Notice: While JavaScript is not essential for this website, your interaction with the content will be limited. Please turn JavaScript on for the full experience.

Sigstore Information

Background

Starting with the Python 3.11.0, Python 3.10.7, Python 3.9.14, Python 3.8.14, and Python 3.7.14 releases, CPython release artifacts are additionally signed with Sigstore (in addition to existing GPG signatures).

This page provides guidance on verifying Sigstore signatures as a CPython consumer, and outlines some motivation for using these additional signatures.

Sigstore verification of CPython Releases

Introduction to Sigstore

Sigstore is a new standard for signing, verifying and protecting software. The Sigstore project is a set of tools and services:

At a high level, Sigstore uses a certificate authority to tie OpenID Connect (OIDC) identities to ephemeral keys, and uses a transparency log to publish the results of signing events. This eliminates the need for signers to manage private keys. It also allows users to verify signatures based on characteristics of the OIDC identities, such as an email address.

More detail about the signing process and the interplay of these tools and services is provided in the Sigstore docs. Additionally, a security model for Sigstore can be found here.

Verifying CPython release artifacts with Sigstore

Verification requires the presence of two files: the release artifact in question and bundled "verification materials" which typically has a file extension of .sigstore. For example, for the Python 3.11.0 source release, you would download the following files:

$ wget https://www.python.org/ftp/python/3.11.0/Python-3.11.0.tgz
$ wget https://www.python.org/ftp/python/3.11.0/Python-3.11.0.tgz.sigstore

These verification materials should exist for all release artifacts, and are listed on the downloads page along with their corresponding artifacts.

Verification additionally requires prior knowledge of the identity of the signer. For CPython releases, these are the email addresses of the release manager for the given release. The release managers for current and upcoming releases are as follows:

Release PEP Release manager OIDC Issuer
3.7 PEP 537 nad@python.org https://github.com/login/oauth
3.8 PEP 569 lukasz@langa.pl https://github.com/login/oauth
3.9 PEP 596 lukasz@langa.pl https://github.com/login/oauth
3.10 PEP 619 pablogsal@python.org https://accounts.google.com
3.11 PEP 664 pablogsal@python.org https://accounts.google.com
3.12 PEP 693 thomas@python.org https://accounts.google.com
3.13 PEP 719 thomas@python.org https://accounts.google.com

Finally, verification requires a Sigstore client. Using https://pypi.org/p/sigstore/ is recommended:

To install with additional install-time assurances including hash-checking and version pinning, you can run the following to install from a fully specified requirements file:

$ python -m pip install -r https://raw.githubusercontent.com/sigstore/sigstore-python/main/install/requirements.txt

Alternatively, to install as usual without these assurances:

$ python -m pip install sigstore

Finally, in the directory where you downloaded the release artifact and verification materials, you can run the following:

$ python -m sigstore verify identity \
  --bundle Python-3.11.0.tgz.sigstore \
  --cert-identity pablogsal@python.org \
  --cert-oidc-issuer https://accounts.google.com \
  Python-3.11.0.tgz

Running this command should result in the output OK: Python-3.11.0.tgz, which indicates that the signature is valid.

(Note that in addition to verifying the signature and certificate, this command performs an online verification that there is a corresponding entry in the signature transparency log as well. Offline verification is not yet supported)

Any issues with this guide can be reported to https://github.com/sigstore/sigstore-python/issues