Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create NoteVerifier, verification library functions (v2) #119

Merged
merged 10 commits into from
Mar 25, 2025
Merged

Create NoteVerifier, verification library functions (v2) #119

merged 10 commits into from
Mar 25, 2025
+365 −14

Conversation

jku
Copy link
Member

@jku jku commented Mar 21, 2025
edited
Loading

This replaces #114:

  • create NoteVerifier
  • Add verify package to contain log entry verification methods
  • verification methods now take a (sumdb) note.Verifier as argument on colleens suggestion
  • Add basic tests for verify

haydentherapper and others added 3 commits March 21, 2025 09:27
@haydentherapper @jku
Create NoteVerifier, verification library functions
b9fe1a9 
Signed-off-by: Hayden B <8418760+haydentherapper@users.noreply.github.com>
@jku
note: Refactor
a28764e 
Refactor keyid calculation out of both constructors

Also remove the unused context argument

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@jku
verify: Various small changes in verify functions
ff8ea6d 
* Use SafeInt64
* fix VerifyLogEntry error return value

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@codecov Codecov
Copy link

codecov bot commented Mar 21, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 35.82090% with 43 lines in your changes missing coverage. Please review.

Project coverage is 26.84%. Comparing base (82230be) to head (c619068).
Report is 17 commits behind head on main.

Files with missing lines Patch % Lines
pkg/note/note.go 17.77% 34 Missing and 3 partials ⚠️
pkg/verify/verify.go 72.72% 4 Missing and 2 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #119      +/-   ##
==========================================
+ Coverage   21.61%   26.84%   +5.23%     
==========================================
  Files          27       29       +2     
  Lines        1712     1892     +180     
==========================================
+ Hits          370      508     +138     
- Misses       1308     1346      +38     
- Partials       34       38       +4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@jku jku mentioned this pull request Mar 21, 2025
Closed
@jku
verify: Use sumdb Verifier as the argument
219827a 
tessera functions accept the sumdb Verifier so this likely makes client
code more consistent: it does mean caller needs to handle
    v, e := note.NewNoteVerifier(origin, verifier)
if they have a signature.Verifier.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
jku
jku commented Mar 21, 2025
View reviewed changes
pkg/note/note.go
switch pk := pubKey.(type) {
var err error

switch pk := key.(type) {
case *ecdsa.PublicKey:
keyID, err = ecdsaKeyHash(pk)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

unlike other keytypes, ecdsaKeyHash does not hash "origin". I don't have the context to understand if this is an issue or no

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is correct. This is the context:

https://github.com/C2SP/C2SP/blob/8991f70ddf8a11de3a68d5a081e7be27e59d87c8/signed-note.md#:~:text=Note%20that%20the%20key%20ID%20for%20these%20signatures%20is%20the%20truncated%20SHA%2D256%20hash%20of%20the%20DER%20encoded%20public%20key%20in%20SPKI%20format.
sigstore/rekor#2062

@jku jku mentioned this pull request Mar 21, 2025
Open
6 tasks
@jku
Copy link
Member Author

jku commented Mar 21, 2025

I've had a first look at the tests and I think I will need a bit of help there, I'm not really sure how to generate the test data. I will have another go on monday but feel free to leave ideas here if you have some

cmurphy
cmurphy requested changes Mar 21, 2025
View reviewed changes
loosebazooka
loosebazooka reviewed Mar 21, 2025
View reviewed changes
Copy link
Member

@loosebazooka loosebazooka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I looked into testing here, we kind of have 2 options:

  1. we assume the underlying note library is reliable and just ensure we are calling it correctly by calling it directly in a test and comparing the result.
  2. manually generate a note and sign it and then compare the result from an out of band signing.

@cmurphy
Copy link
Contributor

cmurphy commented Mar 21, 2025

@jku here's a starting point for the tests: https://gist.github.com/cmurphy/30e1beb758fe952959a27320c0a8d141

For TestVerifyInclusionProof, I pulled the values from the original verify_test.go and reformatted them into the TLE and Checkpoint structure. Some things needed to be hex decoded or base64 decoded.

For TestVerifyCheckpoint I started from the test in verify_test.go but then used https://github.com/transparency-dev/trillian-tessera/blob/ae724376e1ace4046767511c72c6006bde3ec87e/append_lifecycle.go#L298-L316 to generate a signed checkpoint envelope.

jku and others added 5 commits March 24, 2025 15:13
@jku
verify: Use correct hash in inclusion proof
15975d6 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@cmurphy @jku
verify: Add initial verification test from Colleen
a32adbb 
* Tests are roughly like TestInclusion TestCheckpoint in
  https://github.com/sigstore/rekor/blob/main/pkg/verify/verify_test.go
  (the entry content is from there as well)
* The signed checkpoint envelope creation in TestVerifyCheckpoint is from
  https://github.com/transparency-dev/trillian-tessera/blob/ae724376e1ace4046767511c72c6006bde3ec87e/append_lifecycle.go#L298-L316

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@jku
verify: Add a few error cases to TestVerifyCheckpoint
9e4e04a 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@jku
verify: Add some error cases to TestVerifyInclusionProof
e470477 
Also refactor a bit, to avoid unnecessary error handling

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@jku
verify: Add license blurb to verify_tests.go
c1e1bca 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@jku

This comment was marked as outdated.

Sign in to view
@jku
verify: Add very basic test for VerifyLogEntry
c619068 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@jku jku marked this pull request as ready for review March 24, 2025 16:19
@jku jku requested review from a team as code owners March 24, 2025 16:19
cmurphy
cmurphy approved these changes Mar 24, 2025
View reviewed changes
Copy link
Contributor

@cmurphy cmurphy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@jku jku merged commit 725537e into sigstore:main Mar 25, 2025
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@loosebazooka loosebazooka loosebazooka left review comments

@cmurphy cmurphy cmurphy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jku @cmurphy @loosebazooka @haydentherapper