Use the correct verifier for RSA PSS scheme keys (#625)

* Explicitly use LoadRSAPSSVerifier for RSASSA_PSS_SHA256 keys Signed-off-by: Radoslav Dimitrov <[email protected]> * Update the basic_repository.go example to work with RSA PSS key scheme Signed-off-by: Radoslav Dimitrov <[email protected]> * added a simple tool that can resign test metadata and updated signatures to be pss and not pkcs1 v1.5 Signed-off-by: Fredrik Skogman <[email protected]> * Fixed failing unit tests Signed-off-by: Fredrik Skogman <[email protected]> --------- Signed-off-by: Radoslav Dimitrov <[email protected]> Signed-off-by: Fredrik Skogman <[email protected]> Co-authored-by: Fredrik Skogman <[email protected]>
theupdateframework · Dec 17, 2024 · 830edf8 · 830edf8
1 parent 58fd627
commit 830edf8
Show file tree

Hide file tree

Showing 10 changed files with 475 additions and 206 deletions.
diff --git a/examples/repository/basic_repository.go b/examples/repository/basic_repository.go
@@ -499,7 +499,9 @@ func main() {
 
 	// Use a mixture of key types
 	// ==========================
-	// Create an RSA key
+	// Create an RSA key.
+	// Note TUF should use an RSA PSS key scheme, not RSA PKCS1v15.
+	// Reference: https://theupdateframework.github.io/specification/latest/#file-formats-keys
 	anotherRootKeyRSA, _ := rsa.GenerateKey(rand.Reader, 2048)
 	if err != nil {
 		panic(fmt.Sprintln("basic_repository.go:", "RSA key generation failed", err))
@@ -549,7 +551,7 @@ func main() {
 	}
 
 	// Sign root with the new RSA and ECDSA keys
-	outofbandSignerRSA, err := signature.LoadSigner(anotherRootKeyRSA, crypto.SHA256)
+	outofbandSignerRSA, err := signature.LoadRSAPSSSigner(anotherRootKeyRSA, crypto.SHA256, &rsa.PSSOptions{Hash: crypto.SHA256})
 	if err != nil {
 		panic(fmt.Sprintln("basic_repository.go:", "loading RSA signer failed", err))
 	}

diff --git a/internal/testutils/repository_data/repository/metadata/root.json b/internal/testutils/repository_data/repository/metadata/root.json
@@ -1,71 +1,71 @@
 {
-	"signatures": [
-		{
-			"keyid": "74b58be26a6ff00ab2eec9b14da29038591a69c212223033f4efdf24489913f2",
-			"sig": "d0283ac0653e324ce132e47a518f8a1539b59430efe5cdec58ec53f824bec28628b57dd5fb2452bde83fc8f5d11ab0b7350a9bbcbefc7acc6c447785545fa1e36f1352c9e20dd1ebcc3ab16a2a7ff702e32e481ceba88e0f348dc2cddd26ca577445d00c7194e8656d901fd2382c479555af93a64eef48cf79cdff6ecdcd7cb7"
-		}
-	],
-	"signed": {
-		"_type": "root",
-		"consistent_snapshot": true,
-		"expires": "2030-08-15T14:30:45.0000001Z",
-		"keys": {
-			"142919f8e933d7045abff3be450070057814da36331d7a22ccade8b35a9e3946": {
-				"keytype": "rsa",
-				"keyval": {
-					"public": "-----BEGIN PUBLIC KEY-----\nMIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgHXjYnWGuCIOh5T3XGmgG/RsXWHP\nTbyu7OImP6O+uHg8hui8C1nY/mcJdFdxqgl1vKEco/Nwebh2T8L6XbNfcgV9VVst\nWpeCalZYWi55lZSLe9KixQIAyg15rNdhN9pcD3OuLmFvslgTx+dTbZ3ZoYMbcb4C\n5yqvqzcOoCTQMeWbAgMBAAE=\n-----END PUBLIC KEY-----\n"
-				},
-				"scheme": "rsassa-pss-sha256"
-			},
-			"282612f348dcd7fe3f19e0f890e89fad48d45335deeb91deef92873934e6fe6d": {
-				"keytype": "rsa",
-				"keyval": {
-					"public": "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjm6HPktvTGsygQ8Gvmu+zydTN\ne1zqoxLxV7mVRbmsCI4kn7JTHc4fmWZwvo7f/Wbto6Xj5HqGJFSlYIGZuTwZqPg3\nw8wqv8cuPxbmsFSxMoHfzBBIuJe0FlwXFysojbdhrSUqNL84tlwTFXEhePYrpTNM\nDn+9T55B0WJYT/VPxwIDAQAB\n-----END PUBLIC KEY-----\n"
-				},
-				"scheme": "rsassa-pss-sha256"
-			},
-			"74b58be26a6ff00ab2eec9b14da29038591a69c212223033f4efdf24489913f2": {
-				"keytype": "rsa",
-				"keyval": {
-					"public": "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDydf/VEpxBOCDoxpM6IVhq9i67\nP9BiVv2zwZSUO/M0RTToAvFvNgDKXwtnp8LyjVk++wMA1aceMa+pS7vYrKvPIJa7\nWIT+mwy86/fIdnllJDMw5tmLr2mE3oBMxOhpEiD2tO+liGacklFNk6nHHorX9S91\niqpdRVa3zJw5ALvLdwIDAQAB\n-----END PUBLIC KEY-----\n"
-				},
-				"scheme": "rsassa-pss-sha256"
-			},
-			"8a14f637b21578cc292a67899df0e46cc160d7fd56e9beae898adb666f4fd9d6": {
-				"keytype": "rsa",
-				"keyval": {
-					"public": "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPQoHresXRRRGoinN3bNn+BI23\nKolXdXLGqYkTvr9AjemUQJxbqmvZXHboQMAYw8OuBrRNt5Fz20wjsrJwOBEU5U3n\nHSJI4zYPGckYci0/0Eo2Kjws5BmIj38qgIfhsH4zyZ4FZZ+GLRn+W3i3wl6SfRMC\n/HCg0DDwi75faC0vGQIDAQAB\n-----END PUBLIC KEY-----\n"
-				},
-				"scheme": "rsassa-pss-sha256"
-			}
-		},
-		"roles": {
-			"root": {
-				"keyids": [
-					"74b58be26a6ff00ab2eec9b14da29038591a69c212223033f4efdf24489913f2"
-				],
-				"threshold": 1
-			},
-			"snapshot": {
-				"keyids": [
-					"8a14f637b21578cc292a67899df0e46cc160d7fd56e9beae898adb666f4fd9d6"
-				],
-				"threshold": 1
-			},
-			"targets": {
-				"keyids": [
-					"282612f348dcd7fe3f19e0f890e89fad48d45335deeb91deef92873934e6fe6d"
-				],
-				"threshold": 1
-			},
-			"timestamp": {
-				"keyids": [
-					"142919f8e933d7045abff3be450070057814da36331d7a22ccade8b35a9e3946"
-				],
-				"threshold": 1
-			}
-		},
-		"spec_version": "1.0.31",
-		"version": 1
-	}
+ "signatures": [
+  {
+   "keyid": "74b58be26a6ff00ab2eec9b14da29038591a69c212223033f4efdf24489913f2",
+   "sig": "60d502a798f44577a76a1d7656a60099cd3a995d3d71a0a234aadbd16e38c14611920b8aef9ed78ca4ac0c02277cd72a6fc5ef484a3d66a6c70a61199e462681eb2e667046d4fbc2be1e50cf9fe00fda8fcd6534599eddc91716bf38e7fbbf375524fdb702c74076fd37dcd401d5263783150e851bdba9ef6f9c9a08adf6b289"
+  }
+ ],
+ "signed": {
+  "_type": "root",
+  "consistent_snapshot": true,
+  "expires": "2030-08-15T14:30:45.0000001Z",
+  "keys": {
+   "142919f8e933d7045abff3be450070057814da36331d7a22ccade8b35a9e3946": {
+    "keytype": "rsa",
+    "keyval": {
+     "public": "-----BEGIN PUBLIC KEY-----\nMIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgHXjYnWGuCIOh5T3XGmgG/RsXWHP\nTbyu7OImP6O+uHg8hui8C1nY/mcJdFdxqgl1vKEco/Nwebh2T8L6XbNfcgV9VVst\nWpeCalZYWi55lZSLe9KixQIAyg15rNdhN9pcD3OuLmFvslgTx+dTbZ3ZoYMbcb4C\n5yqvqzcOoCTQMeWbAgMBAAE=\n-----END PUBLIC KEY-----\n"
+    },
+    "scheme": "rsassa-pss-sha256"
+   },
+   "282612f348dcd7fe3f19e0f890e89fad48d45335deeb91deef92873934e6fe6d": {
+    "keytype": "rsa",
+    "keyval": {
+     "public": "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjm6HPktvTGsygQ8Gvmu+zydTN\ne1zqoxLxV7mVRbmsCI4kn7JTHc4fmWZwvo7f/Wbto6Xj5HqGJFSlYIGZuTwZqPg3\nw8wqv8cuPxbmsFSxMoHfzBBIuJe0FlwXFysojbdhrSUqNL84tlwTFXEhePYrpTNM\nDn+9T55B0WJYT/VPxwIDAQAB\n-----END PUBLIC KEY-----\n"
+    },
+    "scheme": "rsassa-pss-sha256"
+   },
+   "74b58be26a6ff00ab2eec9b14da29038591a69c212223033f4efdf24489913f2": {
+    "keytype": "rsa",
+    "keyval": {
+     "public": "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDydf/VEpxBOCDoxpM6IVhq9i67\nP9BiVv2zwZSUO/M0RTToAvFvNgDKXwtnp8LyjVk++wMA1aceMa+pS7vYrKvPIJa7\nWIT+mwy86/fIdnllJDMw5tmLr2mE3oBMxOhpEiD2tO+liGacklFNk6nHHorX9S91\niqpdRVa3zJw5ALvLdwIDAQAB\n-----END PUBLIC KEY-----\n"
+    },
+    "scheme": "rsassa-pss-sha256"
+   },
+   "8a14f637b21578cc292a67899df0e46cc160d7fd56e9beae898adb666f4fd9d6": {
+    "keytype": "rsa",
+    "keyval": {
+     "public": "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPQoHresXRRRGoinN3bNn+BI23\nKolXdXLGqYkTvr9AjemUQJxbqmvZXHboQMAYw8OuBrRNt5Fz20wjsrJwOBEU5U3n\nHSJI4zYPGckYci0/0Eo2Kjws5BmIj38qgIfhsH4zyZ4FZZ+GLRn+W3i3wl6SfRMC\n/HCg0DDwi75faC0vGQIDAQAB\n-----END PUBLIC KEY-----\n"
+    },
+    "scheme": "rsassa-pss-sha256"
+   }
+  },
+  "roles": {
+   "root": {
+    "keyids": [
+     "74b58be26a6ff00ab2eec9b14da29038591a69c212223033f4efdf24489913f2"
+    ],
+    "threshold": 1
+   },
+   "snapshot": {
+    "keyids": [
+     "8a14f637b21578cc292a67899df0e46cc160d7fd56e9beae898adb666f4fd9d6"
+    ],
+    "threshold": 1
+   },
+   "targets": {
+    "keyids": [
+     "282612f348dcd7fe3f19e0f890e89fad48d45335deeb91deef92873934e6fe6d"
+    ],
+    "threshold": 1
+   },
+   "timestamp": {
+    "keyids": [
+     "142919f8e933d7045abff3be450070057814da36331d7a22ccade8b35a9e3946"
+    ],
+    "threshold": 1
+   }
+  },
+  "spec_version": "1.0.31",
+  "version": 1
+ }
 }
diff --git a/internal/testutils/repository_data/repository/metadata/snapshot.json b/internal/testutils/repository_data/repository/metadata/snapshot.json
@@ -1,25 +1,25 @@
 {
-	"signatures": [
-		{
-			"keyid": "8a14f637b21578cc292a67899df0e46cc160d7fd56e9beae898adb666f4fd9d6",
-			"sig": "3075fe9ef3008603eb0531500a93101b8f7eb52b07ce63fb71abaffd5eb20784bcab888abfca8041798b13dd35c6e18ff4a64d536161c4d5e7535f006edec3a46c71684a632269222da82d50bf380e20eb477032e45df0b44af9e1dc46f25cd72f9901b4fc41b90869649b6257a66188b61b83c7295baf16f113e9cc4d39b3a6"
-		}
-	],
-	"signed": {
-		"_type": "snapshot",
-		"expires": "2030-08-15T14:30:45.0000001Z",
-		"meta": {
-			"role1.json": {
-				"version": 1
-			},
-			"role2.json": {
-				"version": 1
-			},
-			"targets.json": {
-				"version": 1
-			}
-		},
-		"spec_version": "1.0.31",
-		"version": 1
-	}
+ "signatures": [
+  {
+   "keyid": "8a14f637b21578cc292a67899df0e46cc160d7fd56e9beae898adb666f4fd9d6",
+   "sig": "1fdc41488f58482d8af1dad681b9076d54c61b3f5e11bd6cf3c8102b2863471f82c0be2cccd978a9bb6afb43e07dd7e806028a883eaeafd32d5f5277d6419363ecb1475286a61996a4bb4b325b703d3bd60381227af0a3826f7f119a451086bcb5b13a525184d1b2a941ab9a270d2c9c8e584162c5857b138a38c33892e2a921"
+  }
+ ],
+ "signed": {
+  "_type": "snapshot",
+  "expires": "2030-08-15T14:30:45.0000001Z",
+  "meta": {
+   "role1.json": {
+    "version": 1
+   },
+   "role2.json": {
+    "version": 1
+   },
+   "targets.json": {
+    "version": 1
+   }
+  },
+  "spec_version": "1.0.31",
+  "version": 1
+ }
 }
diff --git a/internal/testutils/repository_data/repository/metadata/targets.json b/internal/testutils/repository_data/repository/metadata/targets.json
@@ -1,50 +1,50 @@
 {
-	"signatures": [
-		{
-			"keyid": "282612f348dcd7fe3f19e0f890e89fad48d45335deeb91deef92873934e6fe6d",
-			"sig": "80cd125a4b128c9508df8bc6f71ad2ed9896a9e7afccd53fca9e7dbc2f02db69c3ae712234d3730c929d891fa035bdf059736e7debf62cbac6f0e8d22ab0c5de3b3e47b249eb0d41dea66d9fda9588893cde824a95614129263b6fed72fafb21cd7114e603fe3a30e3871e9eb5b5029e3e9a8353190f1bcb332a81ec211a93eb"
-		}
-	],
-	"signed": {
-		"_type": "targets",
-		"delegations": {
-			"keys": {
-				"c8022fa1e9b9cb239a6b362bbdffa9649e61ad2cb699d2e4bc4fdf7930a0e64a": {
-					"keyid_hash_algorithms": [
-						"sha256",
-						"sha512"
-					],
-					"keytype": "ed25519",
-					"keyval": {
-						"public": "fcf224e55fa226056adf113ef1eb3d55e308b75b321c8c8316999d8c4fd9e0d9"
-					},
-					"scheme": "ed25519"
-				}
-			},
-			"roles": [
-				{
-					"keyids": [
-						"c8022fa1e9b9cb239a6b362bbdffa9649e61ad2cb699d2e4bc4fdf7930a0e64a"
-					],
-					"name": "role1",
-					"paths": [
-						"file3.txt"
-					],
-					"terminating": false,
-					"threshold": 1
-				}
-			]
-		},
-		"expires": "2030-08-15T14:30:45.0000001Z",
-		"spec_version": "1.0.31",
-		"targets": {
-			"file1.txt": {
-				"hashes": {
-					"sha256": "65b8c67f51c993d898250f40aa57a317d854900b3a04895464313e48785440da"
-				},
-				"length": 31
-			}
-		},
-		"version": 1
-	}
+ "signatures": [
+  {
+   "keyid": "282612f348dcd7fe3f19e0f890e89fad48d45335deeb91deef92873934e6fe6d",
+   "sig": "699c0c762032f6471fceabfd2d61b80f352ad6bf2ba5fd7b114fd0b9b1ab8d94f1482776b3fef43c53183a9c9cd7f5de671cbdafdd5032bbe2c42273e953bf3ce9f99c2d46dac8802d6155082e10313e22c4886af2be113b626f2a8af930e01ed41df50a5dbe6ca4cedf5f5d2a7f3b7e7090abacc8aebd6e021ad021d3580cad"
+  }
+ ],
+ "signed": {
+  "_type": "targets",
+  "delegations": {
+   "keys": {
+    "c8022fa1e9b9cb239a6b362bbdffa9649e61ad2cb699d2e4bc4fdf7930a0e64a": {
+     "keyid_hash_algorithms": [
+      "sha256",
+      "sha512"
+     ],
+     "keytype": "ed25519",
+     "keyval": {
+      "public": "fcf224e55fa226056adf113ef1eb3d55e308b75b321c8c8316999d8c4fd9e0d9"
+     },
+     "scheme": "ed25519"
+    }
+   },
+   "roles": [
+    {
+     "keyids": [
+      "c8022fa1e9b9cb239a6b362bbdffa9649e61ad2cb699d2e4bc4fdf7930a0e64a"
+     ],
+     "name": "role1",
+     "paths": [
+      "file3.txt"
+     ],
+     "terminating": false,
+     "threshold": 1
+    }
+   ]
+  },
+  "expires": "2030-08-15T14:30:45.0000001Z",
+  "spec_version": "1.0.31",
+  "targets": {
+   "file1.txt": {
+    "hashes": {
+     "sha256": "65b8c67f51c993d898250f40aa57a317d854900b3a04895464313e48785440da"
+    },
+    "length": 31
+   }
+  },
+  "version": 1
+ }
 }
diff --git a/internal/testutils/repository_data/repository/metadata/timestamp.json b/internal/testutils/repository_data/repository/metadata/timestamp.json
@@ -1,19 +1,19 @@
 {
-	"signatures": [
-		{
-			"keyid": "142919f8e933d7045abff3be450070057814da36331d7a22ccade8b35a9e3946",
-			"sig": "639c9ce3dbb705265b5e9ad6d67fea2b38780c48ff7917e372adace8e50a7a2f054383d5960457a113059be521b8ce7e6d8a5787c600c4850b8c0ed1ae17a931a6bfe794476e7824c6f53df5232561e0a2e146b11dde7889b397c6f8136e2105bbb21b4b59b5addc032a0e755d97e531255f3b458d474184168541e542626e81"
-		}
-	],
-	"signed": {
-		"_type": "timestamp",
-		"expires": "2030-08-15T14:30:45.0000001Z",
-		"meta": {
-			"snapshot.json": {
-				"version": 1
-			}
-		},
-		"spec_version": "1.0.31",
-		"version": 1
-	}
+ "signatures": [
+  {
+   "keyid": "142919f8e933d7045abff3be450070057814da36331d7a22ccade8b35a9e3946",
+   "sig": "043b312da9ee1444e3ef539d943891b2690a8d75624c0f05ec148790fd698a7eb1501428167872794857e9669a451619cc796658782b1d46ecc59d1aca0db7233416e81074ef4f54fd845ad8e4216b4cd5163d815be9ecbf73f34aacd25b60c99da88cf641ba5715c37f34a6bc036061c05a42066f554714ee8647c47ae5c16e"
+  }
+ ],
+ "signed": {
+  "_type": "timestamp",
+  "expires": "2030-08-15T14:30:45.0000001Z",
+  "meta": {
+   "snapshot.json": {
+    "version": 1
+   }
+  },
+  "spec_version": "1.0.31",
+  "version": 1
+ }
 }
diff --git a/internal/testutils/rsapss/signer.go b/internal/testutils/rsapss/signer.go
@@ -0,0 +1,35 @@
+package rsapss
+
+import (
+	"crypto"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+	"os"
+
+	"github.com/sigstore/sigstore/pkg/signature"
+	"github.com/sigstore/sigstore/pkg/signature/options"
+)
+
+func LoadRSAPSSSignerFromPEMFile(p string) (signature.Signer, error) {
+	var b []byte
+	var block *pem.Block
+	var pk any
+	var err error
+
+	if b, err = os.ReadFile(p); err != nil {
+		return nil, err
+	}
+
+	if block, _ = pem.Decode(b); len(block.Bytes) == 0 {
+		return nil, errors.New("empty PEM block")
+	}
+
+	if pk, err = x509.ParsePKCS1PrivateKey(block.Bytes); err != nil {
+		return nil, err
+	}
+	var pssOpt = rsa.PSSOptions{Hash: crypto.SHA256}
+
+	return signature.LoadSignerWithOpts(pk, options.WithRSAPSS(&pssOpt))
+}