Support DSSE signing conformance test

[aaronlew02]

Closes #1164

Summary

This change updates the conformance testing CLI to support tests that sign a bundle with a DSSE envelope.

Release Note

• Updated the conformance wrapper to accept an --in-toto flag for the sign-bundle (sign) command, which will enable Rekor v2 in production and call KeylessSigner.attest(payload), where payload is the file provided by conformance

[loosebazooka]

I guess I didn't really follow how we added everything into conformance, I always thought all signers used the keywork attest instead of sign?

so should the cli look like?

  sigstore-cli attest --options <artifact>

[loosebazooka]

we already have --signing-config as an option, should the conformance test just inject the signing config in instead of us doing this?

[aaronlew02]

This seems relevant to sigstore/sigstore-conformance#279. Any thoughts, @jku?

[jku]

I 'm not 100% sure what happens here but this is what it looks like to me:

• conformance is currently trying to test rekor v1 dsse signing (we could test rekor2 with a custom signingconfig as @loosebazooka says but currently don't)
• sigstore-java does not support this combo (right?) so sneakily changes the signingconfig to use rekor v2 instead
• This happens to pass the test because rekor2 is already in the trusted root so the verification succeeds and the test doesn't happen to explicitly check the entry kind version

I do not think sigstore-java should change the test parameters like that, even if that means the test starts passing. It feels like gaming the test.

However, there is something we can do :

• we should be able to run test_sign_verify_dsse in staging as well as prod -- this should give sigstore-java different results in the two environments I think
• Deprecate "environment: staging" sigstore-conformance#279 is related in that I'd like this to eventually happen in a single test run...
• but I believe right now we can add @pytest.mark.staging marker to the test and it will be included in the staging test run without issues

[jku]

sigstore/sigstore-conformance#334 -- I think that's correct but you could test with that to check that you get expected results with it if you remove the signinconfig change here (succeeds on staging but fails on prod)

[aaronlew02]

I've tested locally using sigstore/sigstore-conformance#334 and removing the signing config, and can confirm that this succeeds in staging and fails in prod.

[aaronlew02]

I guess I didn't really follow how we added everything into conformance

The sign-bundle command has simply been given an --in-toto flag that asks the client to treat the artifact file input as an in-toto statement to be signed as an attestation.

I always thought all signers used the keywork attest instead of sign

For this test, Cosign will execute attest-blob, but despite having a CLI command attest, Python will manually call its sign_dsse API (similar to our KeylessSigner.attest()) to better target the desired functionality.

should the cli look like sigstore-cli attest --options <artifact>?

I'm not sure that adding a new command to our CLI is necessary, given that the conformance suite didn't, and our CLI exists primarily for conformance testing.

Adding a few lines to the Sign class seems simpler than adding a new, highly duplicative Attest class, especially since attest() is simply a method in KeylessSigner.