Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Crypto Agility of ORAS #898

Open
shizhMSFT opened this issue Feb 20, 2025 · 1 comment
Open

Crypto Agility of ORAS #898

shizhMSFT opened this issue Feb 20, 2025 · 1 comment
Assignees
@sajayantony @Wwwsylvia @shizhMSFT @FeynmanZhou
Labels
enhancement New feature or request v2 Things belongs to version 2.x v3 Things belongs to version 3.x
Milestone
future

Comments

@shizhMSFT
Copy link
Contributor

shizhMSFT commented Feb 20, 2025
edited
Loading

Cryptography forms the foundation of security in the cloud-native world. Specifically, hash algorithms are essential in both oras-go and oras for ensuring the integrity of artifacts.

As oras-go v2.5.0 and the upcoming v2.6.0, the hash functionality is provided by the package github.com/opencontainers/go-digest v1.0.0. Precisely, it allows the following algorithms.

  • SHA-256 (default)
  • SHA-384
  • SHA-512

It is worth noting that all above SHA-2 algorithms are FIPS 140-2 approved algorithms.

Furthermore, it is required to import those algorithms by

import (
    _ "crypto/sha256"
    _ "crypto/sha384"
    _ "crypto/sha512"
)

so that their implementations are loaded and are available to oras-go. If a given algorithm does not exist in the above list or its implementation is not available, oras-go simply panics, which we should fix.

Naturally, oras-go has the crypto agility as the same as the go-digest package. In the master branch of the go-digest package, it provides a RegisterAlgorithm() method so that the package can take any algorithms. The go-digest package also includes the blake3 algorithm (see also opencontainers/image-spec#819).

However, some utility methods of oras-go like oras.PackManifest() always use the default algorithm and does not provide an algorithm option there (we should have). Since there are more algorithms registered, we should only allow a small set of hash algorithms for oras-go. For example, blake3 is not FIPS-approved and cannot be used in the FIPS environments although it may be registered in the go-digest package. In the future, sha256 may also be deprecated, and at that time, we may restrict the oras-go to use sha512 only.

Related issues:
@shizhMSFT shizhMSFT added enhancement New feature or request v2 Things belongs to version 2.x v3 Things belongs to version 3.x labels Feb 20, 2025
@shizhMSFT shizhMSFT added this to the future milestone Feb 20, 2025
@Wwwsylvia
Copy link
Member

We need to scan the oras-go code base to identify and fix any instances where an unregistered algorithm could cause a panic.

I just found an instance:

oras-go/content/reader.go

Lines 100 to 111 in d92df9d

// NewVerifyReader wraps r for reading content with verification against desc.
func NewVerifyReader(r io.Reader, desc ocispec.Descriptor) *VerifyReader {
verifier := desc.Digest.Verifier()
lr := &io.LimitedReader{
R: io.TeeReader(r, verifier),
N: desc.Size,
}
return &VerifyReader{
base: lr,
verifier: verifier,
}
}

In this function, if the algorithm used in the digest is unregistered, line 102 will panic.

I also tested OCIStore.Fetch(), Repository.Fetch(), and Repository.FetchReference(). I observed that if there is an unsupported digest type is returned in the "Docker-Content-Digest" header, oras-go will return an error instead of panicking.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@sajayantony sajayantony

@Wwwsylvia Wwwsylvia

@shizhMSFT shizhMSFT

@FeynmanZhou FeynmanZhou

Labels
enhancement New feature or request v2 Things belongs to version 2.x v3 Things belongs to version 3.x
Projects
None yet
Milestone
future
Development

No branches or pull requests
4 participants
@sajayantony @Wwwsylvia @shizhMSFT @FeynmanZhou