Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update error message from notation-go #345

Merged
merged 23 commits into from
Oct 28, 2023
Merged

fix: update error message from notation-go #345

merged 23 commits into from
Oct 28, 2023

Conversation

Two-Hearts
Copy link
Contributor

@Two-Hearts Two-Hearts commented Aug 29, 2023
edited
Loading

This PR tends to solve the following issues from Notation CLI which requires a few changes in notation-go library:
#699, #700, #701.

This PR includes:
Updated verificationOutcomes in the return of notation.Verify to include verification failed reasons of each signature, so that Notation CLI could display them to the user without having to enable the -v or -d flag.

  1. Updated err returned from notation.Verify as a joined error. (based on code review, verificationOutcomes related logic is not changed in this PR.)
  2. The error message updates related to trust store, based on discussions from the issues mentioned above.

The updated error messages is displayed in the PR of Notation CLI: notaryproject/notation#771.

Two-Hearts and others added 10 commits August 24, 2023 17:09
@Two-Hearts
update
e80c2e9 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts
initial commit
3589832 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts
added signature manifest desc to verification outcomes
5200c6a 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts
update
6d19202 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts
test
c52d266 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts
test
a19f693 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts
fix
48e71bc 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts
update
54c7646 
Signed-off-by: Patrick Zheng <[email protected]>
@dependabot @Two-Hearts
build(deps): bump golang.org/x/crypto from 0.11.0 to 0.12.0 (notarypr…
5914b38 
…oject#344)
@Two-Hearts
Merge branch 'notaryproject:main' into errMsg
7ff8f2b
@codecov-commenter
Copy link

codecov-commenter commented Aug 29, 2023
edited
Loading

Codecov Report

Merging #345 (e6af52d) into main (effa7cb) will decrease coverage by 0.32%.
The diff coverage is 43.47%.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

@@            Coverage Diff             @@
##             main     #345      +/-   ##
==========================================
- Coverage   74.68%   74.36%   -0.32%     
==========================================
  Files          23       24       +1     
  Lines        2228     2251      +23     
==========================================
+ Hits         1664     1674      +10     
- Misses        443      457      +14     
+ Partials      121      120       -1
Files Coverage Δ
dir/path.go 88.88% <ø> (ø)
notation.go 66.51% <100.00%> (+1.69%) ⬆️
verifier/verifier.go 81.53% <100.00%> (ø)
verifier/helpers.go 70.51% <50.00%> (ø)
verifier/truststore/truststore.go 52.45% <30.76%> (+0.79%) ⬆️
verifier/truststore/errors.go 20.00% <20.00%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@Two-Hearts
fixed license
fcd8ca6 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts Two-Hearts mentioned this pull request Aug 29, 2023
Closed
shizhMSFT
shizhMSFT reviewed Aug 29, 2023
View reviewed changes
verifier/truststore/errors.go Outdated Show resolved Hide resolved
verifier/truststore/errors.go Outdated Show resolved Hide resolved
verifier/truststore/errors.go Outdated Show resolved Hide resolved
verifier/truststore/errors.go Outdated Show resolved Hide resolved
notation.go Outdated Show resolved Hide resolved
@Two-Hearts
updated per code review
06b9ea4 
Signed-off-by: Patrick Zheng <[email protected]>
JeyJeyGao
JeyJeyGao previously approved these changes Aug 30, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

shizhMSFT
shizhMSFT reviewed Aug 31, 2023
View reviewed changes
verifier/truststore/truststore.go Outdated Show resolved Hide resolved
notation.go Outdated Show resolved Hide resolved
notation.go Show resolved Hide resolved
notation.go Outdated Show resolved Hide resolved
@Two-Hearts
updated per code review
f0b5b46 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts
fixed join error
33af9c7 
Signed-off-by: Patrick Zheng <[email protected]>
@JeyJeyGao @Two-Hearts
bump: update oras-go to v2.3.0 (notaryproject#347)
8357f92 
- Update oras-go to v2.3.0.
- Replace oras.Pack() with oras.PackManifest() as it is deprecated in
v2.3.0.
- Generate an empty config blob manually, as oras.PackManifest() does
not generate the config blob with the notation artifact type as the
media type.

Resolves notaryproject#346
Signed-off-by: Junjie Gao <[email protected]>

---------

Signed-off-by: Junjie Gao <[email protected]>
shizhMSFT
shizhMSFT previously approved these changes Sep 18, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with suggestions

notation.go Outdated Show resolved Hide resolved
@Two-Hearts
update
2606b29 
Signed-off-by: Patrick Zheng <[email protected]>
shizhMSFT
shizhMSFT previously approved these changes Sep 18, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@priteshbandi
Copy link
Contributor

priteshbandi commented Sep 22, 2023
edited
Loading

Couple of observations:

  1. IMO we should't return verificationOutcomes for all the signatures we have evaluated; In endless data attack and system will crash with OOM error. Before adding adding more functionality based on verificationOutcomes, we should disuses how we want to mitigate the aforementioned issue.
  2. There are some precondition errors such as ts/tp misconfiguration for which we should short circuit and not evaluate signatures. More discussion in fix: update notation verify error messages notation#771 (comment)

@Two-Hearts
Copy link
Contributor Author

Two-Hearts commented Sep 23, 2023
edited
Loading

Couple of observations:

  1. IMO we should't return verificationOutcomes for all the signatures we have evaluated; In endless data attack and system will crash with OOM error. Before adding adding more functionality based on verificationOutcomes, we should disuses how we want to mitigate the aforementioned issue.

@priteshbandi verificationOutcomes related logic is NOT changed in this PR. Sorry that I forgot to update this PR's description, but you could verify it in the code. All this PR doing is updating trust store error messages.
(btw, we have the maxSignatureAttempts. By default, this value is set to 100 from the notation CLI side. So endless attack is not a concern here.)

  1. There are some precondition errors such as ts/tp misconfiguration for which we should short circuit and not evaluate signatures. More discussion in fix: update notation verify error messages notation#771 (comment)

I have replied this one in: notaryproject/notation#771 (comment)

@Two-Hearts
Copy link
Contributor Author

Hi @priteshbandi, regarding your concern on returning errors for all the signatures, this won't bring in endless attack: https://github.com/notaryproject/notation-go/blob/main/notation.go#L361, because we use MaxSignatureAttempts to limit the maximum number of signatures processed by notation. The number of errors returned will always be smaller or equal to MaxSignatureAttempts. As a library, returning these errors is an enhancement to notation-go. The caller, such as Notation CLI, can decide whether to display these errors.
(It's backward compatible because we are NOT updating verificationOutcomes, instead we use the new Golang feature errors.Join to do it.)
/cc: @shizhMSFT

JeyJeyGao
JeyJeyGao previously approved these changes Oct 26, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

priteshbandi
priteshbandi reviewed Oct 26, 2023
View reviewed changes
verifier/truststore/errors.go Show resolved Hide resolved
verifier/truststore/truststore.go Outdated Show resolved Hide resolved
verifier/truststore/truststore.go Outdated Show resolved Hide resolved
verifier/truststore/truststore.go Outdated Show resolved Hide resolved
verifier/truststore/truststore.go Outdated Show resolved Hide resolved
verifier/truststore/truststore.go Outdated Show resolved Hide resolved
verifier/truststore/truststore.go Outdated Show resolved Hide resolved
@Two-Hearts
updated per code review
28b581b 
Signed-off-by: Patrick Zheng <[email protected]>
@Two-Hearts Two-Hearts dismissed stale reviews from JeyJeyGao and shizhMSFT via 28b581b October 26, 2023 06:04
shizhMSFT
shizhMSFT approved these changes Oct 26, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

JeyJeyGao
JeyJeyGao approved these changes Oct 26, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Two-Hearts Two-Hearts mentioned this pull request Oct 27, 2023
Merged
priteshbandi
priteshbandi approved these changes Oct 27, 2023
View reviewed changes
Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Two-Hearts Two-Hearts merged commit 765d02b into notaryproject:main Oct 28, 2023
12 checks passed
@Two-Hearts Two-Hearts deleted the errMsg branch October 28, 2023 00:57
@shizhMSFT shizhMSFT mentioned this pull request Oct 30, 2023
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@priteshbandi priteshbandi priteshbandi approved these changes

@shizhMSFT shizhMSFT shizhMSFT approved these changes

@JeyJeyGao JeyJeyGao JeyJeyGao approved these changes

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@justincormack justincormack Awaiting requested review from justincormack

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@SteveLasker SteveLasker Awaiting requested review from SteveLasker

@yizha1 yizha1 Awaiting requested review from yizha1 yizha1 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@Two-Hearts @codecov-commenter @priteshbandi @shizhMSFT @JeyJeyGao @yizha1