bindle icon indicating copy to clipboard operation
bindle copied to clipboard

Published 20 hours ago verified publisher icon deislabs

proposal: Update invoice signature spec

Open lann opened this issue 2 years ago • 6 comments

Following up on #284 and #292, I'd like to change the signature spec from signing data derived from the invoice file to signing the invoice file itself. This would require a few related changes:

  • The signature(s) would not be stored in the invoice.toml itself, but as part of a separate structure (e.g. signatures.toml; name bikeshedding welcome)
  • The server would need to store the bytes of the invoice.toml (and signatures) rather than just the semantic data
  • Updates to bindle yanking to keep the invoice immutable
  • Protocol updates to reflect these changes
  • [anything I missed?]

Disadvantages

  • Signature-verifying Bindle implementations must have a TOML implementation
  • Some server-side storage overhead from storing serialized TOML
  • An extra data structure (file)

Advantages

  • Easier to reason about backward compatibility in invoice format
  • Avoids any canonicalization attack problems with verification
  • Signing and verification is somewhat simplified

lann avatar Mar 02 '22 17:03 lann

One option for the invoice signatures file would be to make it a "TOML-compatible" file format (invoice.sigs perhaps?), reusing the current spec's [[signature]] blocks and appending the signature itself to the end, e.g. something like (adapting from https://github.com/deislabs/bindle/blob/main/docs/signing-spec.md#reading-signatures-as-provenance):

Signature payload (TOML):

by = "Matt Butcher <[email protected]>"
key = "1c44..."
role = "creator"
at = 1611960337

Signature serialization (TOMLish-but-not): [[signature]]\n<payload>\nsignature = "<hex(sign('BINDLE-SIGNATURE-V1' || sha256(invoice) || payload))>"

lann avatar Mar 02 '22 18:03 lann

I hate to say it, but this would be simplified by using JSON...

lann avatar Mar 02 '22 18:03 lann

@thomastaylor312 Would love your thoughts here!

fibonacci1729 avatar Mar 02 '22 18:03 fibonacci1729

Another proposal for signatures; I think this is what I would prefer for a TOML-based solution:

[[signature]]
# Untrusted label: Maybe Real Signer <[email protected]>
signer = """
key = "1c44..."
role = "creator"
at = 1611960337
"""
signature = "<hex(sign('BINDLE-SIGNATURE-V1:' || sha256(invoice) || ':' || meta))>"

lann avatar Mar 02 '22 19:03 lann

I think I've covered most of the changes in #322 now. Biggest change to the protocol is that bindle GET/POST would work with a string version of the invoice, e.g.

invoice = '''
bindleVersion = "1.0.0"

[bindle]
name = "mybindle"
version = "0.1.0"
...
'''

[[signature]]
...

lann avatar Mar 03 '22 15:03 lann

Just getting round to this in #322. I'll drop all comment there

thomastaylor312 avatar Mar 04 '22 06:03 thomastaylor312