Sign and verify precompiled modules

## Description

By implementing #1108, a shared cache will be introduced, accessible to all PolicyServer replicas, for storing precompiled modules..

Loading precompiled binary blobs from a shared cache introduces potential security risks. An attacker could replace a valid binary blob with one that runs arbitrary malicious code.

To mitigate this risk, we will use [sigstore](https://github.com/sigstore)'s signing capabilities to sign and verify all binary blobs. By leveraging Kubewarden's internal certificate authority (CA), we can generate a certificate and private key for the leader to sign blobs, ensuring that only trusted and verified blobs are used.

## References

- https://github.com/kubewarden/rfc/blob/main/rfc/0022-policy-lifecycle.md#shared-policy-cache

## Acceptance criteria
- [ ] Use Kubewarden's internal CA to generate a certificates and a private key to use with sigstore
- [ ] Leader: Sign precompiled WASM modules using sigstore's signing capabilities
- [ ] Replicas: verify sigstore signatures before loading modules
- [ ] Add appropriate logging for security-related events






Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Sign and verify precompiled modules #1109

Description

References

Acceptance criteria

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Sign and verify precompiled modules #1109

Description

Description

References

Acceptance criteria

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions