proposal: Update invoice signature spec

deislabs / bindle

Bindle: Object Storage for Collections

Apache License 2.0

263 stars 37 forks source link

proposal: Update invoice signature spec #318

Open lann opened 2 years ago

lann commented 2 years ago

Following up on #284 and #292, I'd like to change the signature spec from signing data derived from the invoice file to signing the invoice file itself. This would require a few related changes:

The signature(s) would not be stored in the invoice.toml itself, but as part of a separate structure (e.g. signatures.toml; name bikeshedding welcome)
The server would need to store the bytes of the invoice.toml (and signatures) rather than just the semantic data
Updates to bindle yanking to keep the invoice immutable
Protocol updates to reflect these changes
[anything I missed?]

Disadvantages

Signature-verifying Bindle implementations must have a TOML implementation
Some server-side storage overhead from storing serialized TOML
An extra data structure (file)

Advantages

Easier to reason about backward compatibility in invoice format
Avoids any canonicalization attack problems with verification
Signing and verification is somewhat simplified

lann commented 2 years ago

One option for the invoice signatures file would be to make it a "TOML-compatible" file format (invoice.sigs perhaps?), reusing the current spec's [[signature]] blocks and appending the signature itself to the end, e.g. something like (adapting from https://github.com/deislabs/bindle/blob/main/docs/signing-spec.md#reading-signatures-as-provenance):

Signature payload (TOML):

by = "Matt Butcher <matt.butcher@example.com>"
key = "1c44..."
role = "creator"
at = 1611960337

Signature serialization (TOMLish-but-not): [[signature]]\n<payload>\nsignature = "<hex(sign('BINDLE-SIGNATURE-V1' || sha256(invoice) || payload))>"

lann commented 2 years ago

I hate to say it, but this would be simplified by using JSON...

fibonacci1729 commented 2 years ago

@thomastaylor312 Would love your thoughts here!

lann commented 2 years ago

Another proposal for signatures; I think this is what I would prefer for a TOML-based solution:

[[signature]]
# Untrusted label: Maybe Real Signer <maybe.real.signer@example.com>
signer = """
key = "1c44..."
role = "creator"
at = 1611960337
"""
signature = "<hex(sign('BINDLE-SIGNATURE-V1:' || sha256(invoice) || ':' || meta))>"

lann commented 2 years ago

I think I've covered most of the changes in #322 now. Biggest change to the protocol is that bindle GET/POST would work with a string version of the invoice, e.g.

invoice = '''
bindleVersion = "1.0.0"

[bindle]
name = "mybindle"
version = "0.1.0"
...
'''

[[signature]]
...

thomastaylor312 commented 2 years ago

Just getting round to this in #322. I'll drop all comment there