cmd/cosign: add --signing-algorithm flag

Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>

Author: ret2libc

cmd/cosign/cli/options/key.go

@@ -65,4 +65,8 @@ type KeyOpts struct {
 	// By default, Ed25519ph is used for ed25519 keys and RSA-PKCS1v15 is used
 	// for RSA keys.
 	DefaultLoadOptions *[]signature.LoadOption
+
+	// SigningAlgorithm is the AlgorithmDetails string representation used to
+	// sign/hash the payload.
+	SigningAlgorithm string
 }

cmd/cosign/cli/options/signblob.go

@@ -16,6 +16,12 @@
 package options
 
 import (
+	"fmt"
+	"strings"
+
+	"github.com/sigstore/cosign/v2/pkg/cosign"
+	v1 "github.com/sigstore/protobuf-specs/gen/pb-go/common/v1"
+	"github.com/sigstore/sigstore/pkg/signature"
 	"github.com/spf13/cobra"
 )
 
@@ -43,6 +49,7 @@ type SignBlobOptions struct {
 	TSAServerURL         string
 	RFC3161TimestampPath string
 	IssueCertificate     bool
+	SigningAlgorithm     string
 }
 
 var _ Interface = (*SignBlobOptions)(nil)
@@ -113,4 +120,9 @@ func (o *SignBlobOptions) AddFlags(cmd *cobra.Command) {
 
 	cmd.Flags().BoolVar(&o.IssueCertificate, "issue-certificate", false,
 		"issue a code signing certificate from Fulcio, even if a key is provided")
+
+	keyAlgorithmTypes := cosign.GetSupportedAlgorithms()
+	keyAlgorithmHelp := fmt.Sprintf("signing algorithm to use for signing/hashing (allowed %s)", strings.Join(keyAlgorithmTypes, ", "))
+	defaultKeyFlag, _ := signature.FormatSignatureAlgorithmFlag(v1.PublicKeyDetails_PKIX_ECDSA_P256_SHA_256)
+	cmd.Flags().StringVar(&o.SigningAlgorithm, "signing-algorithm", defaultKeyFlag, keyAlgorithmHelp)
 }

cmd/cosign/cli/sign/sign.go

@@ -18,7 +18,6 @@ package sign
 import (
 	"bytes"
 	"context"
-	"crypto"
 	"crypto/x509"
 	"encoding/base64"
 	"encoding/json"
@@ -521,12 +520,26 @@ func signerFromKeyRef(ctx context.Context, certPath, certChainPath, keyRef strin
 	return certSigner, nil
 }
 
-func signerFromNewKey() (*SignerVerifier, error) {
-	privKey, err := cosign.GeneratePrivateKey()
+func signerFromNewKey(signingAlgorithm string, defaultLoadOptions *[]signature.LoadOption) (*SignerVerifier, error) {
+	keyDetails, err := signature.ParseSignatureAlgorithmFlag(signingAlgorithm)
+	if err != nil {
+		return nil, fmt.Errorf("parsing signature algorithm: %w", err)
+	}
+	algo, err := signature.GetAlgorithmDetails(keyDetails)
+	if err != nil {
+		return nil, fmt.Errorf("getting algorithm details: %w", err)
+	}
+
+	privKey, err := cosign.GeneratePrivateKeyWithAlgorithm(&algo)
 	if err != nil {
 		return nil, fmt.Errorf("generating cert: %w", err)
 	}
-	sv, err := signature.LoadECDSASignerVerifier(privKey, crypto.SHA256)
+
+	if defaultLoadOptions == nil {
+		// Cosign uses ED25519ph by default for ED25519 keys
+		defaultLoadOptions = &[]signature.LoadOption{signatureoptions.WithED25519ph()}
+	}
+	sv, err := signature.LoadSignerVerifierFromAlgorithmDetails(privKey, algo, *defaultLoadOptions...)
 	if err != nil {
 		return nil, err
 	}
@@ -598,7 +611,7 @@ func SignerFromKeyOpts(ctx context.Context, certPath string, certChainPath strin
 	default:
 		genKey = true
 		ui.Infof(ctx, "Generating ephemeral keys...")
-		sv, err = signerFromNewKey()
+		sv, err = signerFromNewKey(ko.SigningAlgorithm, ko.DefaultLoadOptions)
 	}
 	if err != nil {
 		return nil, err

cmd/cosign/cli/signblob.go

@@ -93,6 +93,7 @@ func SignBlob() *cobra.Command {
 				TSAServerURL:                   o.TSAServerURL,
 				RFC3161TimestampPath:           o.RFC3161TimestampPath,
 				IssueCertificateForExistingKey: o.IssueCertificate,
+				SigningAlgorithm:               o.SigningAlgorithm,
 			}
 
 			for _, blob := range args {

pkg/cosign/keys.go

@@ -28,6 +28,7 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"sort"
 
 	"github.com/secure-systems-lab/go-securesystemslib/encrypted"
 	"github.com/sigstore/cosign/v2/pkg/oci/static"
@@ -50,6 +51,16 @@ const (
 	RFC3161TimestampKey = static.RFC3161TimestampAnnotationKey
 )
 
+var SupportedKeyDetails = []v1.PublicKeyDetails{
+	v1.PublicKeyDetails_PKIX_ECDSA_P256_SHA_256,
+	v1.PublicKeyDetails_PKIX_ECDSA_P384_SHA_384,
+	v1.PublicKeyDetails_PKIX_ECDSA_P521_SHA_512,
+	v1.PublicKeyDetails_PKIX_RSA_PKCS1V15_2048_SHA256,
+	v1.PublicKeyDetails_PKIX_RSA_PKCS1V15_3072_SHA256,
+	v1.PublicKeyDetails_PKIX_RSA_PKCS1V15_4096_SHA256,
+	v1.PublicKeyDetails_PKIX_ED25519_PH,
+}
+
 // PassFunc is the function to be called to retrieve the signer password. If
 // nil, then it assumes that no password is provided.
 type PassFunc func(bool) ([]byte, error)
@@ -292,3 +303,17 @@ func LoadPrivateKey(key []byte, pass []byte, defaultLoadOptions *[]signature.Loa
 	}
 	return signature.LoadDefaultSignerVerifier(pk, *defaultLoadOptions...)
 }
+
+// GetSupportedAlgorithms returns a list of supported algorithms sorted alphabetically.
+func GetSupportedAlgorithms() []string {
+	algorithms := make([]string, 0, len(SupportedKeyDetails))
+	for _, algorithm := range SupportedKeyDetails {
+		signatureFlag, err := signature.FormatSignatureAlgorithmFlag(algorithm)
+		if err != nil {
+			continue
+		}
+		algorithms = append(algorithms, signatureFlag)
+	}
+	sort.Strings(algorithms)
+	return algorithms
+}