config: sign Azure versions on upload & verify on fetch (#1836)

* add SignContent() + integrate into configAPI

* use static client for upload versions tool; fix staticupload calleeReference bug

* use version to get proper cosign pub key.

* mock fetcher in CLI tests

* only provide config.New constructor with fetcher

Co-authored-by: Otto Bittner <cobittner@posteo.net>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

internal/api/configapi/BUILD.bazel

@@ -14,9 +14,10 @@ go_library(
     deps = [
         "//internal/constants",
         "//internal/kms/storage",
-        "//internal/kms/storage/awss3",
-        "//internal/kms/uri",
+        "//internal/sigstore",
+        "//internal/staticupload",
         "//internal/variant",
+        "@com_github_aws_aws_sdk_go_v2_service_s3//:s3",
     ],
 )
 
@@ -28,8 +29,7 @@ go_test(
     ],
     embed = [":configapi"],
     deps = [
-        "//internal/kms/uri",
-        "//internal/variant",
+        "//internal/staticupload",
         "@com_github_stretchr_testify//require",
         "@in_gopkg_yaml_v3//:yaml_v3",
     ],

internal/api/configapi/repo.go

@@ -6,54 +6,78 @@ SPDX-License-Identifier: AGPL-3.0-only
 package configapi
 
 import (
+	"bytes"
 	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io"
 	"path"
 	"sort"
 	"time"
 
+	"github.com/aws/aws-sdk-go-v2/service/s3"
 	"github.com/edgelesssys/constellation/v2/internal/kms/storage"
-	"github.com/edgelesssys/constellation/v2/internal/kms/storage/awss3"
-	"github.com/edgelesssys/constellation/v2/internal/kms/uri"
+	"github.com/edgelesssys/constellation/v2/internal/sigstore"
+	"github.com/edgelesssys/constellation/v2/internal/staticupload"
 	"github.com/edgelesssys/constellation/v2/internal/variant"
 )
 
 // AttestationVersionRepo manages (modifies) the version information for the attestation variants.
 type AttestationVersionRepo struct {
-	*awss3.Storage
+	*staticupload.Client
+	cosignPwd []byte // used to decrypt the cosign private key
+	privKey   []byte // used to sign
 }
 
 // NewAttestationVersionRepo returns a new AttestationVersionRepo.
-func NewAttestationVersionRepo(ctx context.Context, cfg uri.AWSS3Config) (*AttestationVersionRepo, error) {
-	s3, err := awss3.New(ctx, cfg)
+func NewAttestationVersionRepo(ctx context.Context, cfg staticupload.Config, cosignPwd, privateKey []byte) (*AttestationVersionRepo, error) {
+	client, err := staticupload.New(ctx, cfg)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create s3 storage: %w", err)
 	}
-	return &AttestationVersionRepo{s3}, nil
+	return &AttestationVersionRepo{client, cosignPwd, privateKey}, nil
 }
 
 // UploadAzureSEVSNP uploads the latest version numbers of the Azure SEVSNP.
 func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions AzureSEVSNPVersion, date time.Time) error {
-	bt, err := json.Marshal(versions)
+	versionBytes, err := json.Marshal(versions)
 	if err != nil {
 		return err
 	}
 	variant := variant.AzureSEVSNP{}
 	fname := date.Format("2006-01-02-15-04") + ".json"
 
-	err = a.Put(ctx, fmt.Sprintf("%s/%s/%s", attestationURLPath, variant.String(), fname), bt)
+	filePath := fmt.Sprintf("%s/%s/%s", attestationURLPath, variant.String(), fname)
+	err = put(ctx, a.Client, filePath, versionBytes)
+	if err != nil {
+		return err
+	}
+
+	err = a.createAndUploadSignature(ctx, versionBytes, filePath)
 	if err != nil {
 		return err
 	}
 	return a.addVersionToList(ctx, variant, fname)
 }
 
+// createAndUploadSignature signs the given content and uploads the signature to the given filePath with the .sig suffix.
+func (a AttestationVersionRepo) createAndUploadSignature(ctx context.Context, content []byte, filePath string) error {
+	signature, err := sigstore.SignContent(a.cosignPwd, a.privKey, content)
+	if err != nil {
+		return fmt.Errorf("sign version file: %w", err)
+	}
+	err = put(ctx, a.Client, filePath+".sig", signature)
+	if err != nil {
+		return fmt.Errorf("upload signature: %w", err)
+	}
+	return nil
+}
+
 // List returns the list of versions for the given attestation type.
 func (a AttestationVersionRepo) List(ctx context.Context, attestation variant.Variant) ([]string, error) {
 	key := path.Join(attestationURLPath, attestation.String(), "list")
-	bt, err := a.Get(ctx, key)
+	bt, err := get(ctx, a.Client, key)
 	if err != nil {
 		return nil, err
 	}
@@ -71,13 +95,13 @@ func (a AttestationVersionRepo) DeleteList(ctx context.Context, attestation vari
 	if err != nil {
 		return err
 	}
-	return a.Put(ctx, path.Join(attestationURLPath, attestation.String(), "list"), bt)
+	return put(ctx, a.Client, path.Join(attestationURLPath, attestation.String(), "list"), bt)
 }
 
 func (a AttestationVersionRepo) addVersionToList(ctx context.Context, attestation variant.Variant, fname string) error {
 	versions := []string{}
 	key := path.Join(attestationURLPath, attestation.String(), "list")
-	bt, err := a.Get(ctx, key)
+	bt, err := get(ctx, a.Client, key)
 	if err == nil {
 		if err := json.Unmarshal(bt, &versions); err != nil {
 			return err
@@ -92,5 +116,29 @@ func (a AttestationVersionRepo) addVersionToList(ctx context.Context, attestatio
 	if err != nil {
 		return err
 	}
-	return a.Put(ctx, key, json)
+	return put(ctx, a.Client, key, json)
+}
+
+// get is a convenience method.
+func get(ctx context.Context, client *staticupload.Client, path string) ([]byte, error) {
+	getObjectInput := &s3.GetObjectInput{
+		Bucket: &client.BucketID,
+		Key:    &path,
+	}
+	output, err := client.GetObject(ctx, getObjectInput)
+	if err != nil {
+		return nil, fmt.Errorf("getting object: %w", err)
+	}
+	return io.ReadAll(output.Body)
+}
+
+// put is a convenience method.
+func put(ctx context.Context, client *staticupload.Client, path string, data []byte) error {
+	putObjectInput := &s3.PutObjectInput{
+		Bucket: &client.BucketID,
+		Key:    &path,
+		Body:   bytes.NewReader(data),
+	}
+	_, err := client.Upload(ctx, putObjectInput)
+	return err
 }

internal/api/configapi/repo_test.go

@@ -11,40 +11,59 @@ import (
 	"context"
 	"flag"
 	"fmt"
+	"io"
 	"os"
 	"testing"
 	"time"
 
 	"github.com/edgelesssys/constellation/v2/internal/api/configapi"
-	"github.com/edgelesssys/constellation/v2/internal/kms/uri"
-	"github.com/edgelesssys/constellation/v2/internal/variant"
+	"github.com/edgelesssys/constellation/v2/internal/staticupload"
 	"github.com/stretchr/testify/require"
 )
 
+const (
+	awsBucket   = "cdn-constellation-backend"
+	awsRegion   = "eu-central-1"
+	envAwsKeyID = "AWS_ACCESS_KEY_ID"
+	envAwsKey   = "AWS_ACCESS_KEY"
+)
+
+var cfg staticupload.Config
+
 var (
-	awsRegion      = flag.String("aws-region", "us-east-1", "Region to use for AWS tests. Required for AWS KMS test.")
-	awsAccessKeyID = flag.String("aws-access-key-id", "", "ID of the Access key to use for AWS tests. Required for AWS KMS and storage test.")
-	awsAccessKey   = flag.String("aws-access-key", "", "Access key to use for AWS tests. Required for AWS KMS and storage test.")
-	awsBucket      = flag.String("aws-bucket", "", "Name of the S3 bucket to use for AWS storage test. Required for AWS storage test.")
+	cosignPwd      = flag.String("cosign-pwd", "", "Password to decrypt the cosign private key. Required for signing.")
+	privateKeyPath = flag.String("private-key", "", "Path to the private key used for signing. Required for signing.")
+	privateKey     []byte
 )
 
 func TestMain(m *testing.M) {
 	flag.Parse()
-	if *awsAccessKey == "" || *awsAccessKeyID == "" || *awsBucket == "" || *awsRegion == "" {
+	if *cosignPwd == "" || *privateKeyPath == "" {
 		flag.Usage()
-		fmt.Println("Required flags not set: --aws-access-key, --aws-access-key-id, --aws-bucket, --aws-region. Skipping tests.")
-		os.Exit(0)
+		fmt.Println("Required flags not set: --cosign-pwd, --private-key. Skipping tests.")
+		os.Exit(1)
+	}
+	if _, present := os.LookupEnv(envAwsKey); !present {
+		fmt.Printf("%s not set. Skipping tests.\n", envAwsKey)
+		os.Exit(1)
+	}
+	if _, present := os.LookupEnv(envAwsKeyID); !present {
+		fmt.Printf("%s not set. Skipping tests.\n", envAwsKeyID)
+		os.Exit(1)
+	}
+	cfg = staticupload.Config{
+		Bucket: awsBucket,
+		Region: awsRegion,
+	}
+	file, _ := os.Open(*privateKeyPath)
+	var err error
+	privateKey, err = io.ReadAll(file)
+	if err != nil {
+		panic(err)
 	}
 	os.Exit(m.Run())
 }
 
-var cfg = uri.AWSS3Config{
-	Bucket:      *awsBucket,
-	AccessKeyID: *awsAccessKeyID,
-	AccessKey:   *awsAccessKey,
-	Region:      *awsRegion,
-}
-
 var versionValues = configapi.AzureSEVSNPVersion{
 	Bootloader: 2,
 	TEE:        0,
@@ -54,32 +73,8 @@ var versionValues = configapi.AzureSEVSNPVersion{
 
 func TestUploadAzureSEVSNPVersions(t *testing.T) {
 	ctx := context.Background()
-	sut, err := configapi.NewAttestationVersionRepo(ctx, cfg)
+	sut, err := configapi.NewAttestationVersionRepo(ctx, cfg, []byte(*cosignPwd), privateKey)
 	require.NoError(t, err)
 	d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC)
 	require.NoError(t, sut.UploadAzureSEVSNP(ctx, versionValues, d))
 }
-
-func TestListVersions(t *testing.T) {
-	ctx := context.Background()
-
-	sut, err := configapi.NewAttestationVersionRepo(ctx, cfg)
-	require.NoError(t, err)
-
-	err = sut.DeleteList(ctx, variant.AzureSEVSNP{})
-	require.NoError(t, err)
-
-	res, err := sut.List(ctx, variant.AzureSEVSNP{})
-	require.NoError(t, err)
-	require.Equal(t, []string{}, res)
-
-	d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC)
-	err = sut.UploadAzureSEVSNP(ctx, versionValues, d)
-	require.NoError(t, err)
-	res, err = sut.List(ctx, variant.AzureSEVSNP{})
-	require.NoError(t, err)
-	require.Equal(t, []string{"2021-01-01-01-01.json"}, res)
-
-	err = sut.DeleteList(ctx, variant.AzureSEVSNP{})
-	require.NoError(t, err)
-}

internal/api/fetcher/BUILD.bazel

@@ -13,6 +13,7 @@ go_library(
     deps = [
         "//internal/api/configapi",
         "//internal/api/versionsapi",
+        "//internal/sigstore",
     ],
 )
 

internal/api/fetcher/configapi.go

@@ -8,48 +8,94 @@ package fetcher
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
+	"net/url"
 
 	"github.com/edgelesssys/constellation/v2/internal/api/configapi"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
+	"github.com/edgelesssys/constellation/v2/internal/sigstore"
 )
 
 // ConfigAPIFetcher fetches config API resources without authentication.
-type ConfigAPIFetcher struct {
+type ConfigAPIFetcher interface {
+	FetchAzureSEVSNPVersionList(ctx context.Context, attestation configapi.AzureSEVSNPVersionList) (configapi.AzureSEVSNPVersionList, error)
+	FetchAzureSEVSNPVersion(ctx context.Context, azureVersion configapi.AzureSEVSNPVersionGet, version versionsapi.Version) (configapi.AzureSEVSNPVersionGet, error)
+	FetchLatestAzureSEVSNPVersion(ctx context.Context, version versionsapi.Version) (configapi.AzureSEVSNPVersion, error)
+}
+
+// configAPIFetcher fetches config API resources without authentication.
+type configAPIFetcher struct {
 	*fetcher
 }
 
 // NewConfigAPIFetcher returns a new Fetcher.
-func NewConfigAPIFetcher() *ConfigAPIFetcher {
-	return &ConfigAPIFetcher{newFetcher()}
+func NewConfigAPIFetcher() ConfigAPIFetcher {
+	return NewConfigAPIFetcherWithClient(NewHTTPClient())
 }
 
 // NewConfigAPIFetcherWithClient returns a new Fetcher with custom http client.
-func NewConfigAPIFetcherWithClient(client HTTPClient) *ConfigAPIFetcher {
-	return &ConfigAPIFetcher{newFetcherWith(client)}
+func NewConfigAPIFetcherWithClient(client HTTPClient) ConfigAPIFetcher {
+	return &configAPIFetcher{
+		fetcher: newFetcherWith(client),
+	}
 }
 
 // FetchAzureSEVSNPVersionList fetches the version list information from the config API.
-func (f *ConfigAPIFetcher) FetchAzureSEVSNPVersionList(ctx context.Context, attestation configapi.AzureSEVSNPVersionList) (configapi.AzureSEVSNPVersionList, error) {
+func (f *configAPIFetcher) FetchAzureSEVSNPVersionList(ctx context.Context, attestation configapi.AzureSEVSNPVersionList) (configapi.AzureSEVSNPVersionList, error) {
 	return fetch(ctx, f.httpc, attestation)
 }
 
 // FetchAzureSEVSNPVersion fetches the version information from the config API.
-func (f *ConfigAPIFetcher) FetchAzureSEVSNPVersion(ctx context.Context, attestation configapi.AzureSEVSNPVersionGet) (configapi.AzureSEVSNPVersionGet, error) {
-	// TODO(elchead): follow-up PR for AB#3045 to check signature (sigstore.VerifySignature)
-	return fetch(ctx, f.httpc, attestation)
+func (f *configAPIFetcher) FetchAzureSEVSNPVersion(ctx context.Context, azureVersion configapi.AzureSEVSNPVersionGet, version versionsapi.Version) (configapi.AzureSEVSNPVersionGet, error) {
+	cosignPublicKey, err := sigstore.CosignPublicKeyForVersion(version)
+	if err != nil {
+		return azureVersion, fmt.Errorf("get public key for config: %w", err)
+	}
+	urlString, err := azureVersion.URL()
+	if err != nil {
+		return azureVersion, err
+	}
+	fetchedVersion, err := fetch(ctx, f.httpc, azureVersion)
+	if err != nil {
+		return fetchedVersion, fmt.Errorf("fetch version %s: %w", fetchedVersion.Version, err)
+	}
+	versionBytes, err := json.Marshal(fetchedVersion)
+	if err != nil {
+		return fetchedVersion, fmt.Errorf("marshal version for verify %s: %w", fetchedVersion.Version, err)
+	}
+
+	signature, err := fetchBytesFromRawURL(ctx, fmt.Sprintf("%s.sig", urlString), f.httpc)
+	if err != nil {
+		return fetchedVersion, fmt.Errorf("fetch version %s signature: %w", fetchedVersion.Version, err)
+	}
+
+	err = sigstore.CosignVerifier{}.VerifySignature(versionBytes, signature, cosignPublicKey)
+	if err != nil {
+		return fetchedVersion, fmt.Errorf("verify version %s signature: %w", fetchedVersion.Version, err)
+	}
+	return fetchedVersion, nil
 }
 
 // FetchLatestAzureSEVSNPVersion returns the latest versions of the given type.
-func (f *ConfigAPIFetcher) FetchLatestAzureSEVSNPVersion(ctx context.Context) (res configapi.AzureSEVSNPVersion, err error) {
+func (f *configAPIFetcher) FetchLatestAzureSEVSNPVersion(ctx context.Context, version versionsapi.Version) (res configapi.AzureSEVSNPVersion, err error) {
 	var versions configapi.AzureSEVSNPVersionList
 	versions, err = f.FetchAzureSEVSNPVersionList(ctx, versions)
 	if err != nil {
 		return res, fmt.Errorf("fetching versions list: %w", err)
 	}
 	get := configapi.AzureSEVSNPVersionGet{Version: versions[0]} // get latest version (as sorted reversely alphanumerically)
-	get, err = f.FetchAzureSEVSNPVersion(ctx, get)
+	get, err = f.FetchAzureSEVSNPVersion(ctx, get, version)
 	if err != nil {
 		return res, fmt.Errorf("failed fetching version: %w", err)
 	}
 	return get.AzureSEVSNPVersion, nil
 }
+
+func fetchBytesFromRawURL(ctx context.Context, urlString string, client HTTPClient) ([]byte, error) {
+	url, err := url.Parse(urlString)
+	if err != nil {
+		return nil, fmt.Errorf("parse version url %s: %w", urlString, err)
+	}
+	return getFromURL(ctx, client, url)
+}

internal/api/fetcher/configapi_test.go

@@ -15,27 +15,66 @@ import (
 	"testing"
 
 	"github.com/edgelesssys/constellation/v2/internal/api/configapi"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
-func TestGetVersion(t *testing.T) {
-	client := &http.Client{
-		Transport: &fakeConfigAPIHandler{},
-	}
-	fetcher := NewConfigAPIFetcherWithClient(client)
-	res, err := fetcher.FetchLatestAzureSEVSNPVersion(context.Background())
-	require.NoError(t, err)
-	assert.Equal(t, uint8(2), res.Bootloader)
+var testCfg = configapi.AzureSEVSNPVersion{
+	Microcode:  93,
+	TEE:        0,
+	SNP:        6,
+	Bootloader: 2,
 }
 
-type fakeConfigAPIHandler struct{}
+func TestFetchLatestAzureSEVSNPVersion(t *testing.T) {
+	testcases := map[string]struct {
+		signature []byte
+		wantErr   bool
+		want      configapi.AzureSEVSNPVersion
+	}{
+		"get version with valid signature": {
+			signature: []byte("MEUCIQDNn6wiSh9Nz9mtU9RvxvfkH3fNDFGeqopjTIRoBNkyrAIgSsKgdYNQXvPevaLWmmpnj/9WcgrltAQ+KfI+bQfklAo="),
+			want:      testCfg,
+		},
+		"fail with invalid signature": {
+			signature: []byte("invalid"),
+			wantErr:   true,
+		},
+	}
+	for name, tc := range testcases {
+		t.Run(name, func(t *testing.T) {
+			client := &http.Client{
+				Transport: &fakeConfigAPIHandler{
+					signature: tc.signature,
+				},
+			}
+			require := require.New(t)
+			version, err := versionsapi.NewVersionFromShortPath("stream/debug/v9.9.9", versionsapi.VersionKindImage)
+			require.NoError(err)
+			fetcher := NewConfigAPIFetcherWithClient(client)
+
+			assert := assert.New(t)
+			res, err := fetcher.FetchLatestAzureSEVSNPVersion(context.Background(), version)
+			if tc.wantErr {
+				assert.Error(err)
+			} else {
+				assert.NoError(err)
+				assert.Equal(testCfg, res)
+			}
+		})
+	}
+}
+
+type fakeConfigAPIHandler struct {
+	signature []byte
+}
 
 // RoundTrip resolves the request and returns a dummy response.
 func (f *fakeConfigAPIHandler) RoundTrip(req *http.Request) (*http.Response, error) {
 	if req.URL.Path == "/constellation/v1/attestation/azure-sev-snp/list" {
 		res := &http.Response{}
-		data := []string{"2021-01-01-01-01.json"}
+		data := []string{"2021-01-01-01-01.json", "2019-01-01-01-02.json"} // return multiple versions to check that latest version is correctly selected
 		bt, err := json.Marshal(data)
 		if err != nil {
 			return nil, err
@@ -47,12 +86,7 @@ func (f *fakeConfigAPIHandler) RoundTrip(req *http.Request) (*http.Response, err
 		return res, nil
 	} else if req.URL.Path == "/constellation/v1/attestation/azure-sev-snp/2021-01-01-01-01.json" {
 		res := &http.Response{}
-		bt, err := json.Marshal(configapi.AzureSEVSNPVersion{
-			Microcode:  93,
-			TEE:        0,
-			SNP:        6,
-			Bootloader: 2,
-		})
+		bt, err := json.Marshal(testCfg)
 		if err != nil {
 			return nil, err
 		}
@@ -60,6 +94,12 @@ func (f *fakeConfigAPIHandler) RoundTrip(req *http.Request) (*http.Response, err
 		res.StatusCode = http.StatusOK
 		return res, nil
 
+	} else if req.URL.Path == "/constellation/v1/attestation/azure-sev-snp/2021-01-01-01-01.json.sig" {
+		res := &http.Response{}
+		res.Body = io.NopCloser(bytes.NewReader(f.signature))
+		res.StatusCode = http.StatusOK
+		return res, nil
+
 	}
 	return nil, errors.New("no endpoint found")
 }

internal/api/fetcher/fetcher.go

@@ -17,7 +17,9 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"io"
 	"net/http"
+	"net/url"
 )
 
 // fetcher fetches versions API resources without authentication.
@@ -46,6 +48,24 @@ type apiObject interface {
 	URL() (string, error)
 }
 
+// getFromURL fetches the content from the given URL and returns the content as a byte slice.
+func getFromURL(ctx context.Context, client HTTPClient, sourceURL *url.URL) ([]byte, error) {
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, sourceURL.String(), http.NoBody)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("http status code: %d", resp.StatusCode)
+	}
+	return io.ReadAll(resp.Body)
+}
+
 func fetch[T apiObject](ctx context.Context, c HTTPClient, obj T) (T, error) {
 	if err := obj.ValidateRequest(); err != nil {
 		return *new(T), fmt.Errorf("validating request for %T: %w", obj, err)

internal/api/versionsapi/cli/BUILD.bazel

@@ -14,6 +14,7 @@ go_library(
     deps = [
         "//internal/api/versionsapi",
         "//internal/api/versionsapi/client",
+        "//internal/constants",
         "//internal/logger",
         "@com_github_aws_aws_sdk_go_v2_config//:config",
         "@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2",

internal/api/versionsapi/cli/main.go

@@ -23,6 +23,7 @@ import (
 	"os"
 	"os/signal"
 
+	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/spf13/cobra"
 )
 
@@ -52,7 +53,7 @@ func newRootCmd() *cobra.Command {
 	rootCmd.PersistentFlags().Bool("verbose", false, "Enable verbose output")
 	rootCmd.PersistentFlags().String("region", "eu-central-1", "AWS region of the API S3 bucket")
 	rootCmd.PersistentFlags().String("bucket", "cdn-constellation-backend", "S3 bucket name of the API")
-	rootCmd.PersistentFlags().String("distribution-id", "E1H77EZTHC3NE4", "CloudFront distribution ID of the API")
+	rootCmd.PersistentFlags().String("distribution-id", constants.CDNDefaultDistributionID, "CloudFront distribution ID of the API")
 
 	rootCmd.AddCommand(newAddCmd())
 	rootCmd.AddCommand(newLatestCmd())