sigstore / cosign

Code signing and transparency for containers and binaries
Apache License 2.0
4.33k stars 525 forks source link

x509: cannot verify signature: insecure algorithm SHA1-RSA #2091

Open imjasonh opened 2 years ago

imjasonh commented 2 years ago

Description

From head (95b74db89941e8ec85e768f639efd4d948db06cd)

$ go test ./pkg/cosign/
--- FAIL: TestValidateAndUnpackCertWithSCT (0.00s)
    verify_test.go:457: ValidateAndUnpackCert expected no error, got err = x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "Certificate Transparency CA")
    verify_test.go:464: ValidateAndUnpackCert expected no error, got err = x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "Certificate Transparency CA")
FAIL
FAIL    github.com/sigstore/cosign/pkg/cosign   1.422s
FAIL

Adding the GODEBUG as suggested makes the test pass:

GODEBUG=x509sha1=1 go test ./pkg/cosign/
ok      github.com/sigstore/cosign/pkg/cosign   1.367s
$ go version
go version go1.18.2 darwin/arm64

Mostly filing this since I couldn't find any other reference to this in issues or code in any sigstore repo. Has anybody seen this before

edit: see https://github.com/golang/go/issues/41682

haydentherapper commented 2 years ago

Looking into this. Interestingly it fails on 1.18, but not 1.19.

haydentherapper commented 2 years ago

Need to generate new test data for certificate-transparency-go that doesn't use SHA1 for the signing algorithm digest.

dmitris commented 1 year ago

go test -v ./pkg/cosign passes now without GODEBUG=x509sha1=1 on the head version (17cc13812d8a7bfbb068ffc10fdbbdb3a9416f11) with go1.20.3 - has anything changed? @imjasonh - does it work for you now or not? go test ./... works for me as well.

imjasonh commented 1 year ago

Tests also passed for me at head (17cc13812d8a7bfbb068ffc10fdbbdb3a9416f11) without the env var set. I assume @haydentherapper updated the test data to not rely on SHA1, and the env var is now unnecessary.

Thanks for trying this @dmitris ! 👍

haydentherapper commented 1 year ago

The tests that need x509sha1 require the sct tag, see https://github.com/sigstore/cosign/blob/main/.github/workflows/tests.yaml#L70-L84. I guess e2e tests don't need the flag.

For anyone working in that part of the code, they need to know to specify that tag when running tests, but for the rest of the code, it's not needed.

dmitris commented 1 year ago

@imjasonh to avoid potential confusion, could you edit the issue description to add the sct tag in the command - go test -tags=sct ./..., please?

go test -tags=sct -failfast ./...
--- FAIL: TestValidateAndUnpackCertWithSCT (0.01s)
    verify_sct_test.go:80: ValidateAndUnpackCert expected no error, got err = cert verification failed: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "Certificate Transparency CA"). Check your TUF root (see cosign initialize) or set a custom root with env var SIGSTORE_ROOT_FILE
    verify_sct_test.go:87: ValidateAndUnpackCert expected no error, got err = cert verification failed: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "Certificate Transparency CA"). Check your TUF root (see cosign initialize) or set a custom root with env var SIGSTORE_ROOT_FILE
FAIL
FAIL    github.com/sigstore/cosign/v2/pkg/cosign    4.311s

The test that fails without GODEBUG=x509sha1=1 is TestValidateAndUnpackCertWithSCT from https://github.com/sigstore/cosign/blob/main/pkg/cosign/verify_sct_test.go#L40.