Protecting the supply chain, signing container images without needing to manage signing keys (keyless signing)

Sigstore: A new standard for signing, verifying and protecting software

Main components

• Cosign (container signing, verification and storage)
• Fulcio (root certificate authority)
• Rekor (transparency log)
• OpenID Connect (means of authentication)

How this stack works?

Using Fulcio, sigstore requests a certificate from our root Certificate Authority (CA). This checks you are who you say you are using OpenID Connect, which looks at your email address to prove you’re the author. Fulcio grants a time-stamped certificate, a way to say you’re signed in and that it’s you.

You don’t have to do anything with keys yourself, and sigstore never obtains your private key. The public key that Cosign creates gets bound to your certificate, and the signing details get stored in sigstore’s trust root, the deeper layer of keys and trustees and what we use to check authenticity.

Your certificate then comes back to sigstore, where sigstore exchanges keys, asserts your identity and signs everything off. The signature contains the hash itself, public key, signature content and the time stamp. This all gets uploaded to a Rekor transparency log, so anyone can check that what you’ve put out there went through all the checks needed to be authentic.

Example

• First, create a service account linked to an AWS IAM Role (AmazonEC2ContainerRegistryPowerUser)

• Now, it’s time to sign and image stored in ECR

Finally, looking in the job log, you can see:

$ kubectl logs jobs/keyless-signing
Generating ephemeral keys...
Retrieving signed certificate...
Successfully verified SCT...
tlog entry created with index: 820320

For sure, using cosign, you can verify your signature

$ COSIGN_EXPERIMENTAL=true cosign verify YOUR_IMAGE_HERE

The JSON blob shows the identity of your workload, which was embedded in the certificate:

"Issuer": "https://oidc.eks.us-east-1.amazonaws.com/id/...",
"Subject": "https://kubernetes.io/namespaces/default/serviceaccounts/sign-serviceaccount"

References:

• https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html
• https://github.com/sigstore
• https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/
• https://chainguard.dev/posts/2021-11-03-zero-friction-keyless-signing