feat(cli): add Sigstore/SLSA provenance verification to Rust self-update#7818
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6ce7586b62
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2e827d0751
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
fresh3nough
force-pushed
the
fix/update-checksum-verification-7552
branch
from
2e827d0 to
badd382
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: badd382d12
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Head branch was pushed to by a user without write access
fresh3nough
force-pushed
the
fix/update-checksum-verification-7552
branch
from
886a06a to
d65914d
Compare
|
fixed the merge conflicts |
Head branch was pushed to by a user without write access
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: af43087abf
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
fresh3nough
force-pushed
the
fix/update-checksum-verification-7552
branch
2 times, most recently
from
4b492c3 to
38219e7
Compare
Replace custom SHA-256 checksum approach with Sigstore provenance verification using the sigstore-verification crate. Leverages the SLSA attestations from actions/attest-build-provenance added in block#7097 and builds on the native Rust self-update foundation from block#7148. Changes: - Add verify_provenance() that fetches and verifies GitHub attestation bundles via the sigstore-verification crate (Sigstore signature chain, Rekor transparency log, artifact digest match) - Harden tar.bz2 extraction against tar-slip (reject absolute paths and .. components, create parent dirs per-entry) - Harden zip extraction against zip-slip (use enclosed_name() sanitization, iterate entries individually) - Add sha256_hex() helper for archive digest computation and display - Remove all .sha256 file download/verify logic and CI workflow changes - 16 unit tests covering SHA-256 digests, path validation (safe paths, absolute path rejection, traversal rejection, nested traversal), tar extraction round-trip, binary location, binary replacement, and provenance verification graceful degradation Signed-off-by: fre$h <[email protected]> Signed-off-by: fre <[email protected]>
…k escapes - Switch sigstore-verification to rustls (default was native-tls, blocked by check-no-native-tls.sh) - Hard-error on AttestationError::Verification; soft-warn only for NoAttestations and network failures - Validate symlink/hardlink targets in extract_tar_bz2 via existing validate_entry_path - Add test: test_extract_tar_bz2_blocks_symlink_escape Signed-off-by: fre <[email protected]>
…rgets entry.header().link_name() only reads the fixed header field, which can be truncated or bypassed when the real link target is stored in GNU/PAX extended metadata (linkpath). Use entry.link_name() so the validated path matches what entry.unpack() will actually use. Signed-off-by: fre <[email protected]>
verify_provenance now returns Result<bool>: Ok(true) for full attestation verification, Ok(false) for soft-warn paths (no attestation found, transient network errors), Err for active verification failures. update() uses the bool to print either: "goose updated successfully (verified with Sigstore SLSA provenance)." "goose updated successfully." This prevents misleading users when verification was skipped rather than completed. Signed-off-by: fre <[email protected]>
Signed-off-by: fre <[email protected]>
Signed-off-by: fre <[email protected]>
fresh3nough
force-pushed
the
fix/update-checksum-verification-7552
branch
from
38219e7 to
7bd36cf
Compare
…ate (block#7818) Signed-off-by: fre$h <[email protected]> Signed-off-by: fre <[email protected]>
…ate (block#7818) Signed-off-by: fre$h <[email protected]> Signed-off-by: fre <[email protected]>
…ate (block#7818) Signed-off-by: fre$h <[email protected]> Signed-off-by: fre <[email protected]> Signed-off-by: esnyder <[email protected]>
…ate (block#7818) Signed-off-by: fre$h <[email protected]> Signed-off-by: fre <[email protected]> Signed-off-by: esnyder <[email protected]>
|
@jamadeo fyi this is a pretty big dep change and responsible for our current red builds as sigstore-verification depends directly on rsa crate though doesn't use much of it, and rsa has unresolvable vulns |
|
#8064 swaps the dep but I can't push it through personally |
3 participants
Summary
Replace the custom SHA-256/
.sha256checksum approach with Sigstore SLSA provenance verification using thesigstore-verificationcrate. Leverages the SLSA attestations fromactions/attest-build-provenanceadded in #7097 and builds on the native Rust self-update foundation from #7148.Supersedes #7575 with the direction suggested by @tlongwell-block (sigstore-rs verification instead of custom checksums).
Changes
Sigstore provenance verification:
verify_provenance()computes its SHA-256 digest, writes to a temp file, and callssigstore_verification::verify_github_attestation()to fetch and verify the GitHub attestation bundlerelease.ymlorcanary.yml) based on the update channelGITHUB_TOKEN/GH_TOKENenv var for higher rate limitsExtraction hardening (kept from #7575):
tar.bz2) now iterates entries individually, rejecting any entry whose path is absolute or contains..components (tar-slip protection)enclosed_name()for path sanitization and iterates entries individually (zip-slip protection)Dependencies added:
sigstore-verification = "0.1"(wraps sigstore-rs for GitHub attestation verification)sha2 = "0.10"(SHA-256 digest computation)Type of Change
AI Assistance
Testing
cargo test -p goose-cli -- update(16/16)cargo clippy -p goose-cli --all-targets -- -D warningspasses cleancargo fmtappliedRelated Issues
Closes #7552
Supersedes #7575