sigstore/dsse: reject DSSEs with >1 sig (#1062)

sigstore · Jul 11, 2024 · b9afa3f · b9afa3f
1 parent 79f5166
commit b9afa3f
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 10 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,12 @@ All versions prior to 0.9.0 are untracked.
 
 ## [Unreleased]
 
+### Changed
+
+* API: `verify_dsse` now rejects bundles with DSSE envelopes that have more than
+  one signature, rather than checking all signatures against the same key
+  ([#1062](https://github.com/sigstore/sigstore-python/pull/1062))
+
 ## [3.0.0]
 
 Maintainers' note: this is a major release, with significant public API and CLI

diff --git a/sigstore/dsse.py b/sigstore/dsse.py
@@ -266,16 +266,15 @@ def _verify(key: ec.EllipticCurvePublicKey, evp: Envelope) -> bytes:
 
     pae = _pae(evp._inner.payload_type, evp._inner.payload)
 
-    if not evp._inner.signatures:
-        raise VerificationError("DSSE: envelope contains no signatures")
+    nsigs = len(evp._inner.signatures)
+    if nsigs != 1:
+        raise VerificationError(f"DSSE: exactly 1 signature allowed, got {nsigs}")
 
-    # In practice checking more than one signature here is frivolous, since
-    # they're all being checked against the same key. But there's no
-    # particular harm in checking them all either.
-    for signature in evp._inner.signatures:
-        try:
-            key.verify(signature.sig, pae, ec.ECDSA(hashes.SHA256()))
-        except InvalidSignature:
-            raise VerificationError("DSSE: invalid signature")
+    signature = evp._inner.signatures[0].sig
+
+    try:
+        key.verify(signature, pae, ec.ECDSA(hashes.SHA256()))
+    except InvalidSignature:
+        raise VerificationError("DSSE: invalid signature")
 
     return evp._inner.payload