feat: Enable signing with pre-computed hash

[laurentsimon]

closes #666

Let me know if you'd like me to add a dedicated unit test for this new option.

Context: I'm working on adding a new hash type to rekor to support hashing directories. I will need to follow up to add support for it in https://github.com/trailofbits/sigstore-rekor-types.

Test example with pre-computed sha256:

from sigstore import hashes as sigstore_hashes
from sigstore_protobuf_specs.dev.sigstore.common.v1 import HashAlgorithm

with file.open(mode="rb", buffering=0) as io:
    digest = hashlib.sha256(io.read())
    hashed = sigstore_hashes.Hashed(digest=digest, algorithm=HashAlgorithm.SHA2_256)
    result = signer.sign(hashed)

Summary

This PR enables passing a pre-hashed value instead of the content to be hashed.

Release Note

Documentation

[laurentsimon]

tests seem to be failing because the bundle uses a different name for the hash algo (SHA2_256) instead of SHA256 for the standard crypto lib. I'll fix that while you review the PR.

[jku]

If you run make reformat you'll start to get useful lint results as well

[laurentsimon]

If you run make reformat you'll start to get useful lint results as well

I've run these commands and it works locally. However in CI it's failing. Any ideas?

[laurentsimon]

I've made the changes, PTAL

[woodruffw]

I've run these commands and it works locally. However in CI it's failing. Any ideas?

Hmm, this might be an outdated local toolchain. What does ruff --version say?

[woodruffw]

NB: Both of these fields will disappear with #804 and we intend to remove SigningResult entirely with #854, so we should probably avoid more fields here. Given that HashAlgorithm will currently always be invariant, maybe we can just hardcode it with a NOTE for now?

[laurentsimon]

as soon as we update rekor (probably next week), it will no longer be an invariant, ie there wil be 2 supported hashes (sha256 and some dirhash hash)

[woodruffw]

Gotcha -- in that case, we should probably bump up the priority on #854, since SigningResult has outlived its utility in the world of Sigstore bundles 🙂

[laurentsimon]

SGTM. So you'd land #854 then this PR I suppose? Or you don't really care?

[woodruffw]

Tangent, but is dirhash documented anywhere? I see there's a dirhash standard on GitHub but I wasn't sure if it was the same thing.

(Part of what I'm wondering is what the mapping between a dirhash and a standard algorithm is -- how do we form a Prehashed for them?)

[laurentsimon]

Great question. We have an implementation in https://github.com/google/model-transparency/blob/main/model_signing/serialize.py#L325 and we're working on documenting it. It will go thru slight changes as we go thru revisions until it lands in SLSA or we release v1 of model-transparency.

To form a prehash, we'll do something like:

class DIRSHA256(HashAlgorithm):
    name = "dirsha256"
    digest_size = 32
    block_size = -1

This should only be supported for hashes pre-computed by user for now, I think. Otherwise we also need to define additional fields for computation https://github.com/pyca/cryptography/blob/00f8304a3dfe7a2aab6f3150a3c620e87d848044/src/cryptography/hazmat/primitives/hashes.py#L60.

So I think there's a path to supporting it directly in sigstore-python in the future.

Does that match your understanding too?

[woodruffw]

That matches my understanding, thanks! We should probably make sure that subclassing HashAlgorithm like that for external hashes is okay in terms of PyCA's APIs, but otherwise that seems reasonable to me.

[laurentsimon]

I updated to ruff 0.1.13. I managed to locally fix the files. CI still complaining.

[woodruffw]

I updated to ruff 0.1.13. I managed to locally fix the files. CI still complaining.

Gotcha, sorry for the mess here -- I'll do some debugging on the CI today. It looks like lint is still failing, although this time because we have public APIs without docstrings.

[laurentsimon]

@woodruffw out of curiosity, what is the timeline for v3 release https://github.com/sigstore/sigstore-python/milestone/5?

[woodruffw]

@woodruffw out of curiosity, what is the timeline for v3 release https://github.com/sigstore/sigstore-python/milestone/5?

I don't think we have a fixed timeline yet, it's mostly just a matter of when DSSE support and this get merged in, along with a few CLI deprecations.

(To speed things along, we could definitely do one or more v3 prereleases, if you're looking to consume the APIs downstream.)

[laurentsimon]

@woodruffw out of curiosity, what is the timeline for v3 release https://github.com/sigstore/sigstore-python/milestone/5?

I don't think we have a fixed timeline yet, it's mostly just a matter of when DSSE support and this get merged in, along with a few CLI deprecations.

(To speed things along, we could definitely do one or more v3 prereleases, if you're looking to consume the APIs downstream.)

That'd be nice yes! I'd be interested in a prelrelease with this PR merged in, so we can start testing e2e on our side. What would be a timeline for it?

[woodruffw]

That'd be nice yes! I'd be interested in a prelrelease with this PR merged in, so we can start testing e2e on our side. What would be a timeline for it?

We could make that pre-release as soon as this gets merged in 🙂

(We won't make any semver guarantees around pre-releases, but I think that's already given.)

[laurentsimon]

That'd be nice yes! I'd be interested in a prelrelease with this PR merged in, so we can start testing e2e on our side. What would be a timeline for it?

We could make that pre-release as soon as this gets merged in 🙂

(We won't make any semver guarantees around pre-releases, but I think that's already given.)

I'd probably just ask that the rekor changes are in too. But I'll let you know once this is done.

[laurentsimon]

I'll wait for #862 to land and update this PR. Anything else I should address in the PR?

[laurentsimon]

I've rebased. However I was not able to test locally, keeps getting this error:

spec=rekor_types.hashedrekord.HashedrekordV001Schema( ^^^^^^^^^^^^^^^^^^^^^^^^ AttributeError: module 'rekor_types' has no attribute 'hashedrekord'. Did you mean: 'Hashedrekord'?

I did install python3 -m pip install sigstore-rekor-types==0.0.11.. Any advice? How do you typically test?

[jku]

How do you typically test?

the makefile tries to manage a virtual env for testing:

• this gets used by make test or can be manually generated by make dev
• once the env exists exists you can enter it for manual testing with source env/bin/activate

FYI, the dependency version pinning is a bit strange:

• pyproject.toml documents the actual required runtime versions
• install/requirements.txt documents pinned versions -- but this is only updated at release time (I think this is a bit confusing and I'm not sure what the purpose is)

For sigstore-rekor-types: you want 0.0.12 as documented by pyproject.toml. The virtual environment should already have this version.

[laurentsimon]

How do you typically test?

the makefile tries to manage a virtual env for testing:

• this gets used by make test or can be manually generated by make dev
• once the env exists exists you can enter it for manual testing with source env/bin/activate

FYI, the dependency version pinning is a bit strange:

• pyproject.toml documents the actual required runtime versions
• install/requirements.txt documents pinned versions -- but this is only updated at release time (I think this is a bit confusing and I'm not sure what the purpose is)

For sigstore-rekor-types: you want 0.0.12 as documented by pyproject.toml. The virtual environment should already have this version.

Thank you, that was super helpful. I was able to make the changes and the conformance tests are now passing. PTAL.

[woodruffw]

This looks great to me @laurentsimon! One last question, and then I think we're good to merge here.

[woodruffw]

/gcbrun

[woodruffw]

LGTM, although lint is still failing. @laurentsimon are you able to diagnose that? Otherwise I can try and do it, if you give me push access to your branch.

[laurentsimon]

LGTM, although lint is still failing. @laurentsimon are you able to diagnose that? Otherwise I can try and do it, if you give me push access to your branch.

linter passes locally, so I think you're in a better position to debug that part :)
You have write access to the PR branch, I think

[woodruffw]

/gcbrun

[woodruffw]

Fixed up the CI (sorry for the pain here, I need to figure out what's going on).

This LGTM, but @jku or another maintainer will need to approve now that I'm the last pusher. Given that, I'll spend some time writing some tests here.

[woodruffw]

/gcbrun

[woodruffw]

I've added this to confirm that the round-trip works as expected: we sign over a Hashed(...) and then verify over the pre-image.

[jku]

Looks good!

[woodruffw]

Thanks a ton for your hard work here @laurentsimon!