.readAllBytes(signatureFiles.sigAndCert.signatureFile);
+      byte[] signature =
+          Base64.getDecoder().decode(Files.readAllBytes(signatureFiles.sigAndCert.signatureFile));
       CertPath certPath =
           Certificates.fromPemChain(Files.readAllBytes(signatureFiles.sigAndCert.certificateFile));
       keylessSignature =
@@ -91,7 +99,10 @@ public Integer call() throws Exception {
     }
     var verificationOptions = verificationOptionsBuilder.alwaysUseRemoteRekorEntry(false).build();
 
-    var verifier = new KeylessVerifier.Builder().sigstorePublicDefaults().build();
+    var verifier =
+        (trustedRoot == null)
+            ? new KeylessVerifier.Builder().sigstorePublicDefaults().build()
+            : new KeylessVerifier.Builder().fromTrustedRoot(trustedRoot).build();
     verifier.verify(
         artifact,
         KeylessVerificationRequest.builder()

diff --git a/sigstore-java/src/main/java/dev/sigstore/KeylessVerifier.java b/sigstore-java/src/main/java/dev/sigstore/KeylessVerifier.java
@@ -64,27 +64,33 @@ public static KeylessVerifier.Builder builder() {
   }
 
   public static class Builder {
-    private SigstoreTufClient sigstoreTufClient;
+    private TrustedRootProvider trustedRootProvider;
 
     public KeylessVerifier build()
         throws InvalidAlgorithmParameterException, CertificateException, InvalidKeySpecException,
             NoSuchAlgorithmException, IOException, InvalidKeyException {
-      Preconditions.checkNotNull(sigstoreTufClient);
-      sigstoreTufClient.update();
-      var trustedRoot = sigstoreTufClient.getSigstoreTrustedRoot();
+      Preconditions.checkNotNull(trustedRootProvider);
+      var trustedRoot = trustedRootProvider.get();
       var fulcioVerifier = FulcioVerifier.newFulcioVerifier(trustedRoot);
       var rekorClient = RekorClient.builder().setTransparencyLog(trustedRoot).build();
       var rekorVerifier = RekorVerifier.newRekorVerifier(trustedRoot);
       return new KeylessVerifier(fulcioVerifier, rekorClient, rekorVerifier);
     }
 
     public Builder sigstorePublicDefaults() throws IOException {
-      sigstoreTufClient = SigstoreTufClient.builder().usePublicGoodInstance().build();
+      var sigstoreTufClient = SigstoreTufClient.builder().usePublicGoodInstance().build();
+      trustedRootProvider = TrustedRootProvider.from(sigstoreTufClient);
       return this;
     }
 
     public Builder sigstoreStagingDefaults() throws IOException {
-      sigstoreTufClient = SigstoreTufClient.builder().useStagingInstance().build();
+      var sigstoreTufClient = SigstoreTufClient.builder().useStagingInstance().build();
+      trustedRootProvider = TrustedRootProvider.from(sigstoreTufClient);
+      return this;
+    }
+
+    public Builder fromTrustedRoot(Path trustedRoot) {
+      trustedRootProvider = TrustedRootProvider.from(trustedRoot);
       return this;
     }
   }

diff --git a/sigstore-java/src/main/java/dev/sigstore/TrustedRootProvider.java b/sigstore-java/src/main/java/dev/sigstore/TrustedRootProvider.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2023 The Sigstore Authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package dev.sigstore;
+
+import com.google.common.base.Preconditions;
+import com.google.protobuf.util.JsonFormat;
+import dev.sigstore.proto.trustroot.v1.TrustedRoot;
+import dev.sigstore.trustroot.SigstoreTrustedRoot;
+import dev.sigstore.tuf.SigstoreTufClient;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.spec.InvalidKeySpecException;
+
+@FunctionalInterface
+public interface TrustedRootProvider {
+
+  SigstoreTrustedRoot get()
+      throws InvalidAlgorithmParameterException, CertificateException, InvalidKeySpecException,
+          NoSuchAlgorithmException, IOException, InvalidKeyException;
+
+  static TrustedRootProvider from(SigstoreTufClient tufClient) {
+    Preconditions.checkNotNull(tufClient);
+    return () -> {
+      tufClient.update();
+      return tufClient.getSigstoreTrustedRoot();
+    };
+  }
+
+  static TrustedRootProvider from(Path trustedRoot) {
+    Preconditions.checkNotNull(trustedRoot);
+    return () -> {
+      var trustedRootBuilder = TrustedRoot.newBuilder();
+      JsonFormat.parser()
+          .merge(Files.readString(trustedRoot, StandardCharsets.UTF_8), trustedRootBuilder);
+      return SigstoreTrustedRoot.from(trustedRootBuilder.build());
+    };
+  }
+}
diff --git a/sigstore-java/src/main/java/dev/sigstore/VerificationMaterial.java b/sigstore-java/src/main/java/dev/sigstore/VerificationMaterial.java
diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/README.md b/sigstore-java/src/main/resources/dev/sigstore/tuf/README.md
@@ -1,21 +1,3 @@
 # TUF Store
 
-This resource is a temporary alternative to an actual TUF client.
-This is **not a permanent solution** and should not be treated as such.
-If the key changes, they will not automatically be reflected here
-and various signing/verification workflows will fail.
-
-We keep copies of the remote tuf repositories locally in
-1. Production from https://tuf-repo-cdn.sigstore.dev \
-   for interfacing with *.sigstore.dev
-
-2. Staging from https://tuf-repo-cdn.sigstage.dev \
-   for interfacing with *.sigstage.dev
-
-For this client to function we need the following keys
-1. CTFE public keys (`ctfe.pub`, `ctfe_*.pub`) \
-   the public key for the certificate transparency log
-2. Fulcio root cert (`fulcio_v1.crt.pem` or `fulcio.crt.pem`) \
-   the root certificate for fulcio issued certificates
-3. Rekor public key (`rekor.pub`) \
-   the public key for the rekor transparency log
+Seed roots for sigstore public good and staging.
diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe.pub
diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe_2022.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/production/ctfe_2022.pub
diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/fulcio_v1.crt.pem b/sigstore-java/src/main/resources/dev/sigstore/tuf/production/fulcio_v1.crt.pem
diff --git a/sigstore-java/src/main/resources/dev/sigstore/tuf/production/rekor.pub b/sigstore-java/src/main/resources/dev/sigstore/tuf/production/rekor.pub