Fetch Sigstore trust root through TUF

[Hayden-IO]

Looking at https://github.com/ossf/scorecard-webapp/tree/f55dfbf0ddc1620a716f571636569e01e2e222c5/app/server, it appears that the Sigstore trust root metadata, rekor.pub and fulcio_v1.crt and the intermediate, are embedded in the repository. If the metadata were rotated, this would break verification.

I would recommend dynamically fetching the TUF metadata using a TUF client such as https://github.com/sigstore/sigstore-go/blob/main/pkg/tuf/client.go.

[spencerschrock]

To clarify, are you referring to this sort of workflow?

Fulcio's certificate chain can be obtained from the TrustBundle API, for example for the public instance (https://fulcio.sigstore.dev). To verify the public instance, you must verify the chain using Sigstore's TUF root from the sigstore/root-signing repository).

https://github.com/sigstore/fulcio/tree/9279738ef7cc314a9c7e9fa13de7c0d6079d17d4?tab=readme-ov-file#public-instance

[Hayden-IO]

I should probably delete that section, I would not recommend using the TUF client directly. Instead I'd recommend the Sigstore TUF client linked above, as it handles both the TUF verification and extracting the relevant Sigstore metadata. See https://github.com/sigstore/sigstore-go/blob/main/cmd/sigstore-go/main.go#L126-L187.

[spencerschrock]

Gotcha. So something like:

client, err := tuf.DefaultClient()
if err != nil {
	return err
}
trustedRootJSON, err := client.GetTarget("trusted_root.json")
if err != nil {
	return err
}
trustedRoot, err := root.NewTrustedRootFromJSON(trustedRootJSON)
if err != nil {
	return err
}
ca := trustedRoot.FulcioCertificateAuthorities()
for _, c := range ca {
	log.Println(c.Root)
	for _, intermediate := range c.Intermediates {
		log.Println(intermediate)
	}
}

[Hayden-IO]

Exactly! And RekorLogs for the transparency log keys.