sigstore · bdehamer · Nov 4, 2022 · Nov 3, 2022 · Nov 3, 2022 · feelepxyz
@@ -92,6 +92,12 @@ describe('format', () => {
         );
         expect(entry.spec.content.hash).toBeTruthy();
         expect(entry.spec.content.hash?.algorithm).toBe('sha256');
+
+        // This hard-coded hash value helps us detect if we've unintentionally
+        // changed the hashing algorithm.
+        expect(entry.spec.content.hash?.value).toBe(
+          '91a5eb7452452720d704da5442acb9703252b3ab7be51ec155a244f5c9aa5ec8'
+        );
       });
     });
 
@@ -105,12 +111,57 @@ describe('format', () => {
       it('returns a valid intoto entry', () => {
         const entry = toProposedIntotoEntry(envelope, sigMaterial);
 
-        if (typeof entry.spec.content.envelope !== 'string') {
-          const e = entry.spec.content.envelope;
-          expect(e?.signatures[0].keyid).toBeUndefined();
-        } else {
+        if (typeof entry.spec.content.envelope === 'string') {
+          fail('intoto type is v0.0.1 but expecting v0.0.2');
+        }
+
+        // Ensure the keyid is not included in the envelope.
+        const e = entry.spec.content.envelope;
+        expect(e?.signatures).toHaveLength(1);
+        expect(e?.signatures[0].keyid).toBeUndefined();
+        expect(e?.signatures[0].sig).toEqual(
+          enc.base64Encode(envelope.signatures[0].sig.toString('base64'))
+        );
+
+        // This hard-coded hash value helps us detect if we've unintentionally
+        // changed the hashing algorithm.
+        expect(entry.spec.content.hash?.value).toBe(
+          '295fd391f3b3f349cdaa686befaa765d90c0b411a0811e45f8bc481338a51622'
+        );
+      });
+    });
+
+    describe('when there are multiple signatures in the envelope', () => {
+      const envelope: Envelope = {
+        payloadType: 'application/vnd.in-toto+json',
+        payload: Buffer.from('payload'),
+        signatures: [
+          { keyid: '123', sig: signature },
+          { keyid: '', sig: signature },
+        ],
+      };
+
+      it('returns a valid intoto entry', () => {
+        const entry = toProposedIntotoEntry(envelope, sigMaterial);
+
+        if (typeof entry.spec.content.envelope === 'string') {
           fail('intoto type is v0.0.1 but expecting v0.0.2');
         }
+
+        // Check to ensure only the first signature is included in the envelope
+        const e = entry.spec.content.envelope;
+        expect(e?.signatures).toHaveLength(1);
+        expect(e?.signatures[0].keyid).toEqual(envelope.signatures[0].keyid);
+        expect(e?.signatures[0].sig).toEqual(
+          enc.base64Encode(envelope.signatures[0].sig.toString('base64'))
+        );
+        expect(e?.signatures[0].publicKey).toEqual(enc.base64Encode(cert));
+
+        // This hard-coded hash value helps us detect if we've unintentionally
+        // changed the hashing algorithm.
+        expect(entry.spec.content.hash?.value).toBe(
+          '91a5eb7452452720d704da5442acb9703252b3ab7be51ec155a244f5c9aa5ec8'
+        );
       });
     });
   });

@@ -75,14 +75,22 @@ function toProposedIntotoV002Entry(
   envelope: Envelope,
   signature: SignatureMaterial
 ): IntotoKind {
+  // Calculate the value for the payloadHash field in the Rekor entry
+  const payloadHash = crypto.hash(envelope.payload).toString('hex');
+
+  // Calculate the value for the hash field in the Rekor entry
+  const envelopeHash = calculateDSSEHash(envelope);
+
+  // Collect values for re-creating the DSSE envelope.
   // Double-encode payload and signature cause that's what Rekor expects
   const payload = enc.base64Encode(envelope.payload.toString('base64'));
   const sig = enc.base64Encode(envelope.signatures[0].sig.toString('base64'));
   const keyid = envelope.signatures[0].keyid;
   const publicKey = enc.base64Encode(toPublicKey(signature));
-  const payloadHash = crypto.hash(envelope.payload).toString('hex');
 
-  // Create the envelop portion first so that we can calculate its hash
+  // Create the envelope portion of the entry. Note the inclusion of the
+  // publicKey in the signature struct is not a standard part of a DSSE
+  // envelope, but is required by Rekor.
   const dsse: IntotoKind['spec']['content']['envelope'] = {
     payloadType: envelope.payloadType,
     payload: payload,
@@ -96,8 +104,6 @@ function toProposedIntotoV002Entry(
     dsse.signatures[0].keyid = keyid;
   }
 
-  const envelopeHash = crypto.hash(json.canonicalize(dsse)).toString('hex');
-
   return {
     apiVersion: '0.0.2',
     kind: INTOTO_KIND,
@@ -111,6 +117,28 @@ function toProposedIntotoV002Entry(
   };
 }
 
+// Calculates the hash of a DSSE envelope for inclusion in a Rekor entry.
+// There is no standard way to do this, so the scheme we're using as as
+// follows:
+//  * payload is base64 encoded
+//  * signature is base64 encoded (only the first signature is used)
+//  * keyid is included ONLY if it is NOT an empty string
+//  * The resulting JSON is canonicalized and hashed to a hex string
+function calculateDSSEHash(envelope: Envelope): string {
+  const dsse: IntotoKind['spec']['content']['envelope'] = {
+    payloadType: envelope.payloadType,
+    payload: envelope.payload.toString('base64'),
+    signatures: [{ sig: envelope.signatures[0].sig.toString('base64') }],
+  };
+
+  // If the keyid is an empty string, Rekor seems to remove it altogether.
+  if (envelope.signatures[0].keyid.length > 0) {
+    dsse.signatures[0].keyid = envelope.signatures[0].keyid;
+  }
+
+  return crypto.hash(json.canonicalize(dsse)).toString('hex');
+}
+
 function toPublicKey(signature: SignatureMaterial): string {
   return signature.certificates
     ? signature.certificates[0]

@@ -79,7 +79,7 @@ kBbmLSGtks4L3qX6yYY0zufBnhC8Ur/iy55GhWP/9A/bY2LhC30M9+RYtw==
 
   describe('when a DSSE Bundle is provided', () => {
     const set = Buffer.from(
-      'MEYCIQC/9HHAv5Fg4uCxtmkxRqXznZcQchktwV5f4f6/XdCjsQIhAIJTMDf+PbrDL1p6rr2lS/yq/iYnscFkclNrr0a03qdv',
+      'MEYCIQDCDqNKrxg0g2J/psG5ypPTcxiEoSXSj93G1GhaitBnswIhAM6WDzaJTCkQ2h39jv7vmthAlKZQNRH6Stqxy0Fi4k+C',
       'base64'
     );
 
@@ -169,7 +169,7 @@ function createMessageSignatureBundle(logID: Buffer, set?: Buffer): Bundle {
 
 function createDSSEBundle(logID: Buffer, set?: Buffer): Bundle {
   const cert1 = Buffer.from(
-    'MIICnzCCAiagAwIBAgIUL344ndfoO3//U50uxtblyETIiUEwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjIxMDI5MDQ1MTUyWhcNMjIxMDI5MDUwMTUyWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEX8ne4JiXI4a6qgaNj3gz4IiJVK/3dsjioIds+eGi6DFxElL4E4NeUjXtQiDzRWEkkJpi+QMPhoie2k+onI0t8qOCAUUwggFBMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUsKOCg+CT2YGW1GzpINc15p+4i9IwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERYnJpYW5AZGVoYW1lci5jb20wLAYKKwYBBAGDvzABAQQeaHR0cHM6Ly9naXRodWIuY29tL2xvZ2luL29hdXRoMIGKBgorBgEEAdZ5AgQCBHwEegB4AHYACGCS8ChS/2hF0dFrJ4ScRWcYrBY9wzjSbea8IgY2b3IAAAGEIhUBGgAABAMARzBFAiEA9NrGXft/DXCpxfjT2pVlPnfixefSZC6I5rPdDTFocF8CIA3PzW9dT8MXumDfLYn3K/sT5FZsmeqZmmoertcQH/AkMAoGCCqGSM49BAMDA2cAMGQCMAag7B6iQREiQYqATqpJlMLU5wykBeD+7NwVprlsuE2hG56aSD76Xf5wycPZSTkjlQIwbEpUgUdvxFLgh8HAvO5nfii7reBznUITdm37b9JbF0bFt//0EhjFy7EdBTCuAG51',
+    'MIICoTCCAiagAwIBAgIUAilwtOGnYZAHZFmV+0z6j8c+yIQwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjIxMTAyMjMyNDM0WhcNMjIxMTAyMjMzNDM0WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEdEE+u7yTkC2uG819DRlmMzYSoGoEP4r8glaiK7foqjNODPS7b3s5p9xlAey4fFHHhdHktmpVAZGD3gy/3UKqXqOCAUUwggFBMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQU0ZCaKJ81FfD8BnPlAEaZ5+H5CMEwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERYnJpYW5AZGVoYW1lci5jb20wLAYKKwYBBAGDvzABAQQeaHR0cHM6Ly9naXRodWIuY29tL2xvZ2luL29hdXRoMIGKBgorBgEEAdZ5AgQCBHwEegB4AHYA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGEOqkmUgAABAMARzBFAiAAj+CKr8Qaw8xxQInoQtf1V15vPeGCaKNs23yaaQAl1wIhAPmzjDmJi69oxaz/5OYjrUg7XNl9RUCRIZ8ZLFgsl42jMAoGCCqGSM49BAMDA2kAMGYCMQCpj0ghinAEs36KiLOegtym8TEAAAyI9PMK+WZzpm3aGXDA0phyOZjmtEd0wPeDB1QCMQCMvZkgu96zId0esW3oYsDaIFd5NUGa3lXuBj3Lc0MMRvfmyG49I4Gj9qV7dgKEm2o=',
     'base64'
   );
   const cert2 = Buffer.from(
@@ -192,7 +192,7 @@ function createDSSEBundle(logID: Buffer, set?: Buffer): Bundle {
           {
             keyid: '',
             sig: Buffer.from(
-              'MEUCIQCdJHpwUUS919xv5M4cgYt8SGb5gMdPSdamfzFEReF+UgIgAKDrzm9uszoRHeo2Prz4nKRAhcl6k8MXuFzQ3dzXQmU=',
+              'MEUCIQCVCPbzc4aPZMKpXnwuqbUp6WNDqSHFVfvPmSVSYz+sIgIgEUltpzCXjguuMHlx8qXHJCuH6ptaTmW57llQJRGqQfc=',
               'base64'
             ),
           },
@@ -217,12 +217,12 @@ function createDSSEBundle(logID: Buffer, set?: Buffer): Bundle {
       },
       tlogEntries: [
         {
-          logIndex: '6083446',
+          logIndex: '6387817',
           logId: {
             keyId: logID,
           },
           kindVersion: { kind: 'intoto', version: '0.0.2' },
-          integratedTime: '1667019113',
+          integratedTime: '1667431475',
           inclusionPromise: set ? { signedEntryTimestamp: set } : undefined,
           inclusionProof: undefined,
         },