stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
Files
25254e3831dbc3e9625f23a0ba43296101b4a821
git.stella-ops.org/docs/product-advisories/29-Nov-2025 - SBOM to VEX Proof Pipeline Blueprint.md
StellaOps Bot 25254e3831 news advisories
2025-11-30 21:00:38 +02:00

6.3 KiB
Raw Blame History

Heres a compact, diagram-first blueprint that shows how to turn a CycloneDX SBOM into signed, replay-safe proofs across DSSE/in-toto, Rekor v2 (tile-backed) receipts, and VEX—plus how to run this with the public instance or fully offline.

1) Mental model (one line per hop)

[SBOM: CycloneDX JSON]
   └─(wrap as DSSE payload; predicate = CycloneDX)
        └─(optional: in-toto statement for context)
             └─(sign → cosign/fulcio or your own CA)
                  └─(log entry → Rekor v2 / tiles)
                       └─(checkpoint + inclusion proof + receipt)
                            └─(VEX attestation references SBOM/log)
                                 └─(Authority anchors/keys + policies)
  • CycloneDX SBOM is your canonical inventory. (cyclonedx.org)
  • DSSE provides a minimal, standard signing envelope; in-toto statements add supply-chain context. (JFrog)
  • Rekor v2 stores a hash of your attestation in a tile-backed transparency log and returns checkpoint + inclusion proof (small, verifiable). (Sigstore Blog)
  • VEX conveys exploitability (e.g., “not affected”) and should reference the SBOM and, ideally, the Rekor receipt. (cyclonedx.org)

2) Exact capture points (what to store)

  • SBOM artifact: sbom.cdx.json (canonicalized bytes + SHA256). (cyclonedx.org)

  • DSSE envelope over SBOM (or in-toto statement whose predicate is CycloneDX): keep the full JSON + signature. (JFrog)

  • Rekor v2 receipt:

    • Checkpoint (signed tree head)
    • Inclusion proof (audit path)
    • Entry leaf hash / UUID Persist these with your build to enable offline verification. (Sigstore Blog)

  • VEX attestation (CycloneDX VEX): include references (by digest/URI) to the SBOM and the Rekor entry/receipt used for the SBOM attestation. (cyclonedx.org)

  • Authority anchors: publish the verifying keys (or TUF-root if using Sigstore public good), plus your policy describing accepted issuers and algorithms. (Sigstore)

3) Field-level linkage (IDs youll wire together)

  • subject.digest in DSSE/in-toto ↔ SBOM SHA256. (OpenSSF)
  • Rekor entryDSSE envelope digest (leaf/UUID recorded in receipt). (GitHub)
  • VEX affects / analysis entries ↔ components in SBOM (use purl/coordinates) and include evidence/justification with Rekor proof URI. (cyclonedx.org)

4) Verification flow (online or air-gapped)

Online (public good):

  1. Verify DSSE signature against accepted keys/issuers. (Sigstore)
  2. Verify Rekor checkpoint signature and inclusion proof for the logged DSSE digest. (Go Packages)
  3. Validate VEX against the same SBOM digest (and optionally that its own attestation is also logged). (cyclonedx.org)

Air-gapped / sovereign:

  • Mirror/export Rekor tiles + checkpoints on a courier medium; keep receipts small by shipping only tiles covering the ranges you need.
  • Run self-hosted Rekor v2 or a local tile cache; verifiers check checkpoint signatures and consistency proofs exactly the same way. (Sigstore Blog)

5) Public instance vs self-hosted (decision notes)

  • Public: zero-ops, audited community infra; you still archive receipts with your releases. (Sigstore)
  • Self-hosted Rekor v2 (tiles): cheaper/simpler than v1, tile export makes offline kits practical; publish your root keys as organization anchors. (Sigstore Blog)

6) Minimal CLI recipe (illustrative)

  • Generate SBOM → wrap → attest → log → emit receipt:

    • Create CycloneDX JSON; compute digest. (cyclonedx.org)
    • Create DSSE or in-toto attestation for the SBOM; sign (cosign or your CA). (JFrog)
    • Submit to Rekor v2; store checkpoint + inclusion proof + UUID with the build. (Sigstore Blog)
    • Emit VEX referencing the SBOM digest and the Rekor entry (URI/UUID). (cyclonedx.org)

7) Developer guardrails (to keep proofs replay-safe)

  • Canonical bytes only (stable JSON ordering/whitespace) before hashing/signing. (JFrog)
  • Pin algorithms (e.g., SHA-256 + key types) in policy; reject drift. (Sigstore)
  • Always persist: SBOM, DSSE envelope, Rekor receipt, VEX, and your accepted-keys manifest with version. (Sigstore Blog)
  • Test offline: verification must pass using only tiles + receipts you ship. (Go Packages)

8) Optional niceties

  • Gate deployments on “image must have signed SBOM (attestation)”. Sigstore Policy Controller example exists. (Stackable Documentation)
  • Track CVE status via CycloneDX VEX in your UI (“affected/not affected” with evidence links to Rekor). (cyclonedx.org)

If you want, I can turn this into a Stella Ops diagram + drop-in docs/blueprints/sbom-to-vex-rekor.md with exact JSON stubs for: DSSE envelope, in-toto statement, Rekor receipt example, and a CycloneDX VEX snippet wired to the receipt.