Merge branch 'main' into ww/refactor-trust

Author: woodruffw

.github/workflows/scorecards-analysis.yml

@@ -29,7 +29,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
+        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
         with:
           results_file: results.sarif
           results_format: sarif

CHANGELOG.md

@@ -58,6 +58,10 @@ All versions prior to 0.9.0 are untracked.
 * **BREAKING API CHANGE**: `Verifier.verify(...)` now takes a `sigstore.models.Bundle`,
   instead of a `VerificationMaterials` ([#937](https://github.com/sigstore/sigstore-python/pull/937))
 
+* **BREAKING CLI CHANGE**: `sigstore sign` now emits `{input}.sigstore.json`
+  by default instead of `{input}.sigstore`, per the client specification
+  ([#1007](https://github.com/sigstore/sigstore-python/pull/1007))
+
 * sigstore-python now requires inclusion proofs in all signing and verification
   flows, regardless of bundle version of input types. Inputs that do not
   have an inclusion proof (such as detached materials) cause an online lookup
@@ -78,6 +82,11 @@ All versions prior to 0.9.0 are untracked.
   have been re-homed under `sigstore.models`
   ([#990](https://github.com/sigstore/sigstore-python/pull/990))
 
+* API: `oidc.IdentityToken.expected_certificate_subject` has been renamed
+  to `oidc.IdentityToken.federated_issuer` to better describe what it actually
+  contains. No functional changes have been made to it
+  ([#1016](https://github.com/sigstore/sigstore-python/pull/1016))
+
 ## [2.1.5]
 
 ## Fixed

README.md

@@ -162,8 +162,8 @@ OpenID Connect options:
                         False)
 
 Output options:
-  --no-default-files    Don't emit the default output files ({input}.sigstore)
-                        (default: False)
+  --no-default-files    Don't emit the default output files
+                        ({input}.sigstore.json) (default: False)
   --signature FILE, --output-signature FILE
                         Write a single signature to the given file; does not
                         work with multiple input files (default: None)

pyproject.toml

@@ -35,10 +35,10 @@ dependencies = [
   "requests",
   "rich ~= 13.0",
   "rfc8785 ~= 0.1.2",
-  "sigstore-protobuf-specs ~= 0.3.1",
+  "sigstore-protobuf-specs ~= 0.3.2",
   # NOTE(ww): Under active development, so strictly pinned.
   "sigstore-rekor-types == 0.0.13",
-  "tuf ~= 4.0",
+  "tuf ~= 5.0",
   "platformdirs ~= 4.2",
 ]
 requires-python = ">=3.8"

sigstore/_cli.py

@@ -243,7 +243,7 @@ def _parser() -> argparse.ArgumentParser:
         "--no-default-files",
         action="store_true",
         default=_boolify_env("SIGSTORE_NO_DEFAULT_FILES"),
-        help="Don't emit the default output files ({input}.sigstore)",
+        help="Don't emit the default output files ({input}.sigstore.json)",
     )
     output_options.add_argument(
         "--signature",
@@ -487,7 +487,7 @@ def _sign(args: argparse.Namespace) -> None:
         output_dir.mkdir(parents=True, exist_ok=True)
 
         if not bundle and not args.no_default_files:
-            bundle = output_dir / f"{file.name}.sigstore"
+            bundle = output_dir / f"{file.name}.sigstore.json"
 
         if not args.overwrite:
             extants = []

sigstore/_internal/__init__.py

@@ -18,3 +18,9 @@
 Everything in these APIs is considered internal and unstable, and is not
 subject to any stability guarantees.
 """
+
+from requests import __version__ as requests_version
+
+from sigstore import __version__ as sigstore_version
+
+USER_AGENT = f"sigstore-python/{sigstore_version} (python-requests/{requests_version})"

sigstore/_internal/fulcio/client.py

@@ -44,6 +44,7 @@
 )
 from pydantic import BaseModel, ConfigDict, Field, field_validator
 
+from sigstore._internal import USER_AGENT
 from sigstore._internal.sct import (
     UnexpectedSctCountException,
     _get_precertificate_signed_certificate_timestamps,
@@ -338,6 +339,11 @@ def __init__(self, url: str = DEFAULT_FULCIO_URL) -> None:
         _logger.debug(f"Fulcio client using URL: {url}")
         self.url = url
         self.session = requests.Session()
+        self.session.headers.update(
+            {
+                "User-Agent": USER_AGENT,
+            }
+        )
 
     def __del__(self) -> None:
         """

sigstore/_internal/rekor/client.py

@@ -28,6 +28,7 @@
 import rekor_types
 import requests
 
+from sigstore._internal import USER_AGENT
 from sigstore.models import LogEntry
 
 _logger = logging.getLogger(__name__)
@@ -228,7 +229,11 @@ def __init__(self, url: str) -> None:
         self.url = urljoin(url, "api/v1/")
         self.session = requests.Session()
         self.session.headers.update(
-            {"Content-Type": "application/json", "Accept": "application/json"}
+            {
+                "Content-Type": "application/json",
+                "Accept": "application/json",
+                "User-Agent": USER_AGENT,
+            }
         )
 
     def __del__(self) -> None:

sigstore/_internal/trust.py

@@ -108,6 +108,11 @@ def __init__(self, public_key: _PublicKey) -> None:
         Construct a key from the given Sigstore PublicKey message.
         """
 
+        # NOTE: `raw_bytes` is marked as `optional` in the `PublicKey` message,
+        # for unclear reasons.
+        if not public_key.raw_bytes:
+            raise VerificationError("public key is empty")
+
         hash_algorithm: hashes.HashAlgorithm
         if public_key.key_details in self._RSA_SHA_256_DETAILS:
             hash_algorithm = hashes.SHA256()

sigstore/_internal/tuf.py

@@ -25,8 +25,9 @@
 
 import platformdirs
 from tuf.api import exceptions as TUFExceptions
-from tuf.ngclient import RequestsFetcher, Updater
+from tuf.ngclient import Updater, UpdaterConfig
 
+from sigstore import __version__
 from sigstore._utils import read_embedded
 from sigstore.errors import RootError, TUFError
 
@@ -36,18 +37,6 @@
 STAGING_TUF_URL = "https://tuf-repo-cdn.sigstage.dev"
 
 
-@lru_cache()
-def _get_fetcher() -> RequestsFetcher:
-    # NOTE: We poke into the underlying fetcher here to set a more reasonable timeout.
-    # The default timeout is 4 seconds, which can cause spurious timeout errors on
-    # CI systems like GitHub Actions (where traffic may be delayed/deprioritized due
-    # to network load).
-    fetcher = RequestsFetcher()
-    fetcher.socket_timeout = 30
-
-    return fetcher
-
-
 def _get_dirs(url: str) -> tuple[Path, Path]:
     """
     Given a TUF repository URL, return suitable local metadata and cache directories.
@@ -133,7 +122,7 @@ def __init__(self, url: str, offline: bool = False) -> None:
                 metadata_base_url=self._repo_url,
                 target_base_url=parse.urljoin(f"{self._repo_url}/", "targets/"),
                 target_dir=str(self._targets_dir),
-                fetcher=_get_fetcher(),
+                config=UpdaterConfig(app_user_agent=f"sigstore-python/{__version__}"),
             )
             try:
                 self._updater.refresh()

sigstore/dsse.py

@@ -187,8 +187,7 @@ def to_json(self) -> str:
         """
         Return a JSON string with this DSSE envelope's contents.
         """
-        # TODO: Unclear why mypy thinks this is returning `Any`.
-        return self._inner.to_json()  # type: ignore[no-any-return]
+        return self._inner.to_json()
 
 
 def _pae(type_: str, body: bytes) -> bytes:
@@ -217,7 +216,7 @@ def _sign(key: ec.EllipticCurvePrivateKey, stmt: Statement) -> Envelope:
         _Envelope(
             payload=stmt._contents,
             payload_type=Envelope._TYPE,
-            signatures=[Signature(sig=signature, keyid=None)],
+            signatures=[Signature(sig=signature)],
         )
     )
 
@@ -244,6 +243,4 @@ def _verify(key: ec.EllipticCurvePublicKey, evp: Envelope) -> bytes:
         except InvalidSignature:
             raise VerificationError("DSSE: invalid signature")
 
-    # TODO: Remove ignore when protobuf-specs contains a py.typed marker.
-    # See: <https://github.com/sigstore/protobuf-specs/pull/287>
-    return evp._inner.payload  # type: ignore[no-any-return]
+    return evp._inner.payload

sigstore/models.py

@@ -243,7 +243,7 @@ def _to_dict_rekor(self) -> dict[str, Any]:
             log_index=self.log_index,
             log_id=common_v1.LogId(key_id=bytes.fromhex(self.log_id)),
             integrated_time=self.integrated_time,
-            inclusion_promise=inclusion_promise,
+            inclusion_promise=inclusion_promise,  # type: ignore[arg-type]
             inclusion_proof=inclusion_proof,
             canonicalized_body=base64.b64decode(self.body),
         )
@@ -494,8 +494,7 @@ def to_json(self) -> str:
         """
         Return a JSON encoding of this bundle.
         """
-        # TODO: Unclear why mypy doesn't like this.
-        return self._inner.to_json()  # type: ignore[no-any-return]
+        return self._inner.to_json()
 
     @classmethod
     def from_parts(cls, cert: Certificate, sig: bytes, log_entry: LogEntry) -> Bundle:

sigstore/oidc.py

@@ -31,6 +31,7 @@
 import requests
 from pydantic import BaseModel, StrictStr
 
+from sigstore._internal import USER_AGENT
 from sigstore.errors import Error, NetworkError
 
 DEFAULT_OAUTH_ISSUER_URL = "https://oauth2.sigstore.dev/auth"
@@ -204,9 +205,9 @@ def issuer(self) -> str:
         return self._iss
 
     @property
-    def expected_certificate_subject(self) -> str:
+    def federated_issuer(self) -> str:
         """
-        Returns a URL identifying the **expected** subject for any Sigstore
+        Returns a URL identifying the **federated** issuer for any Sigstore
         certificate issued against this identity token.
 
         The behavior of this field is slightly subtle: for non-federated
@@ -217,7 +218,7 @@ def expected_certificate_subject(self) -> str:
         implementation-defined claim.
 
         This attribute exists so that clients who wish to inspect the expected
-        subject of their certificates can do so without relying on
+        underlying issuer of their certificates can do so without relying on
         implementation-specific behavior.
         """
         if self._federated_issuer is not None:
@@ -255,12 +256,15 @@ def __init__(self, base_url: str) -> None:
         which is then used to bootstrap the issuer's state (such
         as authorization and token endpoints).
         """
+        self.session = requests.Session()
+        self.session.headers.update({"User-Agent": USER_AGENT})
+
         oidc_config_url = urllib.parse.urljoin(
             f"{base_url}/", ".well-known/openid-configuration"
         )
 
         try:
-            resp: requests.Response = requests.get(oidc_config_url, timeout=30)
+            resp: requests.Response = self.session.get(oidc_config_url, timeout=30)
         except (requests.ConnectionError, requests.Timeout) as exc:
             raise NetworkError from exc
 
@@ -352,7 +356,7 @@ def identity_token(  # nosec: B107
         )
         logging.debug(f"PAYLOAD: data={data}")
         try:
-            resp: requests.Response = requests.post(
+            resp = self.session.post(
                 self.oidc_config.token_endpoint,
                 data=data,
                 auth=auth,

test/unit/conftest.py

@@ -33,6 +33,7 @@
 )
 from tuf.api.exceptions import DownloadHTTPError
 from tuf.ngclient import FetcherInterface
+from tuf.ngclient.updater import requests_fetcher
 
 from sigstore._internal import tuf
 from sigstore._internal.rekor import _hashedrekord_from_parts
@@ -225,7 +226,7 @@ def verify(self, cert):
 
 @pytest.fixture
 def mock_staging_tuf(monkeypatch, tuf_dirs):
-    """Mock that prevents tuf module from making requests: it returns staging
+    """Mock that prevents python-tuf from making requests: it returns staging
     assets from a local directory instead
 
     Return a tuple of dicts with the requested files and counts"""
@@ -244,7 +245,9 @@ def _fetch(self, url: str) -> Iterator[bytes]:
             failure[filename] += 1
             raise DownloadHTTPError("File not found", 404)
 
-    monkeypatch.setattr(tuf, "_get_fetcher", lambda: MockFetcher())
+    monkeypatch.setattr(
+        requests_fetcher, "RequestsFetcher", lambda app_user_agent: MockFetcher()
+    )
 
     return success, failure
 

test/unit/test_oidc.py

@@ -267,4 +267,4 @@ def test_ok(self, dummy_jwt, iss, identity_claim, identity_value, fed_iss):
         assert identity.in_validity_period()
         assert identity.identity == identity_value
         assert identity.issuer == iss
-        assert identity.expected_certificate_subject == iss if not fed_iss else fed_iss
+        assert identity.federated_issuer == iss if not fed_iss else fed_iss