-
Notifications
You must be signed in to change notification settings - Fork 549
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixing issue 3669 #3670
base: main
Are you sure you want to change the base?
Fixing issue 3669 #3670
Conversation
Signed-off-by: Mukuls77 <mukul.sharma77@gmail.com>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3670 +/- ##
==========================================
+ Coverage 40.10% 40.57% +0.47%
==========================================
Files 155 157 +2
Lines 10044 10164 +120
==========================================
+ Hits 4028 4124 +96
- Misses 5530 5540 +10
- Partials 486 500 +14 ☔ View full report in Codecov by Sentry. |
Signed-off-by: Mukuls77 <mukul.sharma77@gmail.com>
I'm not very familiar with the OCI part of the codebase, so this might be incorrect, but isn't the metadata already downloaded by this point? I'm also not convinced this is needed, as this seems like handling a case where someone has manipulated the contents of the registry object. Exiting out early is fine, but it will fail nonetheless later on. |
@haydentherapper yes the MediaType is already known to us when we download the signature manifest. so this check is not really downloading or querying the mediaType from registry. Instead it is fetching it from the downloaded manifest file. So this check does not add any extra Get towards registry. |
This check is particular important in case someone is using cosign as a library, as without this check if some one apply the signature tag to a artifact which is not a signature currently cosign will start downloading all the layers, as cosign keeps those in memory for further verification this will increase the memory usage of the process using cosign library and than may result in restart of the process. If you agree i am extend this check to also check the size of the layer if the size is more than what we define as max permissible size of a signature we can block the download of layer if it exceed that size limit. this will make the cosign library usage more secure |
@haydentherapper can you pls comment do you see this change useful as it is not introducing any additional overhead but enhancing the security, as i mentioned we can enhance it further by adding check to not download a signature layer if it is beyond a specific size. |
I'm not sure if @haydentherapper's first question was answered, or if I didn't quite understand it. Isn't the manifest already downloaded at this point? It looks like the download happens here, a few lines before the verifySignatures call, so I'm not sure how checking the media type in
We already check the size of the layer before reading it into memory - have you found a case where this check is insufficient or incorrect? |
@cmurphy thanks for your comments.
The layers are downloaded Line 611 in fa17fab
I agree we have a env variable COSIGN_MAX_ATTACHMENT_SIZE which has default value of 128 Mb, ideally our signature payload is not that big and it would have been better to have a more specific limit for signatures, but still we can tune this env variable according to our needs. |
Summary
Closes #3669
Currently while doing the verification of signatures cosign does not check the MediaType of the layers before downloading those. In the case when some one mistakenly put the signature tag on an artifact which is not a signature than cosign will download all the layers present in the Manifest file of the artifact and than we start verification which will eventually fail as the artifact was not really a signature.
The fix provides an additional check to check the Media Type before downloading the layers. this will avoid unnecessary download of stale data and will quickly reject the verification as the artifact is not a signature.
Release Note
Documentation
No change in documentation