Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cosign verify does not check if image digest matches the current artifact #542

Closed
JimBugwadia opened this issue Aug 15, 2021 · 0 comments · Fixed by #543
Closed

cosign verify does not check if image digest matches the current artifact #542

JimBugwadia opened this issue Aug 15, 2021 · 0 comments · Fixed by #543

Comments

@JimBugwadia
Copy link
Contributor

This issue was reported by a Kyverno user and I've reproduced via the cosign CLI:

Currently its possible to change (or delete) the image without updating the signature. When verifying the image via the digest, cosign will not report an error.

  1. Sign an push image signature. cosign sign -key cosign.key ghcr.io/jimbugwadia/pause.
  2. Delete the image in the image registry (I used GitHub to do this), but leave the signature.
  3. Create a new image with the same name and tag to impersonate the prior image. docker tag nginx ghcr.io/jimbugwadia/pause:latest.
  4. Push the new image. docker push ghcr.io/jimbugwadia/pause:latest.
  5. Run cosign verify with the previous (incorrect) digest appended. cosign verify -key cosign.pub ghcr.io/jimbugwadia/pause@sha256:b31bfb4d0213f254d361e0079deaaebefa4f82ba7aa76ef82e90b4935ad5b105.
cosign verify -key cosign.pub ghcr.io/jimbugwadia/pause@sha256:b31bfb4d0213f254d361e0079deaaebefa4f82ba7aa76ef82e90b4935ad5b105

Verification for ghcr.io/jimbugwadia/pause@sha256:b31bfb4d0213f254d361e0079deaaebefa4f82ba7aa76ef82e90b4935ad5b105 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key
  - Any certificates were verified against the Fulcio roots.
{"critical":{"identity":{"docker-reference":"ghcr.io/jimbugwadia/pause"},"image":{"docker-manifest-digest":"sha256:b31bfb4d0213f254d361e0079deaaebefa4f82ba7aa76ef82e90b4935ad5b105"},"type":"cosign container image signature"},"optional":null}

Note that the verify will return an error if the digest is not used, which is the desired behavior:

cosign verify -key cosign.pub ghcr.io/jimbugwadia/pause
error: fetching signatures: getting signature manifest: GET https://ghcr.io/v2/jimbugwadia/pause/manifests/sha256-3f13b4376446cf92b0cb9a5c46ba75d57c41f627c4edb8b635fa47386ea29e20.sig: NAME_UNKNOWN: repository name not known to registry
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant