New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bug: python-tuf incompatibility because of hex-encoded ECDSA keys #329
Comments
See #103 (comment) |
Can we do this, but also sign with the old keys to allow for a seamless transition? So existing keys a, b, c and PEM encoded keys from the same people A, B, C all sign the metadata that lists only A, B, C as the new trusted root keyholders. |
Question: What about other TUF implementations? Has everyone but python-tuf added support for hex-encoded keys? |
I see, dupe the old keys with hex-encoded and add their PEM-encoded files as well, so that we will have ~10 sigs in the root metadata. That's a great idea! |
PEM-encoded keys are the specification, see links! |
I was curious if other implementations are broken too besides python-tuf. Otherwise, option (4) seems like a possibility, even if it's deviating from the spec. |
It's just go-tuf. Rust's For context, in the linked issue theupdateframework/go-tuf#223, it was because go-tuf couldn't canonicalize json with newlines. that's now fixed in go-tuf so this doesn't block go-tuf anymore, we now write json to the store, not canonicalized json. Here's the rust tough discussion on accomodating our keys: awslabs/tough#426. |
Sorry for butting in, but just to make sure I understand: this is a failure with
This makes sense to me too. This also enables an eventual graceful transition to just PEM-encoded keys, right? |
Yes, exactly correct! So for python sigstore integrations, they would then be able to pin their trusted root at the next upcoming root version |
I like this idea. |
The plan for the PRs (started #372) will be that I will create four separate PRs with the following changes and testing:
|
I wish there was a way to say in TUF: "Count only 1 towards the threshold out of these N same public keys (even if they look or are different)." |
Description
Right now, python-tuf can't validate our root metadata because
go-tuf
used hex-encoded ecdsa keys, rather than what securesystemslib requires (PEM encoded keys). This is actually a hard problem (see go-tuf issue links) because of compatibility: if we change keys to be PEM-encoded keys, then the key material changes, preventing verification through a valid chain of roots.Options to fix:
keyid
. Looking at the implementations, this will LIKELY work, since keyIDs do not need to be based off hashes of the key material anymore, and because there is no verification done that keymaterial matches: just key IDs do. That seems like a bug, but we can exploit it. If we do this, then roots will continue to chain with go-tuf, and we will achieve python-tuf verification in the next root-signing.Blocks #242
See theupdateframework/go-tuf#223, theupdateframework/go-tuf#270
@trishankatdatadog @mnm678 @joshuagl @kommendorkapten
The text was updated successfully, but these errors were encountered: