Attestation/Blob signing and verification using a RFC3161 time-stamping server

[hectorj2f]

Summary

This PR adds support for signing and verification for blobs/attestations using a RFC3161 time-stamping server. This PR assumes we can rely on two different bundles when signing by passing the flags --rfc3161-timestamp-bundle and the former --bundle.

$ cosign sign-blob --timestamp-server-url=http://localhost:5555 --key cosign.key README.md  --rfc3161-timestamp-bundle mytimestampbundle

$ cosign verify-blob --timestamp-cert-chain ts_chain.pem --key cosign.pub README.md --rfc3161-timestamp-bundle mytimestampbundle

Bundle format in case both verification mechanism are used (TSA and Rekor):

{
	"base64Signature": "xxxx/8tmKUTTOHLBTHn",
	"cert": "xx==",
	"rekorBundle": {
		"SignedEntryTimestamp": "xxx+T3qDZtg0=",
		"Payload": {
			"body": "xxxxxxx=",
			"integratedTime": 1,
			"logIndex": 1,
			"logID": "xxxxx"
		}
	},
	"rfc3161timestamp": {
		"SignedRFC3161Timestamp": "xxxx"
	}
}

A similar set of command flags are used for attestations:

$ cosign attest --predicate predicate --timestamp-server-url=http://localhost:5555 <YOUR_IMAGE> 

$ cosign verify-attestation --timestamp-cert-chain ts_chain.pem <YOUR_IMAGE>  --insecure-skip-tlog-verify

Release Note

Add support for signing/verification for attestations and blobs using a RFC3161 time-stamping server.

Documentation

[codecov-commenter]

Codecov Report

Merging #2464 (3f6115b) into main (8f66577) will decrease coverage by 0.36%.
The diff coverage is 10.69%.

@@            Coverage Diff             @@
##             main    #2464      +/-   ##
==========================================
- Coverage   30.34%   29.98%   -0.37%     
==========================================
  Files         139      139              
  Lines        8469     8605     +136     
==========================================
+ Hits         2570     2580      +10     
- Misses       5546     5666     +120     
- Partials      353      359       +6     

Impacted Files	Coverage Δ
cmd/cosign/cli/attest.go	0.00% <0.00%> (ø)
cmd/cosign/cli/options/attest.go	0.00% <0.00%> (ø)
cmd/cosign/cli/options/policy.go	0.00% <0.00%> (ø)
cmd/cosign/cli/options/signblob.go	0.00% <0.00%> (ø)
cmd/cosign/cli/options/verify.go	0.00% <0.00%> (ø)
cmd/cosign/cli/policy_init.go	1.30% <0.00%> (-0.06%)	⬇️
cmd/cosign/cli/sign/sign.go	15.34% <0.00%> (ø)
cmd/cosign/cli/sign/sign_blob.go	0.00% <0.00%> (ø)
cmd/cosign/cli/signblob.go	0.00% <0.00%> (ø)
cmd/cosign/cli/verify.go	0.00% <0.00%> (ø)
... and 8 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[asraa]

you would need to set the validity time here

[asraa]

RE the open questions, I think they should be handled separately.

Can we supersede the logic changes in the verifyBlob inner call with the PR that combines the OCI logic?

[hectorj2f]

I am pausing this work until #2461 gets merged!

[hectorj2f]

@priyawadhwa @haydentherapper This PR is ready for a review. I was planning to increase the test coverage and perhaps add this experimental flag/env var that we discussed, as part of future PRs.

[priyawadhwa]

tests look great! just a few comments.

[haydentherapper]

Cc @asraa

[priyawadhwa]

lgtm!

[haydentherapper]

@hectorj2f Left some comments, happy to implement the changes if you are busy.

[haydentherapper]

Description needs to be updated, this was copied from BundlePath.

[haydentherapper]

nit for style: if _, err := tsa.GetTimestampedSignature(...); err != nil { ... }

[haydentherapper]

Should we document somewhere that we're generating a timestamp over the base64 signature, not the raw bytes? This was somewhat discussed in sigstore/timestamp-authority#116 - Cosign is being opinionated in using the base64-encoded sig, which I agree with, just think we should be explicit about this.

Update the SPEC docs for the OCI annotations?

[haydentherapper]

Should we require that if ko.TSAServerURL is set, ko.RFC3161TimestampPath must also be? Otherwise it's unnecessarily fetching a timestamp without persisting it.

[haydentherapper]

Shouldn't this be writing signedPayload.RFC3161Timestamp, not signedPayload.Base64Signature?

[haydentherapper]

This doesn't seem correct, RFC3161TimestampPath should contain a timestamp, not a code-signing certificate.

[haydentherapper]

I'm confused by this, b.Cert is always "", so isn't this never run?

[haydentherapper]

I left a comment above about this, but rfc3161TimestampPath should be storing a timestamp, not a signature, correct?

[haydentherapper]

Further, a 3161 timestamp should be in addition to the bundle, this makes it either/or.

[haydentherapper]

Follow up PR #2499