Support generating and verifying with "Sigstore" bundles

[woodruffw]

There are currently (at least) 3 different things called "bundles" in the Sigstore ecosystem:

• "cosign bundles", which cosign --bundle emits. These contain a Rekor entry, plus checksum, certificate, and signature needed to perform a normal verification step.
• "Rekor offline bundles", which contain just the Rekor entry and its SET. These need to be combined with separate inputs to perform a normal verification step.
• "sigstore bundles", which are currently being designed (Sigstore bundle cosign#2204). These will deprecate "cosign bundles" and perform the same function.

Once the "Sigstore bundle" format is stabilized, sigstore-python should both consume and emit it (by default, rather than emitting/loading separate files for each component).

This is a counterpart to #52 and #194, and will obviate/deprecate the work in #247 once finished.

Subtasks:

• Generate Sigstore-style bundles while signing with sigstore sign (Initial Sigstore bundle support #465)
• Verify using Sigstore-style bundles with the sigstore verify subcommands (Support verifying Sigstore bundles #478)

[di]

Marking this blocked on sigstore/cosign#2131

[woodruffw]

The sigstore bundle spec is being developed in sigstore/protobuf-specs; tracking sigstore/protobuf-specs#6

[jku]

nothing against protobufs as such but it'll likely be yet another dependency just to read a single config file :(

[woodruffw]

nothing against protobufs as such but it'll likely be yet another dependency just to read a single config file :(

Yeah, this isn't ideal (but also not the end of the world). My plan here was to look into generating a separate Python package from the protobuf specs, something like sigstore-protos or sigstore-models, so that we can avoid a direct protobuf dependency.

[di]

Or we could have the repo that defines the specs generate/publish the protos package as well.

[woodruffw]

Bumping this to post-stable, since the Sigstore bundle format itself isn't fully stabilized.

[woodruffw]

Unblocking because a 0.1 release of the bundle format is now available; we should begin evaluating against it.

[tetsuo-cpp]

I'm going to prepare a PR for verifying bundles.

[woodruffw]

Done as of #478!

[edgarrmondragon]

Not a big deal, but should the subtask

• Verify using Sigstore-style bundles with the sigstore verify subcommands

in the issue description be checked and linked to #478?

[woodruffw]

Yes, thanks @edgarrmondragon!