Problem
KMS-backed signing (#407) lets CI sign a bundle with a cloud KMS key, but aicr verify cannot verify the result. The verifier (pkg/bundler/verifier/verifier.go → verifySigstoreBundle) only verifies keyless Sigstore bundles against the public-good trusted root (trust.GetTrustedMaterial()); there is no public-key verification path.
Proposal
Add a --key <kms-uri-or-pubkey> option to aicr verify that verifies a key-signed bundle against the corresponding public key (KMS URI or a local PEM), mirroring cosign verify --key.
Behavior
--key selects public-key verification instead of keyless certificate-identity verification.
- Accepts the same KMS URI schemes as signing (
awskms://, gcpkms://, azurekms://, hashivault://) and local public-key files.
- Mutually exclusive with the keyless identity-pinning path (
--certificate-identity-regexp).
Dependencies
Success criteria
- A bundle signed with
aicr bundle --signing-key gcpkms://... verifies with aicr verify --key gcpkms://....
make test / make lint pass.
Problem
KMS-backed signing (#407) lets CI sign a bundle with a cloud KMS key, but
aicr verifycannot verify the result. The verifier (pkg/bundler/verifier/verifier.go→verifySigstoreBundle) only verifies keyless Sigstore bundles against the public-good trusted root (trust.GetTrustedMaterial()); there is no public-key verification path.Proposal
Add a
--key <kms-uri-or-pubkey>option toaicr verifythat verifies a key-signed bundle against the corresponding public key (KMS URI or a local PEM), mirroringcosign verify --key.Behavior
--keyselects public-key verification instead of keyless certificate-identity verification.awskms://,gcpkms://,azurekms://,hashivault://) and local public-key files.--certificate-identity-regexp).Dependencies
Success criteria
aicr bundle --signing-key gcpkms://...verifies withaicr verify --key gcpkms://....make test/make lintpass.