Added --client-signing-algorithms flag

cmd/rekor-server/app/root.go

@@ -20,11 +20,15 @@ import (
 	"net/http"
 	"net/http/pprof"
 	"os"
+	"sort"
+	"strings"
 	"time"
 
 	"github.com/go-chi/chi/middleware"
 	homedir "github.com/mitchellh/go-homedir"
+	"github.com/sigstore/rekor/pkg/api"
 	"github.com/sigstore/rekor/pkg/log"
+	"github.com/sigstore/sigstore/pkg/signature"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 
@@ -137,6 +141,18 @@ Memory and file-based signers should only be used for testing.`)
 	rootCmd.PersistentFlags().String("http-request-id-header-name", middleware.RequestIDHeader, "name of HTTP Request Header to use as request correlation ID")
 	rootCmd.PersistentFlags().String("trace-string-prefix", "", "if set, this will be used to prefix the 'trace' field when outputting structured logs")
 
+	keyAlgorithmTypes := []string{}
+	for _, keyAlgorithm := range api.AllowedClientSigningAlgorithms {
+		keyFlag, err := signature.FormatSignatureAlgorithmFlag(keyAlgorithm)
+		if err != nil {
+			panic(err)
+		}
+		keyAlgorithmTypes = append(keyAlgorithmTypes, keyFlag)
+	}
+	sort.Strings(keyAlgorithmTypes)
+	keyAlgorithmHelp := fmt.Sprintf("signing algorithm to use for signing/hashing (allowed %s)", strings.Join(keyAlgorithmTypes, ", "))
+	rootCmd.PersistentFlags().StringSlice("client-signing-algorithms", keyAlgorithmTypes, keyAlgorithmHelp)
+
 	if err := viper.BindPFlags(rootCmd.PersistentFlags()); err != nil {
 		log.Logger.Fatal(err)
 	}

go.mod

@@ -203,3 +203,5 @@ require (
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
+
+replace github.com/sigstore/sigstore => github.com/trail-of-forks/sigstore v0.0.0-20240219090738-536a0415e570

go.sum

@@ -422,6 +422,8 @@ github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qv
 github.com/theupdateframework/go-tuf v0.7.0/go.mod h1:uEB7WSY+7ZIugK6R1hiBMBjQftaFzn7ZCDJcp1tCUug=
 github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 h1:e/5i7d4oYZ+C1wj2THlRK+oAhjeS/TRQwMfkIuet3w0=
 github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399/go.mod h1:LdwHTNJT99C5fTAzDz0ud328OgXz+gierycbcIx2fRs=
+github.com/trail-of-forks/sigstore v0.0.0-20240219090738-536a0415e570 h1:MK6kgPkHZkBbI1Lm1/iLPJQwTuWDkALKgOL4ede2VWA=
+github.com/trail-of-forks/sigstore v0.0.0-20240219090738-536a0415e570/go.mod h1:uUGi88Pc0sTVnzNY5rmB3z7a2k83JHCZ/mTvoyPtwpQ=
 github.com/transparency-dev/merkle v0.0.2 h1:Q9nBoQcZcgPamMkGn7ghV8XiTZ/kRxn1yCG81+twTK4=
 github.com/transparency-dev/merkle v0.0.2/go.mod h1:pqSy+OXefQ1EDUVmAJ8MUhHB9TXGuzVAT58PqBoHz1A=
 github.com/ulikunitz/xz v0.5.11 h1:kpFauv27b6ynzBNT/Xy+1k+fK4WswhN/6PN5WhFAGw8=

pkg/api/api.go

@@ -31,6 +31,7 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
 
+	v1 "github.com/sigstore/protobuf-specs/gen/pb-go/common/v1"
 	"github.com/sigstore/rekor/pkg/indexstorage"
 	"github.com/sigstore/rekor/pkg/log"
 	"github.com/sigstore/rekor/pkg/pubsub"
@@ -71,8 +72,21 @@ type API struct {
 	// Publishes notifications when new entries are added to the log. May be
 	// nil if no publisher is configured.
 	newEntryPublisher pubsub.Publisher
+	algorithmRegistry *signature.AlgorithmRegistryConfig
 }
 
+var AllowedClientSigningAlgorithms = []v1.PublicKeyDetails{
+	v1.PublicKeyDetails_PKIX_RSA_PKCS1V15_2048_SHA256,
+	v1.PublicKeyDetails_PKIX_RSA_PKCS1V15_3072_SHA256,
+	v1.PublicKeyDetails_PKIX_RSA_PKCS1V15_4096_SHA256,
+	v1.PublicKeyDetails_PKIX_ECDSA_P256_SHA_256,
+	v1.PublicKeyDetails_PKIX_ECDSA_P384_SHA_384,
+	v1.PublicKeyDetails_PKIX_ECDSA_P521_SHA_512,
+	v1.PublicKeyDetails_PKIX_ED25519,
+	v1.PublicKeyDetails_PKIX_ED25519_PH,
+}
+var DefaultClientSigningAlgorithms = AllowedClientSigningAlgorithms
+
 func NewAPI(treeID uint) (*API, error) {
 	logRPCServer := fmt.Sprintf("%s:%d",
 		viper.GetString("trillian_log_server.address"),
@@ -103,6 +117,32 @@ func NewAPI(treeID uint) (*API, error) {
 	log.Logger.Infof("Starting Rekor server with active tree %v", tid)
 	ranges.SetActive(tid)
 
+	algorithmsOption := viper.GetStringSlice("client-signing-algorithms")
+	var algorithms []v1.PublicKeyDetails
+	if algorithmsOption == nil {
+		algorithms = DefaultClientSigningAlgorithms
+	} else {
+		for _, a := range algorithmsOption {
+			algorithm, err := signature.ParseSignatureAlgorithmFlag(a)
+			if err != nil {
+				return nil, fmt.Errorf("parsing signature algorithm flag: %w", err)
+			}
+			algorithms = append(algorithms, algorithm)
+		}
+	}
+	algorithmsStr := make([]string, len(algorithms))
+	for i, a := range algorithms {
+		algorithmsStr[i], err = signature.FormatSignatureAlgorithmFlag(a)
+		if err != nil {
+			return nil, fmt.Errorf("formatting signature algorithm flag: %w", err)
+		}
+	}
+	algorithmRegistry, err := signature.NewAlgorithmRegistryConfig(algorithms)
+	if err != nil {
+		return nil, fmt.Errorf("getting algorithm registry: %w", err)
+	}
+	log.Logger.Infof("Allowed client signing algorithms: %v", algorithmsStr)
+
 	rekorSigner, err := signer.New(ctx, viper.GetString("rekor_server.signer"),
 		viper.GetString("rekor_server.signer-passwd"))
 	if err != nil {
@@ -143,6 +183,7 @@ func NewAPI(treeID uint) (*API, error) {
 		signer:     rekorSigner,
 		// Utility functionality not required for operation of the core service
 		newEntryPublisher: newEntryPublisher,
+		algorithmRegistry: algorithmRegistry,
 	}, nil
 }
 

pkg/api/entries.go

@@ -18,12 +18,18 @@ package api
 import (
 	"bytes"
 	"context"
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/ed25519"
+	"crypto/rsa"
+	"crypto/x509"
 	"encoding/hex"
 	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
 	"strconv"
+	"strings"
 	"time"
 
 	"github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer"
@@ -179,12 +185,82 @@ func GetLogEntryByIndexHandler(params entries.GetLogEntryByIndexParams) middlewa
 	return entries.NewGetLogEntryByIndexOK().WithPayload(logEntry)
 }
 
+func checkEntryAlgorithms(entry types.EntryImpl) (bool, error) {
+	verifiers, err := entry.Verifiers()
+	if err != nil {
+		return false, fmt.Errorf("getting verifiers: %w", err)
+	}
+	// Default to SHA256 if no artifact hash is specified
+	artifactHashValue := crypto.SHA256
+	// Get artifact hash from entry
+	artifactHash, err := entry.ArtifactHash()
+	if err == nil {
+		var artifactHashAlgorithm string
+		algoPosition := strings.Index(artifactHash, ":")
+		if algoPosition != -1 {
+			artifactHashAlgorithm = artifactHash[:algoPosition]
+		}
+		switch artifactHashAlgorithm {
+		case "sha256":
+			artifactHashValue = crypto.SHA256
+		case "sha384":
+			artifactHashValue = crypto.SHA384
+		case "sha512":
+			artifactHashValue = crypto.SHA512
+		default:
+			artifactHashValue = crypto.SHA256
+		}
+	}
+
+	// Check if all the verifiers public keys (together with the ArtifactHash)
+	// are allowed according to the policy
+	for _, v := range verifiers {
+		identities, err := v.Identities()
+		if err != nil {
+			return false, fmt.Errorf("getting identities: %w", err)
+		}
+
+		for _, identity := range identities {
+			var publicKey crypto.PublicKey
+			switch identityCrypto := identity.Crypto.(type) {
+			case *x509.Certificate:
+				publicKey = identityCrypto.PublicKey
+			case *rsa.PublicKey:
+				publicKey = identityCrypto
+			case *ecdsa.PublicKey:
+				publicKey = identityCrypto
+			case ed25519.PublicKey:
+				publicKey = identityCrypto
+			default:
+				continue
+			}
+			isPermitted, err := api.algorithmRegistry.IsAlgorithmPermitted(publicKey, artifactHashValue)
+			if err != nil {
+				return false, fmt.Errorf("checking if algorithm is permitted: %w", err)
+			}
+			if !isPermitted {
+				return false, nil
+			}
+		}
+	}
+	return true, nil
+}
+
 func createLogEntry(params entries.CreateLogEntryParams) (models.LogEntry, middleware.Responder) {
 	ctx := params.HTTPRequest.Context()
 	entry, err := types.CreateVersionedEntry(params.ProposedEntry)
 	if err != nil {
 		return nil, handleRekorAPIError(params, http.StatusBadRequest, err, fmt.Sprintf(validationError, err))
 	}
+
+	areEntryAlgorithmsAllowed, err := checkEntryAlgorithms(entry)
+	if err != nil {
+		return nil, handleRekorAPIError(params, http.StatusBadRequest, err, fmt.Sprintf(validationError, err))
+	}
+	if !areEntryAlgorithmsAllowed {
+		return nil, handleRekorAPIError(params, http.StatusBadRequest, errors.New("entry algorithms are not allowed"), fmt.Sprintf(validationError, "entry algorithms are not allowed"))
+	}
+
 	leaf, err := types.CanonicalizeEntry(ctx, entry)
 	if err != nil {
 		if _, ok := (err).(types.ValidationError); ok {

pkg/types/jar/v0.0.1/entry.go

@@ -324,6 +324,28 @@ func (v *V001Entry) CreateFromArtifactProperties(ctx context.Context, props type
 	}
 	re.JARModel.Archive.Content = (strfmt.Base64)(artifactBytes)
 
+	keyObj, sigObj, err := re.fetchExternalEntities(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("error retrieving external entities: %v", err)
+	}
+
+	// need to canonicalize key content
+	keyContent, err := keyObj.CanonicalValue()
+	if err != nil {
+		return nil, err
+	}
+	sigContent, err := sigObj.CanonicalValue()
+	if err != nil {
+		return nil, err
+	}
+
+	re.JARModel.Signature = &models.JarV001SchemaSignature{
+		PublicKey: &models.JarV001SchemaSignaturePublicKey{
+			Content: (*strfmt.Base64)(&keyContent),
+		},
+		Content: sigContent,
+	}
+
 	if err := re.validate(); err != nil {
 		return nil, err
 	}