Add warning when verifying with artifact digest

This discourages using an artifact digest to verify an in-toto attestation, and mentions that it breaks Ed25519 verification. Fixes #444 Signed-off-by: Hayden Blauzvern <[email protected]>
sigstore · Jan 8, 2025 · 5a05c3e · 5a05c3e
1 parent 1e0daec
commit 5a05c3e
Show file tree

Hide file tree

Showing 7 changed files with 20 additions and 6 deletions.
diff --git a/gen/jsonschema/schemas/Artifact.schema.json b/gen/jsonschema/schemas/Artifact.schema.json
@@ -17,7 +17,7 @@
                 "artifactDigest": {
                     "$ref": "#/definitions/dev.sigstore.common.v1.HashOutput",
                     "additionalProperties": false,
-                    "description": "Digest of the artifact"
+                    "description": "Digest of the artifact. SHOULD NOT be used when verifying an in-toto attestation as the subject digest cannot be reconstructed. This option will not work with Ed25519 signatures, use Ed25519Ph or another algorithm instead."
                 }
             },
             "additionalProperties": false,

diff --git a/gen/jsonschema/schemas/Input.schema.json b/gen/jsonschema/schemas/Input.schema.json
@@ -657,7 +657,7 @@
                 "artifactDigest": {
                     "$ref": "#/definitions/dev.sigstore.common.v1.HashOutput",
                     "additionalProperties": false,
-                    "description": "Digest of the artifact"
+                    "description": "Digest of the artifact. SHOULD NOT be used when verifying an in-toto attestation as the subject digest cannot be reconstructed. This option will not work with Ed25519 signatures, use Ed25519Ph or another algorithm instead."
                 }
             },
             "additionalProperties": false,

diff --git a/gen/pb-go/verification/v1/sigstore_verification.pb.go b/gen/pb-go/verification/v1/sigstore_verification.pb.go
diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/verification/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/verification/v1/__init__.py
diff --git a/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.verification.v1.rs b/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.verification.v1.rs
@@ -265,7 +265,10 @@ pub mod artifact {
         /// The raw bytes of the artifact
         #[prost(bytes, tag = "2")]
         Artifact(::prost::alloc::vec::Vec<u8>),
-        /// Digest of the artifact
+        /// Digest of the artifact. SHOULD NOT be used when verifying an
+        /// in-toto attestation as the subject digest cannot be
+        /// reconstructed. This option will not work with Ed25519
+        /// signatures, use Ed25519Ph or another algorithm instead.
         #[prost(message, tag = "3")]
         ArtifactDigest(super::super::super::common::v1::HashOutput),
     }

diff --git a/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin b/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin
diff --git a/protos/sigstore_verification.proto b/protos/sigstore_verification.proto
@@ -136,7 +136,10 @@ message Artifact {
                 string artifact_uri = 1;
                 // The raw bytes of the artifact
                 bytes artifact = 2;
-                // Digest of the artifact
+                // Digest of the artifact. SHOULD NOT be used when verifying an
+                // in-toto attestation as the subject digest cannot be
+                // reconstructed. This option will not work with Ed25519
+                // signatures, use Ed25519Ph or another algorithm instead.
                 dev.sigstore.common.v1.HashOutput artifact_digest = 3;
         }
 }