Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Sigstore signing and verification of models #276

Merged
merged 5 commits into from
Aug 5, 2024
Merged

Implement Sigstore signing and verification of models #276

merged 5 commits into from
Aug 5, 2024

Commits on Aug 5, 2024

  1. Add a from_str method to manifest.Shard. 

    The `ShardedFileManifestItem` objects (items in `ShardLevelManifest`)
are recorded as a single string in the in-toto payloads used for
signing. The canonicalization to string is done by appending the file
(relative) path, the start offset and the end offset, separated by `:`.

When validating a signature and rebuilding a manifest, we need to parse
a string back to a shard. Rather than replicating this in all places, we
create a member function for the conversion.

Also adds the relevant tests.

Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
    @mihaimaruseac
    mihaimaruseac committed Aug 5, 2024
    Configuration menu
    Copy the full SHA
    11f409c View commit details
    Browse the repository at this point in the history

  2. Ensure all in-toto statements have names for subjects 

    Although names in in-toto are optional, for sigstore-python they are
mandatory. So, we set the name to "." when we don't have other option.

Updated goldens to reflect the change.

Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
    @mihaimaruseac
    mihaimaruseac committed Aug 5, 2024
    Configuration menu
    Copy the full SHA
    e012e76 View commit details
    Browse the repository at this point in the history

  3. Add SigstoreSignature for storing Sigstore signatures 

    Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
    @mihaimaruseac
    mihaimaruseac committed Aug 5, 2024
    Configuration menu
    Copy the full SHA
    149ba68 View commit details
    Browse the repository at this point in the history

  4. Sign models with Sigstore, generate Sigstore bundles 

    Supports both signing models serialized to digests (a la
`serialize_v0`/`serialize_v1`) and models serialized to manifests.

Suppoorts both signing digests directly and signing in-toto manifest.

There is a need to convert from in-toto's in-toto types to the ones
expected by sigstore-python, but this additional step will be removed in
the future.

Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
    @mihaimaruseac
    mihaimaruseac committed Aug 5, 2024
    Configuration menu
    Copy the full SHA
    459ea1c View commit details
    Browse the repository at this point in the history

  5. Verify sigstore bundles 

    Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
    @mihaimaruseac
    mihaimaruseac committed Aug 5, 2024
    Configuration menu
    Copy the full SHA
    186ed4c View commit details
    Browse the repository at this point in the history