hectorj2f
commented
2 years ago @nsmith5 Good catch!
Open nsmith5 opened 2 years ago
hectorj2f
commented
2 years ago @nsmith5 Good catch!
asraa
commented
2 years ago FYI I think there's also some major complications around using non-sha256 when you're doing a keyless signature (uploading a rekor entry sort-of-requires that the sig was based off sha256, since we can't get the hash algorithm info that was used from a SignerVerifier right now)
nsmith5
commented
2 years ago Ah ok, my use-case doesn't use Rekor so I didn't hit that. Is that something we can / should change in Rekor ( allow other hash algorithms) or in cosign (restrict to SHA256 only)?
asraa
commented
2 years ago Ah ok, my use-case doesn't use Rekor so I didn't hit that.
Gotcha! Hmmm I think ideally this is fixed through SignerVerifier exposing the correct SHA, then making cosign pull that info in when creating the rekor entry. Rekor would also need to actually use a customize-able SHA here (https://github.com/sigstore/rekor/blob/c39c0beb340273f0d729f1b853b49691b6445eae/pkg/pki/x509/x509.go#L75) when verifying.
I guess currently we should drop an error that we can't upload if someone uses --signature-digest-algorith
hectorj2f
commented
2 years ago It sounds like a plan, then I assume we have to add this functionality to both rekor and cosigned.
tuminoid
Description
The cosign CLI allows setting
--signature-digest-algorithmto one ofsha224|sha256|sha384|sha512to accommodate the many hash algorithms that might have been used with elliptical KMS keys. The currentClusterImagePolicyAPI doesn't have a way to specify the hashing algorithm for verification so it defaults to sha256 and incorrectly rejects signatures with a different hash function.