sigstore · jku · Apr 11, 2025 · Oct 14, 2025 · Jan 14, 2025 · Oct 15, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -46,12 +46,16 @@ jobs:
       - name: test (offline)
         if: matrix.conf.os == 'ubuntu-latest'
         run: |
+          # Look at me. I am the captain now.
+          sudo sysctl -w kernel.unprivileged_userns_clone=1
+          sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+
           # We use `unshare` to "un-share" the default networking namespace,
           # in effect running the tests as if the host is offline.
           # This in turn effectively exercises the correctness of our
           # "online-only" test markers, since any test that's online
           # but not marked as such will fail.
-          # We also explicitly exclude the intergration tests, since these are
+          # We also explicitly exclude the integration tests, since these are
           # always online.
           unshare --map-root-user --net make test T="test/unit" TEST_ARGS="--skip-online -vv --showlocals"
 

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,15 @@ All versions prior to 0.9.0 are untracked.
 
 ## [Unreleased]
 
+## [3.5.4]
+
+### Fixed
+
+* Do not fail hard if trust root contains unsupported keys
+  (Backport of [#1424](https://github.com/sigstore/sigstore-python/pull/1424))
+* Fix bug in rekor key lookup
+  (Backport of [#1350](https://github.com/sigstore/sigstore-python/pull/1350))
+
 ## [3.5.3]
 
 ### Fixed

diff --git a/sigstore/__init__.py b/sigstore/__init__.py
@@ -25,4 +25,4 @@
 * `sigstore.sign`: creation of Sigstore signatures
 """
 
-__version__ = "3.5.3"
+__version__ = "3.5.4"
diff --git a/sigstore/_internal/trust.py b/sigstore/_internal/trust.py
@@ -18,6 +18,7 @@
 
 from __future__ import annotations
 
+import logging
 from dataclasses import dataclass
 from datetime import datetime, timezone
 from enum import Enum
@@ -57,6 +58,8 @@
 )
 from sigstore.errors import Error, MetadataError, VerificationError
 
+_logger = logging.getLogger(__name__)
+
 
 def _is_timerange_valid(period: TimeRange | None, *, allow_expired: bool) -> bool:
     """
@@ -164,8 +167,11 @@ def __init__(self, public_keys: List[_PublicKey] = []):
         self._keyring: dict[KeyID, Key] = {}
 
         for public_key in public_keys:
-            key = Key(public_key)
-            self._keyring[key.key_id] = key
+            try:
+                key = Key(public_key)
+                self._keyring[key.key_id] = key
+            except VerificationError as e:
+                _logger.warning(f"Failed to load a trusted root key: {e}")
 
     def verify(self, *, key_id: KeyID, signature: bytes, data: bytes) -> None:
         """
@@ -333,8 +339,8 @@ def rekor_keyring(self, purpose: KeyringPurpose) -> RekorKeyring:
         """Return keyring with keys for Rekor."""
 
         keys: list[_PublicKey] = list(self._get_tlog_keys(self._inner.tlogs, purpose))
-        if len(keys) != 1:
-            raise MetadataError("Did not find one Rekor key in trusted root")
+        if len(keys) == 0:
+            raise MetadataError("Did not find any Rekor keys in trusted root")
         return RekorKeyring(Keyring(keys))
 
     def ct_keyring(self, purpose: KeyringPurpose) -> CTKeyring: