feat: add merkle tree test suite

.github/workflows/tests.yml

@@ -64,6 +64,15 @@ jobs:
       - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
+
+      # Checkout transparency-dev/merkle test vectors for Merkle tree validation
+      - name: Checkout transparency-dev/merkle test vectors
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          repository: transparency-dev/merkle
+          path: tests/data/merkle
+          persist-credentials: false
+
       - uses: dtolnay/rust-toolchain@351f82a4dc29e4159746a068ed925da17341219f # 1.89.0
       - uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
       - run: |
@@ -76,6 +85,15 @@ jobs:
       - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
+
+      # Checkout transparency-dev/merkle test vectors for Merkle tree validation
+      - name: Checkout transparency-dev/merkle test vectors
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          repository: transparency-dev/merkle
+          path: tests/data/merkle
+          persist-credentials: false
+
       - uses: dtolnay/rust-toolchain@351f82a4dc29e4159746a068ed925da17341219f # 1.89.0
       - uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
       - run: |

Cargo.toml

@@ -50,7 +50,7 @@ native-tls = [
 ]
 oauth = ["dep:openidconnect", "dep:reqwest"]
 registry = ["dep:async-trait", "dep:oci-client", "dep:serde_json_canonicalizer"]
-rekor = ["dep:reqwest"]
+rekor = ["dep:hex", "dep:reqwest", "dep:serde_json_canonicalizer"]
 rustls-tls = [
     "oci-client?/rustls-tls",
     "openidconnect?/rustls-tls",
@@ -217,6 +217,7 @@ clap = { version = "4.5", default-features = false, features = [
     "usage",
 ] }
 docker_credential = { version = "1.3", default-features = false }
+hex-literal = { version = "0.4", default-features = false }
 openssl = { version = "0.10", default-features = false }
 rstest = { version = "0.26", default-features = false }
 serial_test = { version = "3.1", default-features = false }
@@ -314,3 +315,11 @@ path = "examples/rekor/search_log_query/main.rs"
 [[example]]
 name = "fulcio_cert"
 path = "examples/fulcio/cert/main.rs"
+
+[[example]]
+name = "inclusion_proof"
+path = "examples/rekor/merkle_proofs/inclusion.rs"
+
+[[example]]
+name = "consistency_proof"
+path = "examples/rekor/merkle_proofs/consistency.rs"

examples/rekor/merkle_proofs/consistency.rs

@@ -0,0 +1,46 @@
+use clap::Parser;
+use sigstore::crypto::CosignVerificationKey;
+use sigstore::rekor::apis::configuration::Configuration;
+use sigstore::rekor::apis::tlog_api::{get_log_info, get_log_proof};
+use std::fs::read_to_string;
+use std::path::PathBuf;
+
+#[derive(Parser)]
+struct Args {
+    #[arg(long, value_name = "REKOR PUBLIC KEY")]
+    rekor_key: PathBuf,
+    #[arg(long, value_name = "HEX ENCODED HASH")]
+    old_root: String,
+    #[arg(long)]
+    old_size: u64,
+    #[arg(long, value_name = "TREE ID")]
+    tree_id: Option<String>,
+}
+
+#[tokio::main]
+async fn main() -> Result<(), Box<dyn std::error::Error>> {
+    let args = Args::parse();
+    let tree_id = args.tree_id.as_ref().map(|s| s.as_str());
+    // read verification key
+    let rekor_key = read_to_string(&args.rekor_key)
+        .map_err(Into::into)
+        .and_then(|k| CosignVerificationKey::from_pem(k.as_bytes(), &Default::default()))?;
+
+    // fetch log info
+    let rekor_config = Configuration::default();
+    let log_info = get_log_info(&rekor_config).await?;
+
+    let proof = get_log_proof(
+        &rekor_config,
+        log_info.tree_size as _,
+        Some(&args.old_size.to_string()),
+        tree_id,
+    )
+    .await?;
+
+    log_info
+        .verify_consistency(args.old_size, &args.old_root, &proof, &rekor_key)
+        .expect("failed to verify log consistency");
+    println!("Successfully verified consistency");
+    Ok(())
+}

examples/rekor/merkle_proofs/inclusion.rs

@@ -0,0 +1,35 @@
+use clap::Parser;
+use sigstore::crypto::CosignVerificationKey;
+use sigstore::rekor::apis::configuration::Configuration;
+use sigstore::rekor::apis::entries_api::get_log_entry_by_index;
+use std::fs::read_to_string;
+use std::path::PathBuf;
+
+#[derive(Parser)]
+struct Args {
+    #[arg(long, value_name = "INDEX")]
+    log_index: usize,
+    #[arg(long, value_name = "REKOR PUBLIC KEY")]
+    rekor_key: PathBuf,
+}
+
+#[tokio::main]
+async fn main() -> Result<(), Box<dyn std::error::Error>> {
+    let args = Args::parse();
+
+    // read verification key
+    let rekor_key = read_to_string(&args.rekor_key)
+        .map_err(Into::into)
+        .and_then(|k| CosignVerificationKey::from_pem(k.as_bytes(), &Default::default()))?;
+
+    // fetch entry from log
+    let rekor_config = Configuration::default();
+    let log_entry = get_log_entry_by_index(&rekor_config, args.log_index as i32).await?;
+
+    // verify inclusion with key
+    log_entry
+        .verify_inclusion(&rekor_key)
+        .expect("failed to verify log inclusion");
+    println!("Successfully verified inclusion.");
+    Ok(())
+}

src/bundle/models.rs

@@ -62,7 +62,7 @@ impl TryFrom<RekorInclusionProof> for InclusionProof {
             hashes,
             log_index: value.log_index,
             root_hash: decode_hex(value.root_hash)?,
-            tree_size: value.tree_size,
+            tree_size: value.tree_size as i64,
         })
     }
 }

src/crypto/merkle/mod.rs

@@ -0,0 +1,48 @@
+pub mod proof_verification;
+pub mod rfc6962;
+
+#[cfg(test)]
+mod testdata_tests;
+
+#[cfg(any(
+    feature = "verify",
+    feature = "sign",
+    feature = "sigstore-trust-root",
+    feature = "rekor"
+))]
+use crate::errors::SigstoreError;
+#[cfg(any(
+    feature = "verify",
+    feature = "sign",
+    feature = "sigstore-trust-root",
+    feature = "rekor"
+))]
+use crate::errors::SigstoreError::UnexpectedError;
+#[cfg(any(
+    feature = "verify",
+    feature = "sign",
+    feature = "sigstore-trust-root",
+    feature = "rekor"
+))]
+use digest::Output;
+pub use proof_verification::MerkleProofError;
+pub(crate) use proof_verification::MerkleProofVerifier;
+pub(crate) use rfc6962::{Rfc6269Default, Rfc6269HasherTrait};
+
+/// Many rekor models have hex-encoded hashes, this functions helps to avoid repetition.
+#[cfg(any(
+    feature = "verify",
+    feature = "sign",
+    feature = "sigstore-trust-root",
+    feature = "rekor"
+))]
+pub(crate) fn hex_to_hash_output(
+    h: impl AsRef<[u8]>,
+) -> Result<Output<Rfc6269Default>, SigstoreError> {
+    hex::decode(h)
+        .map_err(Into::into)
+        .and_then(|h| {
+            <[u8; 32]>::try_from(h.as_slice()).map_err(|err| UnexpectedError(format!("{err:?}")))
+        })
+        .map(Into::into)
+}