• Stars
    star
    227
  • Rank 175,900 (Top 4 %)
  • Language
    Python
  • License
    Other
  • Created almost 3 years ago
  • Updated about 2 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A Sigstore client written in Python

sigstore-python

CI PyPI version OpenSSF Scorecard SLSA Conformance Tests Documentation

sigstore is a Python tool for generating and verifying Sigstore signatures. You can use it to sign and verify Python package distributions, or anything else!

Index

Features

Installation

sigstore requires Python 3.7 or newer, and can be installed directly via pip:

python -m pip install sigstore

Optionally, to install sigstore and all its dependencies with hash-checking mode enabled, run the following:

python -m pip install -r https://raw.githubusercontent.com/sigstore/sigstore-python/main/install/requirements.txt

This installs the requirements file located here, which is kept up-to-date.

GitHub Actions

sigstore-python has an official GitHub Action!

You can install it from the GitHub Marketplace, or add it to your CI manually:

jobs:
  sigstore-python:
    steps:
      - uses: sigstore/[email protected]
        with:
          inputs: foo.txt

See the action documentation for more details and usage examples.

Usage

For Python API usage, see our documentation.

You can run sigstore as a standalone program, or via python -m:

sigstore --help
python -m sigstore --help

Top-level:

usage: sigstore [-h] [-V] [-v] [--staging] [--rekor-url URL]
                [--rekor-root-pubkey FILE]
                COMMAND ...

a tool for signing and verifying Python package distributions

positional arguments:
  COMMAND               the operation to perform
    sign                sign one or more inputs
    verify              verify one or more inputs
    get-identity-token  retrieve and return a Sigstore-compatible OpenID
                        Connect token

optional arguments:
  -h, --help            show this help message and exit
  -V, --version         show program's version number and exit
  -v, --verbose         run with additional debug logging; supply multiple
                        times to increase verbosity (default: 0)

Sigstore instance options:
  --staging             Use sigstore's staging instances, instead of the
                        default production instances (default: False)
  --rekor-url URL       The Rekor instance to use (conflicts with --staging)
                        (default: https://rekor.sigstore.dev)
  --rekor-root-pubkey FILE
                        A PEM-encoded root public key for Rekor itself
                        (conflicts with --staging) (default: None)

Signing

usage: sigstore sign [-h] [--identity-token TOKEN] [--oidc-client-id ID]
                     [--oidc-client-secret SECRET]
                     [--oidc-disable-ambient-providers] [--oidc-issuer URL]
                     [--no-default-files] [--signature FILE]
                     [--certificate FILE] [--bundle FILE]
                     [--output-directory DIR] [--overwrite] [--staging]
                     [--rekor-url URL] [--rekor-root-pubkey FILE]
                     [--fulcio-url URL] [--ctfe FILE]
                     FILE [FILE ...]

positional arguments:
  FILE                  The file to sign

optional arguments:
  -h, --help            show this help message and exit

OpenID Connect options:
  --identity-token TOKEN
                        the OIDC identity token to use (default: None)
  --oidc-client-id ID   The custom OpenID Connect client ID to use during
                        OAuth2 (default: sigstore)
  --oidc-client-secret SECRET
                        The custom OpenID Connect client secret to use during
                        OAuth2 (default: None)
  --oidc-disable-ambient-providers
                        Disable ambient OpenID Connect credential detection
                        (e.g. on GitHub Actions) (default: False)
  --oidc-issuer URL     The OpenID Connect issuer to use (conflicts with
                        --staging) (default: https://oauth2.sigstore.dev/auth)

Output options:
  --no-default-files    Don't emit the default output files ({input}.sigstore)
                        (default: False)
  --signature FILE, --output-signature FILE
                        Write a single signature to the given file; does not
                        work with multiple input files (default: None)
  --certificate FILE, --output-certificate FILE
                        Write a single certificate to the given file; does not
                        work with multiple input files (default: None)
  --bundle FILE         Write a single Sigstore bundle to the given file; does
                        not work with multiple input files (default: None)
  --output-directory DIR
                        Write default outputs to the given directory
                        (conflicts with --signature, --certificate, --bundle)
                        (default: None)
  --overwrite           Overwrite preexisting signature and certificate
                        outputs, if present (default: False)

Sigstore instance options:
  --staging             Use sigstore's staging instances, instead of the
                        default production instances. This option will be
                        deprecated in favor of the global `--staging` option
                        in a future release. (default: False)
  --rekor-url URL       The Rekor instance to use (conflicts with --staging).
                        This option will be deprecated in favor of the global
                        `--rekor-url` option in a future release. (default:
                        None)
  --rekor-root-pubkey FILE
                        A PEM-encoded root public key for Rekor itself
                        (conflicts with --staging). This option will be
                        deprecated in favor of the global `--rekor-root-
                        pubkey` option in a future release. (default: None)
  --fulcio-url URL      The Fulcio instance to use (conflicts with --staging)
                        (default: https://fulcio.sigstore.dev)
  --ctfe FILE           A PEM-encoded public key for the CT log (conflicts
                        with --staging) (default: None)

Verifying

Generic identities

This is the most common verification done with sigstore, and therefore the one you probably want: you can use it to verify that a signature was produced by a particular identity (like [email protected]), as attested to by a particular OIDC provider (like https://github.com/login/oauth).

usage: sigstore verify identity [-h] [--certificate FILE] [--signature FILE]
                                [--bundle FILE] --cert-identity IDENTITY
                                [--offline] --cert-oidc-issuer URL [--staging]
                                [--rekor-url URL] [--rekor-root-pubkey FILE]
                                [--certificate-chain FILE]
                                FILE [FILE ...]

optional arguments:
  -h, --help            show this help message and exit

Verification inputs:
  --certificate FILE, --cert FILE
                        The PEM-encoded certificate to verify against; not
                        used with multiple inputs (default: None)
  --signature FILE      The signature to verify against; not used with
                        multiple inputs (default: None)
  --bundle FILE         The Sigstore bundle to verify with; not used with
                        multiple inputs (default: None)
  FILE                  The file to verify

Verification options:
  --cert-identity IDENTITY
                        The identity to check for in the certificate's Subject
                        Alternative Name (default: None)
  --offline             Perform offline verification; requires a Sigstore
                        bundle (default: False)
  --cert-oidc-issuer URL
                        The OIDC issuer URL to check for in the certificate's
                        OIDC issuer extension (default: None)

Sigstore instance options:
  --staging             Use sigstore's staging instances, instead of the
                        default production instances. This option will be
                        deprecated in favor of the global `--staging` option
                        in a future release. (default: False)
  --rekor-url URL       The Rekor instance to use (conflicts with --staging).
                        This option will be deprecated in favor of the global
                        `--rekor-url` option in a future release. (default:
                        None)
  --rekor-root-pubkey FILE
                        A PEM-encoded root public key for Rekor itself
                        (conflicts with --staging). This option will be
                        deprecated in favor of the global `--rekor-root-
                        pubkey` option in a future release. (default: None)
  --certificate-chain FILE
                        Path to a list of CA certificates in PEM format which
                        will be needed when building the certificate chain for
                        the Fulcio signing certificate (default: None)

Signatures from GitHub Actions

If your signatures are coming from GitHub Actions (e.g., a workflow that uses its ambient credentials), then you can use the sigstore verify github subcommand to verify claims more precisely than sigstore verify identity allows:

usage: sigstore verify github [-h] [--certificate FILE] [--signature FILE]
                              [--bundle FILE] --cert-identity IDENTITY
                              [--offline] [--trigger EVENT] [--sha SHA]
                              [--name NAME] [--repository REPO] [--ref REF]
                              [--staging] [--rekor-url URL]
                              [--rekor-root-pubkey FILE]
                              [--certificate-chain FILE]
                              FILE [FILE ...]

optional arguments:
  -h, --help            show this help message and exit

Verification inputs:
  --certificate FILE, --cert FILE
                        The PEM-encoded certificate to verify against; not
                        used with multiple inputs (default: None)
  --signature FILE      The signature to verify against; not used with
                        multiple inputs (default: None)
  --bundle FILE         The Sigstore bundle to verify with; not used with
                        multiple inputs (default: None)
  FILE                  The file to verify

Verification options:
  --cert-identity IDENTITY
                        The identity to check for in the certificate's Subject
                        Alternative Name (default: None)
  --offline             Perform offline verification; requires a Sigstore
                        bundle (default: False)
  --trigger EVENT       The GitHub Actions event name that triggered the
                        workflow (default: None)
  --sha SHA             The `git` commit SHA that the workflow run was invoked
                        with (default: None)
  --name NAME           The name of the workflow that was triggered (default:
                        None)
  --repository REPO     The repository slug that the workflow was triggered
                        under (default: None)
  --ref REF             The `git` ref that the workflow was invoked with
                        (default: None)

Sigstore instance options:
  --staging             Use sigstore's staging instances, instead of the
                        default production instances. This option will be
                        deprecated in favor of the global `--staging` option
                        in a future release. (default: False)
  --rekor-url URL       The Rekor instance to use (conflicts with --staging).
                        This option will be deprecated in favor of the global
                        `--rekor-url` option in a future release. (default:
                        None)
  --rekor-root-pubkey FILE
                        A PEM-encoded root public key for Rekor itself
                        (conflicts with --staging). This option will be
                        deprecated in favor of the global `--rekor-root-
                        pubkey` option in a future release. (default: None)
  --certificate-chain FILE
                        Path to a list of CA certificates in PEM format which
                        will be needed when building the certificate chain for
                        the Fulcio signing certificate (default: None)

Example uses

sigstore supports a wide variety of workflows and usages. Some common ones are provided below.

Signing with ambient credentials

For environments that support OpenID Connect, natively sigstore supports ambient credential detection. This includes many popular CI platforms and cloud providers. See the full list of supported environments here.

Sign a single file (foo.txt) using an ambient OpenID Connect credential, saving the signature and certificate to foo.txt.sig and foo.txt.crt:

$ python -m sigstore sign foo.txt

Signing with an email identity

sigstore can use an OAuth2 + OpenID flow to establish an email identity, allowing you to request signing certificates that attest to control over that email.

Sign a single file (foo.txt) using the OAuth2 flow, saving the signature and certificate to foo.txt.sig and foo.txt.crt:

$ python -m sigstore sign foo.txt

By default, sigstore attempts to do ambient credential detection, which may preempt the OAuth2 flow. To force the OAuth2 flow, you can explicitly disable ambient detection:

$ python -m sigstore sign --oidc-disable-ambient-providers foo.txt

Signing with an explicit identity token

If you can't use an ambient credential or the OAuth2 flow, you can pass a pre-created identity token directly into sigstore sign:

$ python -m sigstore sign --identity-token YOUR-LONG-JWT-HERE foo.txt

Note that passing a custom identity token does not circumvent Fulcio's requirements, namely the Fulcio's supported identity providers and the claims expected within the token.

Verifying against a signature and certificate

By default, sigstore verify will attempt to find a <filename>.sig and <filename>.crt in the same directory as the file being verified:

# looks for foo.txt.sig and foo.txt.crt
$ python -m sigstore verify identity foo.txt \
    --cert-identity '[email protected]' \
    --cert-oidc-issuer 'https://github.com/login/oauth'

Multiple files can be verified at once:

# looks for {foo,bar}.txt.{sig,crt}
$ python -m sigstore verify identity foo.txt bar.txt \
    --cert-identity '[email protected]' \
    --cert-oidc-issuer 'https://github.com/login/oauth'

If your signature and certificate are at different paths, you can specify them explicitly (but only for one file at a time):

$ python -m sigstore verify identity foo.txt \
    --certificate some/other/path/foo.crt \
    --signature some/other/path/foo.sig \
    --cert-identity '[email protected]' \
    --cert-oidc-issuer 'https://github.com/login/oauth'

Verifying signatures from GitHub Actions

sigstore verify github can be used to verify claims specific to signatures coming from GitHub Actions. sigstore-python signs releases via GitHub Actions, so the examples below are working examples of how you can verify a given sigstore-python release.

As with sigstore verify identity, the --cert-identity flag is required. However, since we know that the signature was generated with an GitHub Actions ambient credential, the OIDC issuer is inferred.

$ python -m sigstore verify github sigstore-0.10.0-py3-none-any.whl \
    --certificate sigstore-0.10.0-py3-none-any.whl.crt \
    --signature sigstore-0.10.0-py3-none-any.whl.sig \
    --cert-identity https://github.com/sigstore/sigstore-python/.github/workflows/release.yml@refs/tags/v0.10.0

Additionally, GitHub Actions specific claims can be verified like so:

$ python -m sigstore verify github sigstore-0.10.0-py3-none-any.whl \
    --certificate sigstore-0.10.0-py3-none-any.whl.crt \
    --signature sigstore-0.10.0-py3-none-any.whl.sig \
    --cert-identity https://github.com/sigstore/sigstore-python/.github/workflows/release.yml@refs/tags/v0.10.0 \
    --trigger release \
    --sha 66581529803929c3ccc45334632ccd90f06e0de4 \
    --name Release \
    --repository sigstore/sigstore-python \
    --ref refs/tags/v0.10.0

Licensing

sigstore is licensed under the Apache 2.0 License.

Community

sigstore-python is developed as part of the Sigstore project.

We also use a Slack channel! Click here for the invite link.

Contributing

See the contributing docs for details.

Code of Conduct

Everyone interacting with this project is expected to follow the sigstore Code of Conduct.

Security

Should you discover any security issues, please refer to sigstore's security process.

SLSA Provenance

This project emits a SLSA provenance on its release! This enables you to verify the integrity of the downloaded artifacts and ensured that the binary's code really comes from this source code.

To do so, please follow the instructions here.

More Repositories

1

cosign

Code signing and transparency for containers and binaries
Go
4,300
star
2

gitsign

Keyless Git signing using Sigstore
Go
938
star
3

rekor

Software Supply Chain Transparency Log
Go
864
star
4

fulcio

Sigstore OIDC PKI
Go
629
star
5

sigstore

Common go library shared across sigstore services and clients
Go
441
star
6

sigstore-rs

An experimental Rust crate for sigstore
Rust
162
star
7

sigstore-js

Code-signing for npm packages
TypeScript
156
star
8

policy-controller

Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign
Go
123
star
9

cosign-installer

Cosign Github Action
114
star
10

model-transparency

Supply chain security for ML
Python
105
star
11

root-signing

TUF repository for Sigstore trust root
Go
81
star
12

k8s-manifest-sigstore

kubectl plugin for signing Kubernetes manifest YAML files with sigstore
Go
78
star
13

cosign-gatekeeper-provider

๐Ÿ”ฎ โœˆ๏ธ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures
Go
76
star
14

docs

Sigstore documentation
HTML
73
star
15

helm-charts

Helm charts for sigstore project
Smarty
62
star
16

helm-sigstore

Plugin for Helm to integrate the sigstore ecosystem
Go
59
star
17

timestamp-authority

RFC3161 Timestamp Authority
Go
58
star
18

scaffolding

Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.
HCL
57
star
19

gh-action-sigstore-python

A GitHub Action for sigstore-python
Python
46
star
20

sigstore-go

Go library for Sigstore signing and verification
Go
39
star
21

community

General sigstore community repo
38
star
22

sigstore-java

java clients for sigstore
Java
37
star
23

friends

Sigstore user stories
29
star
24

sigstore-website

Codebase for sigstore.dev
Vue
27
star
25

rekor-search-ui

Search Rekor for entries
TypeScript
26
star
26

rekor-monitor

Log monitor for Rekor to verify immutability and monitor entries
Go
24
star
27

protobuf-specs

Protocol Buffer specifications
Rust
22
star
28

sget

Go
21
star
29

rekor-operator

K8S Operator for Rekor
Go
20
star
30

sigstore-maven-plugin

sigstore maven plugin
Java
18
star
31

sget-rs

sget is a keyless safe script retrieval and execution tool
Rust
18
star
32

sigstore-go-archived

Go library for Sigstore signing and verification
Go
16
star
33

rekor-server

Cryptographic, immutable, append only software release ledger.
Go
11
star
34

rekorctl

Rekor swiss army knife
Go
9
star
35

ruby-sigstore

Rubygems sigstore signing plugin
Ruby
9
star
36

sigstore-git-verifier

A Github Action to verify that new commits are present in the sigstore transparency log.
Shell
8
star
37

sigstore-maven

sigstore maven plugin
Java
8
star
38

TSC

sigstore Technical Steering Committee
7
star
39

sigstore-conformance

Conformance testing for Sigstore clients
Python
7
star
40

sigstore.github.io

Rekor website
Sass
7
star
41

homebrew-tap

Sigstore Homebrew Tap
Ruby
6
star
42

examples

Repository to store various monitors for upstream release sites
Python
6
star
43

sigstore-blog

Codebase for sigstore.dev
CSS
6
star
44

sigstore-project-template

cookiecutter template for sigstore projects
5
star
45

github-sync

Pulumi GitHub Sync for sigstore
Go
5
star
46

sig-clients

Home of the clients SIG
5
star
47

sigstore-helm-operator

Helm based operator for the sigstore project
Smarty
4
star
48

sigstore-probers

Probers for sigstore infrastructure
Go
4
star
49

.github

Default community health files for the Sigstore organization.
4
star
50

sigstore-devops-tools

Tools & services used to help in the development flow of sigstore
Go
4
star
51

sigstore-ruby

Pure-ruby implementation of sigstore verification
Ruby
4
star
52

root-signing-staging

Staging TUF repository for Sigstore trust root
3
star
53

root-signing-practice

Root TUF Key Signing
Go
3
star
54

rekor-ansible

Ansible role to deploy the Rekor signature transparency log
2
star
55

sigstore-installer

1
star
56

fish-food

Lua
1
star
57

sig-public-good-operations

Home of the public good operations SIG
1
star