Encode DSSE as hashedrekord for Rekor v2#1776
Open
codysoyland wants to merge 7 commits into
Open
Conversation
Implements rekor-v2-spec §6.1.4: DSSE envelope entries are submitted and verified as hashedrekord/0.0.2 with digest = Hash(PAE(payloadType, payload)) and signature.content = envelope.signatures[0].sig. This is vibecoded — a maintainer should take a closer look at correctness, especially the hash-algorithm dispatch in _hash_for_key_details and the entry-body reconstruction in _validate_hashedrekord_v002_dsse_entry_body. Passes the draft conformance tests in sigstore/sigstore-conformance#371. Related spec change: sigstore/architecture-docs#63 Signed-off-by: Cody Soyland <cody.soyland@chainguard.dev>
codysoyland
changed the title
Signed-off-by: Cody Soyland <cody.soyland@chainguard.dev>
Member
loosebazooka
left a comment
loosebazooka
left a comment
There was a problem hiding this comment.
just took a quick look over. @jku or @woodruffw probably is ideal for this.
codysoyland
added a commit
to codysoyland/sigstore-python
that referenced
this pull request
May 18, 2026
Replace cross-module `_pae` imports in the Rekor v2 producer and DSSE hashedrekord verifier with a public `Envelope.pae()` method. Addresses review feedback on sigstore#1776: drops the cross-module use of a private symbol and lets the hashedrekord-for-DSSE docstring read as `Hash(envelope.pae())`. No behavior change.
codysoyland
added a commit
to codysoyland/sigstore-python
that referenced
this pull request
May 18, 2026
Rekor v2 will not support the dsse entry type — DSSE envelopes are encoded as hashedrekord/0.0.2 (rekor-v2-spec §6.1.4). Remove the now-orphaned dsse/0.0.2 dispatch branch and `_validate_dsse_v002_entry_body` function. The dsse/0.0.1 path stays for Rekor v1 legacy bundles. Replaces `test/assets/a.dsse.staging-rekor-v2.txt.sigstore.json` with the `rekor2-dsse-happy-path` fixture from the sigstore-conformance `dsse-hashedrekord-test-bundles` branch, so the staging DSSE verification test now exercises hashedrekord/0.0.2 end-to-end. Addresses review feedback on sigstore#1776.
Replace cross-module `_pae` imports in the Rekor v2 producer and DSSE hashedrekord verifier with a public `Envelope.pae()` method. Addresses review feedback on sigstore#1776: drops the cross-module use of a private symbol and lets the hashedrekord-for-DSSE docstring read as `Hash(envelope.pae())`. No behavior change. Signed-off-by: Cody Soyland <cody.soyland@chainguard.dev>
Rekor v2 will not support the dsse entry type — DSSE envelopes are encoded as hashedrekord/0.0.2 (rekor-v2-spec §6.1.4). Remove the now-orphaned dsse/0.0.2 dispatch branch and `_validate_dsse_v002_entry_body` function. The dsse/0.0.1 path stays for Rekor v1 legacy bundles. Replaces `test/assets/a.dsse.staging-rekor-v2.txt.sigstore.json` with the `rekor2-dsse-happy-path` fixture from the sigstore-conformance `dsse-hashedrekord-test-bundles` branch, so the staging DSSE verification test now exercises hashedrekord/0.0.2 end-to-end. Addresses review feedback on sigstore#1776. Signed-off-by: Cody Soyland <cody.soyland@chainguard.dev>
codysoyland
force-pushed
the
rekor-v2-dsse-as-hashedrekord
branch
from
5b7ad7b to
bbc93fd
Compare
Replace the inline hash-for-key-details mappings in verifier.py and the hardcoded SHA-256 in client_v2.py with a single algorithm registry table in key_details.py, matching the spec at architecture-docs/algorithm-registry.md. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Cody Soyland <cody.soyland@chainguard.dev>
HASH_ALGORITHM_UNSPECIFIED doesn't exist in sigstore_models; use None instead, since _get_prehash already rejects algorithms with no prehash. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Cody Soyland <cody.soyland@chainguard.dev>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Cody Soyland <cody.soyland@chainguard.dev>
Member
Author
|
The conformance test failures should disappear when we merge sigstore/sigstore-conformance#374 |
jku
approved these changes
May 25, 2026
Member
There was a problem hiding this comment.
This make sense to me, including the algorithm registry.
Our testing seems adequate:
- the hard coded asset is verified
- A roundtrip sign-and-verify test for dsse on rekor2 also exists
I would have preferred to have a release before these changes but that did not seem to materialize so I think we can include this in #1774.
Thanks cody and appu
jku
requested changes
May 25, 2026
Member
jku
left a comment
jku
left a comment
There was a problem hiding this comment.
Actually, could I get a sigstore-conformance action upgrade in this PR too -- I'd do it myself but then I can't review this.
I just tagged sigstore-conformance 0.0.28 at e2cc8e51870bb9af4e4ae3342e97cf5f7ea2cdd8 -- I expect that should pass for this PR.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements rekor-v2-spec §6.1.4: for Rekor v2, a DSSE envelope is submitted and verified as a
hashedrekord/0.0.2entry where:digest = Hash(PAE(payloadType, payload))(Hash is the externalized hash of the signing algorithm per the algorithm registry)signature.content = envelope.signatures[0].sigProducer change in
sigstore/_internal/rekor/client_v2.py: build aHashedRekordRequestV002instead of aDSSERequestV002. Verifier change insigstore/verify/verifier.py: accepthashedrekord/0.0.2for DSSE bundles and reconstruct the expected entry body from the envelope's PAE digest and signature.Related
rekor2-dsse-*fixtures.