A compatibility problem of sigstore-python?

[S1eepeng]

Hello！

When I downloaded and verified the .sigstore file in https://www.python.org/downloads/release/python-3125/, following the instruction in https://www.python.org/download/sigstore/,it occured an error:

note must contain one blank line, delineating the text from the signature block.

But when I tried to verify it in python3.11.0.sigstore, the result was OK. I've compared these two, and found that the sigstore-python versions of python3.11.0 and 3.12.5 are v0.2 and v0.1 respectively, and the .sigstore file of v0.1 missed the "checkpoint" block. I‘ve checked the changelog of sigstore-python and found that it adds verification of Rekor's inclusion proofs by cross-checking them against signed checkpoints since v2.0. After I completed the checkpoint, the verification passed.

The conclusion is that the sigstore-python version used in cPython seems to be too low (<0.2), causing the .sigstore file to fail the client verification. Although this is not a serious problem, but it can cause some usability issues.

[hugovk]

cc @sethmlarson

[sethmlarson]

I'm able to reproduce the issue:

python -m sigstore --version
sigstore 3.1.0

python -m sigstore verify identity --verbose  --bundle Python-3.12.5.tgz.sigstore   --cert-identity [email protected]   --cert-oidc-issuer https://accounts.google.com   Python-3.12.5.tgz
[15:49:23] DEBUG    parsed arguments Namespace(verbose=1, staging=False, trust_config=None, subcommand='verify', verify_subcommand='identity', certificate=None, signature=None,                    _cli.py:421
                    bundle=PosixPath('Python-3.12.5.tgz.sigstore'), files=[PosixPath('Python-3.12.5.tgz')], offline=False, cert_identity='[email protected]',                                                  
                    cert_oidc_issuer='https://accounts.google.com')                                                                                                                                            
           DEBUG    TUF metadata: /home/sethmlarson/.local/share/sigstore-python/tuf/https%3A%2F%2Ftuf-repo-cdn.sigstore.dev                                                                         tuf.py:114
           DEBUG    TUF targets cache: /home/sethmlarson/.cache/sigstore-python/tuf/https%3A%2F%2Ftuf-repo-cdn.sigstore.dev                                                                          tuf.py:115
[15:49:24] DEBUG    Found and verified trusted root                                                                                                                                                  tuf.py:152
           DEBUG    Using bundle from: Python-3.12.5.tgz.sigstore                                                                                                                                   _cli.py:701
           DEBUG    0.1 bundle contains inclusion proof without checkpoint; ignoring                                                                                                              models.py:452
           DEBUG    Verifying contents from: Python-3.12.5.tgz                                                                                                                                      _cli.py:725
           DEBUG    Found <Name(O=sigstore.dev,CN=sigstore-intermediate)> as issuer, verifying if it is a ca                                                                                         sct.py:180
           DEBUG    attempting to verify SCT with key ID dd3d306ac6c7113263191e1c99673702a24a5eb8de3cadff878a72802f29ee8e                                                                            sct.py:234
           DEBUG    Successfully verified signing certificate validity...                                                                                                                       verifier.py:196
           ERROR    FAIL: Python-3.12.5.tgz                                                                                                                                                         _cli.py:745
           ERROR    invalid log entry: note must contain one blank line, delineating the text from the signature block                                                                             errors.py:41
                    Raising original exception:                                                                                                                                                                
           ERROR    invalid log entry: note must contain one blank line, delineating the text from the signature block                                                                             errors.py:41
                    Raising original exception:                                                                                                                                                                
Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/__main__.py", line 22, in <module>
    main()
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/_cli.py", line 445, in main
    e.log_and_exit(_logger, args.verbose >= 1)
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/errors.py", line 46, in log_and_exit
    raise self
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/_cli.py", line 432, in main
    _verify_identity(args)
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/_cli.py", line 746, in _verify_identity
    exc.log_and_exit(_logger, args.verbose >= 1)
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/errors.py", line 46, in log_and_exit
    raise self
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/_cli.py", line 742, in _verify_identity
    _verify_common(verifier, hashed, bundle, policy_)
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/_cli.py", line 822, in _verify_common
    verifier.verify_artifact(
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/verify/verifier.py", line 317, in verify_artifact
    self._verify_common_signing_cert(bundle, policy)
  File "/tmp/venv/lib/python3.12/site-packages/sigstore/verify/verifier.py", line 205, in _verify_common_signing_cert
    raise VerificationError(f"invalid log entry: {exc}")
sigstore.errors.VerificationError: invalid log entry: note must contain one blank line, delineating the text from the signature block

I've shared this with the Python Sigstore CLI team to see if this is expected.

[woodruffw]

Triaging this from the sigstore-python side; thank you for the ping @sethmlarson!

[woodruffw]

I've done some initial triage in sigstore/sigstore-python#1088; the TL;DR is that @S1eepeng is correct about the basic cause, and we have at least 3 possible resolutions available to us.

[sethmlarson]

This has been completed here, all bundles have been migrated to work with the latest Sigstore CLI: python/release-tools#161