Skip to content

fix: update error message from notation-go #345

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
23 commits merged into from Oct 28, 2023
Merged

fix: update error message from notation-go #345

23 commits merged into from Oct 28, 2023

Conversation

@ghost
Copy link

@ghost ghost commented Aug 29, 2023
edited by ghost
Loading

This PR tends to solve the following issues from Notation CLI which requires a few changes in notation-go library:
#699, #700, #701.

This PR includes:
Updated verificationOutcomes in the return of notation.Verify to include verification failed reasons of each signature, so that Notation CLI could display them to the user without having to enable the -v or -d flag.

  1. Updated err returned from notation.Verify as a joined error. (based on code review, verificationOutcomes related logic is not changed in this PR.)
  2. The error message updates related to trust store, based on discussions from the issues mentioned above.

The updated error messages is displayed in the PR of Notation CLI: notaryproject/notation#771.

Patrick Zheng and others added 10 commits August 24, 2023 17:09
update
e80c2e9 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
initial commit
3589832 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
added signature manifest desc to verification outcomes
5200c6a 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
update
6d19202 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
test
c52d266 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
test
a19f693 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
fix
48e71bc 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
update
54c7646 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
@dependabot
build(deps): bump golang.org/x/crypto from 0.11.0 to 0.12.0 (#344)
5914b38
Merge branch 'notaryproject:main' into errMsg
7ff8f2b
@codecov-commenter
Copy link

codecov-commenter commented Aug 29, 2023
edited
Loading

Codecov Report

Merging #345 (e6af52d) into main (effa7cb) will decrease coverage by 0.32%.
The diff coverage is 43.47%.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

@@            Coverage Diff             @@
##             main     #345      +/-   ##
==========================================
- Coverage   74.68%   74.36%   -0.32%     
==========================================
  Files          23       24       +1     
  Lines        2228     2251      +23     
==========================================
+ Hits         1664     1674      +10     
- Misses        443      457      +14     
+ Partials      121      120       -1
Files Coverage Δ
dir/path.go 88.88% <ø> (ø)
notation.go 66.51% <100.00%> (+1.69%) ⬆️
verifier/verifier.go 81.53% <100.00%> (ø)
verifier/helpers.go 70.51% <50.00%> (ø)
verifier/truststore/truststore.go 52.45% <30.76%> (+0.79%) ⬆️
verifier/truststore/errors.go 20.00% <20.00%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

fixed license
fcd8ca6 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
@ghost ghost mentioned this pull request Aug 29, 2023
Closed
shizhMSFT
shizhMSFT reviewed Aug 29, 2023
View reviewed changes
updated per code review
06b9ea4 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
@ghost ghost requested a review from shizhMSFT August 30, 2023 05:14
JeyJeyGao
JeyJeyGao reviewed Aug 30, 2023
View reviewed changes
JeyJeyGao
JeyJeyGao previously approved these changes Aug 30, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

shizhMSFT
shizhMSFT reviewed Aug 31, 2023
View reviewed changes
updated per code review
f0b5b46 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
fixed join error
33af9c7 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Patrick Zheng and others added 3 commits September 18, 2023 13:26
updated per code review
628df5a 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
@JeyJeyGao
bump: update oras-go to v2.3.0 (#347)
8357f92 
- Update oras-go to v2.3.0.
- Replace oras.Pack() with oras.PackManifest() as it is deprecated in
v2.3.0.
- Generate an empty config blob manually, as oras.PackManifest() does
not generate the config blob with the notation artifact type as the
media type.

Resolves #346
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>

---------

Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
Merge branch 'notaryproject:main' into errMsg
a1e4faf
@ghost ghost requested a review from shizhMSFT September 18, 2023 06:03
shizhMSFT
shizhMSFT previously approved these changes Sep 18, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with suggestions

update
2606b29 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
shizhMSFT
shizhMSFT previously approved these changes Sep 18, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@priteshbandi
Copy link
Contributor

priteshbandi commented Sep 22, 2023
edited
Loading

Couple of observations:

  1. IMO we should't return verificationOutcomes for all the signatures we have evaluated; In endless data attack and system will crash with OOM error. Before adding adding more functionality based on verificationOutcomes, we should disuses how we want to mitigate the aforementioned issue.
  2. There are some precondition errors such as ts/tp misconfiguration for which we should short circuit and not evaluate signatures. More discussion in fix: update notation verify error messages notation#771 (comment)

@ghost
Copy link
Author

ghost commented Sep 23, 2023
edited by ghost
Loading

Couple of observations:

  1. IMO we should't return verificationOutcomes for all the signatures we have evaluated; In endless data attack and system will crash with OOM error. Before adding adding more functionality based on verificationOutcomes, we should disuses how we want to mitigate the aforementioned issue.

@priteshbandi verificationOutcomes related logic is NOT changed in this PR. Sorry that I forgot to update this PR's description, but you could verify it in the code. All this PR doing is updating trust store error messages.
(btw, we have the maxSignatureAttempts. By default, this value is set to 100 from the notation CLI side. So endless attack is not a concern here.)

  1. There are some precondition errors such as ts/tp misconfiguration for which we should short circuit and not evaluate signatures. More discussion in fix: update notation verify error messages notation#771 (comment)

I have replied this one in: notaryproject/notation#771 (comment)

@ghost
Copy link
Author

ghost commented Oct 13, 2023

Hi @priteshbandi, regarding your concern on returning errors for all the signatures, this won't bring in endless attack: https://github.com/notaryproject/notation-go/blob/main/notation.go#L361, because we use MaxSignatureAttempts to limit the maximum number of signatures processed by notation. The number of errors returned will always be smaller or equal to MaxSignatureAttempts. As a library, returning these errors is an enhancement to notation-go. The caller, such as Notation CLI, can decide whether to display these errors.
(It's backward compatible because we are NOT updating verificationOutcomes, instead we use the new Golang feature errors.Join to do it.)
/cc: @shizhMSFT

JeyJeyGao
JeyJeyGao previously approved these changes Oct 26, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

priteshbandi
priteshbandi reviewed Oct 26, 2023
View reviewed changes
updated per code review
28b581b 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
@ghost ghost dismissed stale reviews from JeyJeyGao and shizhMSFT via 28b581b October 26, 2023 06:04
@ghost ghost requested review from JeyJeyGao, priteshbandi, shizhMSFT and yizha1 October 26, 2023 06:09
shizhMSFT
shizhMSFT approved these changes Oct 26, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

JeyJeyGao
JeyJeyGao approved these changes Oct 26, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ghost ghost mentioned this pull request Oct 27, 2023
Merged
priteshbandi
priteshbandi approved these changes Oct 27, 2023
View reviewed changes
Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ghost ghost merged commit 765d02b into notaryproject:main Oct 28, 2023
@ghost ghost deleted the errMsg branch October 28, 2023 00:57
@shizhMSFT shizhMSFT mentioned this pull request Oct 30, 2023
Closed
6 tasks
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@justincormack justincormack Awaiting requested review from justincormack

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@SteveLasker SteveLasker Awaiting requested review from SteveLasker

@yizha1 yizha1 Awaiting requested review from yizha1 yizha1 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@codecov-commenter @priteshbandi @shizhMSFT @JeyJeyGao @yizha1