Description of problem:

When following the Tekton Chains tutorial from  [1] , using Tekton storage:

chain:
    artifacts.oci.storage: ""
    artifacts.taskrun.format: in-toto
    artifacts.taskrun.storage: tekton
 

The signatures are not populated on the taskrun and just the annotation `chains.tekton.dev/signed: 'true'` gets added.

Also below error is observed from tekton-chains-controller pod logs:

{"level":"warn","ts":"2023-11-19T17:39:43.327Z","logger":"watcher","caller":"chains/signing.go:66","msg":"error configuring x509 signer: decrypt: encrypted: unexpected kdf parameters","commit":"6f5758f","knative.dev/controller":"github.com.tektoncd.chains.pkg.reconciler.taskrun.Reconciler","knative.dev/kind":"tekton.dev.TaskRun","knative.dev/traceid":"25465f40-800e-436d-8568-355be92c4788","knative.dev/key":"test-chains/build-push-run-output-image-test"}
 

Prerequisites (if any, like setup, operators/versions):

Steps to Reproduce

 [1]https://docs.openshift.com/pipelines/1.12/secure/using-tekton-chains-for-openshift-pipelines-supply-chain-security.html#creating-and-verifying-task-run-signatures-without-any-additional-authentication_using-tekton-chains-for-openshift-pipelines-supply-chain-security

Actual results:

Signatures are not populated on the taskrun

Expected results:

Reproducibility (Always/Intermittent/Only Once):

Always

Acceptance criteria: 

Definition of Done:

Build Details:

Additional info (Such as Logs, Screenshots, etc):

 *