Add support for SigningConfig in sign/attest (#4371)

* Add support for SigningConfig in sign/attest

This will indirectly add support for signing with Rekor v2, since
signing will be handled by sigstore-go rather than Cosign.

This also brings sign/attest up to par with sign-blob/attest-blob with
respect to signing with a key and providing a trusted root when
providing a signing config.

This feature is gated behind one of two signing config flags, which in a
later version of Cosign will be flipped to on by default.

Signed-off-by: Hayden <8418760+haydentherapper@users.noreply.github.com>

* Address review comments

--signing-config and --use-signing-config are now mutually exclusive.

TrustedMaterial and SigningConfig are set in the same line as fetching
the trusted root and signing config.

Signed-off-by: Hayden <8418760+haydentherapper@users.noreply.github.com>

---------

Signed-off-by: Hayden <8418760+haydentherapper@users.noreply.github.com>

Author: haydentherapper

cmd/cosign/cli/attest.go

@@ -25,6 +25,7 @@ import (
 	"github.com/sigstore/cosign/v2/internal/ui"
 	"github.com/sigstore/cosign/v2/pkg/cosign"
 	"github.com/sigstore/cosign/v2/pkg/cosign/env"
+	"github.com/sigstore/sigstore-go/pkg/root"
 	"github.com/spf13/cobra"
 )
 
@@ -101,14 +102,39 @@ func Attest() *cobra.Command {
 				IssueCertificateForExistingKey: o.IssueCertificate,
 				NewBundleFormat:                o.NewBundleFormat,
 			}
-			if o.Key == "" && env.Getenv(env.VariableSigstoreCTLogPublicKeyFile) == "" { // Get the trusted root if using fulcio for signing
-				trustedMaterial, err := cosign.TrustedRoot()
+			// Fetch a trusted root when:
+			// * requesting a certificate and no CT log key is provided to verify an SCT
+			// * using a signing config and signing using sigstore-go
+			if (o.Key == "" && env.Getenv(env.VariableSigstoreCTLogPublicKeyFile) == "") ||
+				(o.UseSigningConfig || o.SigningConfigPath != "") {
+				if o.TrustedRootPath != "" {
+					ko.TrustedMaterial, err = root.NewTrustedRootFromPath(o.TrustedRootPath)
+					if err != nil {
+						return fmt.Errorf("loading trusted root: %w", err)
+					}
+				} else {
+					ko.TrustedMaterial, err = cosign.TrustedRoot()
+					if err != nil {
+						ui.Warnf(context.Background(), "Could not fetch trusted_root.json from the TUF repository. Continuing with individual targets. Error from TUF: %v", err)
+					}
+				}
+			}
+
+			if (o.UseSigningConfig || o.SigningConfigPath != "") && !o.NewBundleFormat {
+				return fmt.Errorf("must provide --new-bundle-format with --signing-config or --use-signing-config")
+			}
+			if o.UseSigningConfig {
+				ko.SigningConfig, err = cosign.SigningConfig()
 				if err != nil {
-					ui.Warnf(context.Background(), "Could not fetch trusted_root.json from the TUF repository. Continuing with individual targets. Error from TUF: %v", err)
+					return fmt.Errorf("error getting signing config from TUF: %w", err)
+				}
+			} else if o.SigningConfigPath != "" {
+				ko.SigningConfig, err = root.NewSigningConfigFromPath(o.SigningConfigPath)
+				if err != nil {
+					return fmt.Errorf("error reading signing config from file: %w", err)
 				}
-				ko.TrustedMaterial = trustedMaterial
 			}
-			// TODO(#4324): Add support for SigningConfig
+
 			attestCommand := attest.AttestCommand{
 				KeyOpts:                 ko,
 				RegistryOptions:         o.Registry,

cmd/cosign/cli/attest/attest.go

@@ -29,7 +29,9 @@ import (
 
 	"github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
 	"github.com/sigstore/cosign/v2/cmd/cosign/cli/rekor"
-	"github.com/sigstore/cosign/v2/cmd/cosign/cli/sign"
+	cosign_sign "github.com/sigstore/cosign/v2/cmd/cosign/cli/sign"
+	"github.com/sigstore/cosign/v2/internal/auth"
+	"github.com/sigstore/cosign/v2/internal/key"
 	"github.com/sigstore/cosign/v2/internal/pkg/cosign/tsa"
 	tsaclient "github.com/sigstore/cosign/v2/internal/pkg/cosign/tsa/client"
 	"github.com/sigstore/cosign/v2/internal/ui"
@@ -43,13 +45,14 @@ import (
 	"github.com/sigstore/cosign/v2/pkg/types"
 	"github.com/sigstore/rekor/pkg/generated/client"
 	"github.com/sigstore/rekor/pkg/generated/models"
+	"github.com/sigstore/sigstore-go/pkg/sign"
 	"github.com/sigstore/sigstore/pkg/signature/dsse"
 	signatureoptions "github.com/sigstore/sigstore/pkg/signature/options"
 )
 
 type tlogUploadFn func(*client.Rekor, []byte) (*models.LogEntryAnon, error)
 
-func uploadToTlog(ctx context.Context, sv *sign.SignerVerifier, rekorURL string, upload tlogUploadFn) (*models.LogEntryAnon, error) {
+func uploadToTlog(ctx context.Context, sv *cosign_sign.SignerVerifier, rekorURL string, upload tlogUploadFn) (*models.LogEntryAnon, error) {
 	rekorBytes, err := sv.Bytes(ctx)
 	if err != nil {
 		return nil, err
@@ -132,20 +135,6 @@ func (c *AttestCommand) Exec(ctx context.Context, imageRef string) error {
 	// each access.
 	ref = digest // nolint
 
-	sv, genKey, err := sign.SignerFromKeyOpts(ctx, c.CertPath, c.CertChainPath, c.KeyOpts)
-	if err != nil {
-		return fmt.Errorf("getting signer: %w", err)
-	}
-	if genKey || c.IssueCertificateForExistingKey {
-		sv, err = sign.KeylessSigner(ctx, c.KeyOpts, sv)
-		if err != nil {
-			return fmt.Errorf("getting Fulcio signer: %w", err)
-		}
-	}
-	defer sv.Close()
-	wrapped := dsse.WrapSigner(sv, types.IntotoPayloadType)
-	dd := cremote.NewDupeDetector(sv)
-
 	predicate, err := predicateReader(c.PredicatePath)
 	if err != nil {
 		return fmt.Errorf("getting predicate reader: %w", err)
@@ -166,6 +155,83 @@ func (c *AttestCommand) Exec(ctx context.Context, imageRef string) error {
 	if err != nil {
 		return err
 	}
+
+	if c.SigningConfig != nil {
+		var keypair sign.Keypair
+		var ephemeralKeypair bool
+		var idToken string
+		var sv *cosign_sign.SignerVerifier
+		var err error
+
+		if c.Sk || c.Slot != "" || c.KeyRef != "" || c.CertPath != "" {
+			sv, _, err = cosign_sign.SignerFromKeyOpts(ctx, c.CertPath, c.CertChainPath, c.KeyOpts)
+			if err != nil {
+				return fmt.Errorf("getting signer: %w", err)
+			}
+			keypair, err = key.NewSignerVerifierKeypair(sv, c.DefaultLoadOptions)
+			if err != nil {
+				return fmt.Errorf("creating signerverifier keypair: %w", err)
+			}
+		} else {
+			keypair, err = sign.NewEphemeralKeypair(nil)
+			if err != nil {
+				return fmt.Errorf("generating keypair: %w", err)
+			}
+			ephemeralKeypair = true
+		}
+		defer func() {
+			if sv != nil {
+				sv.Close()
+			}
+		}()
+
+		if ephemeralKeypair || c.IssueCertificateForExistingKey {
+			idToken, err = auth.RetrieveIDToken(ctx, auth.IDTokenConfig{
+				TokenOrPath:      c.IDToken,
+				DisableProviders: c.OIDCDisableProviders,
+				Provider:         c.OIDCProvider,
+				AuthFlow:         c.FulcioAuthFlow,
+				SkipConfirm:      c.SkipConfirmation,
+				OIDCServices:     c.SigningConfig.OIDCProviderURLs(),
+				ClientID:         c.OIDCClientID,
+				ClientSecret:     c.OIDCClientSecret,
+				RedirectURL:      c.OIDCRedirectURL,
+			})
+			if err != nil {
+				return fmt.Errorf("retrieving ID token: %w", err)
+			}
+		}
+
+		content := &sign.DSSEData{
+			Data:        payload,
+			PayloadType: "application/vnd.in-toto+json",
+		}
+		bundle, err := cbundle.SignData(content, keypair, idToken, c.SigningConfig, c.TrustedMaterial)
+		if err != nil {
+			return fmt.Errorf("signing bundle: %w", err)
+		}
+
+		ociremoteOpts, err := c.RegistryOptions.ClientOpts(ctx)
+		if err != nil {
+			return err
+		}
+		return ociremote.WriteAttestationNewBundleFormat(digest, bundle, types.CosignSignPredicateType, ociremoteOpts...)
+	}
+
+	sv, genKey, err := cosign_sign.SignerFromKeyOpts(ctx, c.CertPath, c.CertChainPath, c.KeyOpts)
+	if err != nil {
+		return fmt.Errorf("getting signer: %w", err)
+	}
+	if genKey || c.IssueCertificateForExistingKey {
+		sv, err = cosign_sign.KeylessSigner(ctx, c.KeyOpts, sv)
+		if err != nil {
+			return fmt.Errorf("getting Fulcio signer: %w", err)
+		}
+	}
+	defer sv.Close()
+	wrapped := dsse.WrapSigner(sv, types.IntotoPayloadType)
+	dd := cremote.NewDupeDetector(sv)
+
 	signedPayload, err := wrapped.SignMessage(bytes.NewReader(payload), signatureoptions.WithContext(ctx))
 	if err != nil {
 		return fmt.Errorf("signing: %w", err)
@@ -227,7 +293,7 @@ func (c *AttestCommand) Exec(ctx context.Context, imageRef string) error {
 	opts = append(opts, static.WithAnnotations(predicateTypeAnnotation))
 
 	// Check whether we should be uploading to the transparency log
-	shouldUpload, err := sign.ShouldUploadToTlog(ctx, c.KeyOpts, digest, c.TlogUpload)
+	shouldUpload, err := cosign_sign.ShouldUploadToTlog(ctx, c.KeyOpts, digest, c.TlogUpload)
 	if err != nil {
 		return fmt.Errorf("should upload to tlog: %w", err)
 	}

cmd/cosign/cli/attest_blob.go

@@ -101,28 +101,25 @@ func AttestBlob() *cobra.Command {
 						return fmt.Errorf("loading trusted root: %w", err)
 					}
 				} else {
-					trustedMaterial, err := cosign.TrustedRoot()
+					ko.TrustedMaterial, err = cosign.TrustedRoot()
 					if err != nil {
 						ui.Warnf(context.Background(), "Could not fetch trusted_root.json from the TUF repository. Continuing with individual targets. Error from TUF: %v", err)
 					}
-					ko.TrustedMaterial = trustedMaterial
 				}
 			}
 			if (o.UseSigningConfig || o.SigningConfigPath != "") && o.BundlePath == "" {
 				return fmt.Errorf("must provide --bundle with --signing-config or --use-signing-config")
 			}
 			if o.UseSigningConfig {
-				signingConfig, err := cosign.SigningConfig()
+				ko.SigningConfig, err = cosign.SigningConfig()
 				if err != nil {
 					return fmt.Errorf("error getting signing config from TUF: %w", err)
 				}
-				ko.SigningConfig = signingConfig
 			} else if o.SigningConfigPath != "" {
-				signingConfig, err := root.NewSigningConfigFromPath(o.SigningConfigPath)
+				ko.SigningConfig, err = root.NewSigningConfigFromPath(o.SigningConfigPath)
 				if err != nil {
 					return fmt.Errorf("error reading signing config from file: %w", err)
 				}
-				ko.SigningConfig = signingConfig
 			}
 
 			v := attest.AttestBlobCommand{

cmd/cosign/cli/options/attest.go

@@ -39,6 +39,9 @@ type AttestOptions struct {
 	RekorEntryType          string
 	RecordCreationTimestamp bool
 	NewBundleFormat         bool
+	UseSigningConfig        bool
+	SigningConfigPath       string
+	TrustedRootPath         string
 
 	Rekor       RekorOptions
 	Fulcio      FulcioOptions
@@ -111,5 +114,18 @@ func (o *AttestOptions) AddFlags(cmd *cobra.Command) {
 	cmd.Flags().BoolVar(&o.IssueCertificate, "issue-certificate", false,
 		"issue a code signing certificate from Fulcio, even if a key is provided")
 
+	// TODO: have this default to true as a breaking change
 	cmd.Flags().BoolVar(&o.NewBundleFormat, "new-bundle-format", false, "attach a Sigstore bundle using OCI referrers API")
+
+	// TODO: have this default to true as a breaking change
+	cmd.Flags().BoolVar(&o.UseSigningConfig, "use-signing-config", false,
+		"whether to use a TUF-provided signing config for the service URLs. Must set --new-bundle-format, which will store verification material in the new format")
+
+	cmd.Flags().StringVar(&o.SigningConfigPath, "signing-config", "",
+		"path to a signing config file. Must provide --new-bundle-format, which will store verification material in the new format")
+
+	cmd.MarkFlagsMutuallyExclusive("use-signing-config", "signing-config")
+
+	cmd.Flags().StringVar(&o.TrustedRootPath, "trusted-root", "",
+		"optional path to a TrustedRoot JSON file to verify a signature after signing")
 }

cmd/cosign/cli/options/attest_blob.go

@@ -109,6 +109,8 @@ func (o *AttestBlobOptions) AddFlags(cmd *cobra.Command) {
 	cmd.Flags().StringVar(&o.SigningConfigPath, "signing-config", "",
 		"path to a signing config file. Must provide --bundle, which will output verification material in the new format")
 
+	cmd.MarkFlagsMutuallyExclusive("use-signing-config", "signing-config")
+
 	cmd.Flags().StringVar(&o.TrustedRootPath, "trusted-root", "",
 		"optional path to a TrustedRoot JSON file to verify a signature after signing")
 

cmd/cosign/cli/options/sign.go

@@ -43,6 +43,9 @@ type SignOptions struct {
 	SignContainerIdentity   string
 	RecordCreationTimestamp bool
 	NewBundleFormat         bool
+	UseSigningConfig        bool
+	SigningConfigPath       string
+	TrustedRootPath         string
 
 	Rekor       RekorOptions
 	Fulcio      FulcioOptions
@@ -139,5 +142,18 @@ func (o *SignOptions) AddFlags(cmd *cobra.Command) {
 
 	cmd.Flags().BoolVar(&o.RecordCreationTimestamp, "record-creation-timestamp", false, "set the createdAt timestamp in the signature artifact to the time it was created; by default, cosign sets this to the zero value")
 
+	// TODO: have this default to true as a breaking change
 	cmd.Flags().BoolVar(&o.NewBundleFormat, "new-bundle-format", false, "expect the signature/attestation to be packaged in a Sigstore bundle")
+
+	// TODO: have this default to true as a breaking change
+	cmd.Flags().BoolVar(&o.UseSigningConfig, "use-signing-config", false,
+		"whether to use a TUF-provided signing config for the service URLs. Must set --new-bundle-format, which will store verification material in the new format")
+
+	cmd.Flags().StringVar(&o.SigningConfigPath, "signing-config", "",
+		"path to a signing config file. Must provide --new-bundle-format, which will store verification material in the new format")
+
+	cmd.MarkFlagsMutuallyExclusive("use-signing-config", "signing-config")
+
+	cmd.Flags().StringVar(&o.TrustedRootPath, "trusted-root", "",
+		"optional path to a TrustedRoot JSON file to verify a signature after signing")
 }

cmd/cosign/cli/options/signblob.go

@@ -92,6 +92,8 @@ func (o *SignBlobOptions) AddFlags(cmd *cobra.Command) {
 	cmd.Flags().StringVar(&o.SigningConfigPath, "signing-config", "",
 		"path to a signing config file. Must provide --bundle, which will output verification material in the new format")
 
+	cmd.MarkFlagsMutuallyExclusive("use-signing-config", "signing-config")
+
 	cmd.Flags().StringVar(&o.TrustedRootPath, "trusted-root", "",
 		"optional path to a TrustedRoot JSON file to verify a signature after signing")
 

cmd/cosign/cli/sign.go

@@ -26,6 +26,7 @@ import (
 	"github.com/sigstore/cosign/v2/internal/ui"
 	"github.com/sigstore/cosign/v2/pkg/cosign"
 	"github.com/sigstore/cosign/v2/pkg/cosign/env"
+	"github.com/sigstore/sigstore-go/pkg/root"
 	"github.com/spf13/cobra"
 )
 
@@ -131,13 +132,39 @@ race conditions or (worse) malicious tampering.
 				TSAServerURL:                   o.TSAServerURL,
 				IssueCertificateForExistingKey: o.IssueCertificate,
 			}
-			if (o.Key == "" || o.IssueCertificate) && env.Getenv(env.VariableSigstoreCTLogPublicKeyFile) == "" {
-				trustedMaterial, err := cosign.TrustedRoot()
+			// Fetch a trusted root when:
+			// * requesting a certificate and no CT log key is provided to verify an SCT
+			// * using a signing config and signing using sigstore-go
+			if ((o.Key == "" || o.IssueCertificate) && env.Getenv(env.VariableSigstoreCTLogPublicKeyFile) == "") ||
+				(o.UseSigningConfig || o.SigningConfigPath != "") {
+				if o.TrustedRootPath != "" {
+					ko.TrustedMaterial, err = root.NewTrustedRootFromPath(o.TrustedRootPath)
+					if err != nil {
+						return fmt.Errorf("loading trusted root: %w", err)
+					}
+				} else {
+					ko.TrustedMaterial, err = cosign.TrustedRoot()
+					if err != nil {
+						ui.Warnf(context.Background(), "Could not fetch trusted_root.json from the TUF repository. Continuing with individual targets. Error from TUF: %v", err)
+					}
+				}
+			}
+
+			if (o.UseSigningConfig || o.SigningConfigPath != "") && !o.NewBundleFormat {
+				return fmt.Errorf("must provide --new-bundle-format with --signing-config or --use-signing-config")
+			}
+			if o.UseSigningConfig {
+				ko.SigningConfig, err = cosign.SigningConfig()
 				if err != nil {
-					ui.Warnf(context.Background(), "Could not fetch trusted_root.json from the TUF repository. Continuing with individual targets. Error from TUF: %v", err)
+					return fmt.Errorf("error getting signing config from TUF: %w", err)
+				}
+			} else if o.SigningConfigPath != "" {
+				ko.SigningConfig, err = root.NewSigningConfigFromPath(o.SigningConfigPath)
+				if err != nil {
+					return fmt.Errorf("error reading signing config from file: %w", err)
 				}
-				ko.TrustedMaterial = trustedMaterial
 			}
+
 			if err := sign.SignCmd(ro, ko, *o, args); err != nil {
 				if o.Attachment == "" {
 					return fmt.Errorf("signing %v: %w", args, err)