diff options
-rw-r--r-- | apidoc/ostree-sections.txt | 3 | ||||
-rw-r--r-- | src/libostree/libostree-devel.sym | 3 | ||||
-rw-r--r-- | src/libostree/ostree-repo-pull.c | 2 | ||||
-rw-r--r-- | src/libostree/ostree-sign-dummy.c | 12 | ||||
-rw-r--r-- | src/libostree/ostree-sign-dummy.h | 12 | ||||
-rw-r--r-- | src/libostree/ostree-sign-ed25519.c | 54 | ||||
-rw-r--r-- | src/libostree/ostree-sign-ed25519.h | 10 | ||||
-rw-r--r-- | src/libostree/ostree-sign.c | 41 | ||||
-rw-r--r-- | src/libostree/ostree-sign.h | 29 |
9 files changed, 75 insertions, 91 deletions
diff --git a/apidoc/ostree-sections.txt b/apidoc/ostree-sections.txt index 1ea6e548..440338c2 100644 --- a/apidoc/ostree-sections.txt +++ b/apidoc/ostree-sections.txt @@ -715,10 +715,9 @@ ostree_sign_list_names ostree_sign_commit ostree_sign_commit_verify ostree_sign_data +ostree_sign_data_verify ostree_sign_get_by_name ostree_sign_get_name -ostree_sign_detached_metadata_append -ostree_sign_metadata_verify ostree_sign_add_pk ostree_sign_load_pk ostree_sign_set_pk diff --git a/src/libostree/libostree-devel.sym b/src/libostree/libostree-devel.sym index 93f904b1..3ca8f2c6 100644 --- a/src/libostree/libostree-devel.sym +++ b/src/libostree/libostree-devel.sym @@ -27,10 +27,9 @@ global: ostree_sign_commit; ostree_sign_commit_verify; ostree_sign_data; + ostree_sign_data_verify; ostree_sign_get_by_name; ostree_sign_get_name; - ostree_sign_detached_metadata_append; - ostree_sign_metadata_verify; ostree_sign_load_pk; ostree_sign_set_pk; ostree_sign_add_pk; diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c index b87f6c90..1a4e64da 100644 --- a/src/libostree/ostree-repo-pull.c +++ b/src/libostree/ostree-repo-pull.c @@ -1586,7 +1586,7 @@ ostree_verify_unwritten_commit (OtPullData *pull_data, } /* Set return to true if any sign fit */ - if (ostree_sign_metadata_verify (sign, + if (ostree_sign_data_verify (sign, signed_data, signatures, &local_error diff --git a/src/libostree/ostree-sign-dummy.c b/src/libostree/ostree-sign-dummy.c index fb5a4f9e..e2d1fe56 100644 --- a/src/libostree/ostree-sign-dummy.c +++ b/src/libostree/ostree-sign-dummy.c @@ -54,13 +54,13 @@ ostree_sign_dummy_iface_init (OstreeSignInterface *self) { g_debug ("%s enter", __FUNCTION__); - self->data = ostree_sign_dummy_data; self->get_name = ostree_sign_dummy_get_name; + self->data = ostree_sign_dummy_data; + self->data_verify = ostree_sign_dummy_data_verify; self->metadata_key = ostree_sign_dummy_metadata_key; self->metadata_format = ostree_sign_dummy_metadata_format; - self->metadata_verify = ostree_sign_dummy_metadata_verify; - self->set_sk = ostree_sign_dummy_set_signature; - self->set_pk = ostree_sign_dummy_set_signature; + self->set_sk = ostree_sign_dummy_set_key; + self->set_pk = ostree_sign_dummy_set_key; } static void @@ -77,7 +77,7 @@ ostree_sign_dummy_init (OstreeSignDummy *self) self->signature_ascii = g_strdup(OSTREE_SIGN_DUMMY_SIGNATURE); } -gboolean ostree_sign_dummy_set_signature (OstreeSign *self, GVariant *key, GError **error) +gboolean ostree_sign_dummy_set_key (OstreeSign *self, GVariant *key, GError **error) { g_debug ("%s enter", __FUNCTION__); @@ -130,7 +130,7 @@ const gchar * ostree_sign_dummy_metadata_format (OstreeSign *self) return OSTREE_SIGN_METADATA_DUMMY_TYPE; } -gboolean ostree_sign_dummy_metadata_verify (OstreeSign *self, +gboolean ostree_sign_dummy_data_verify (OstreeSign *self, GBytes *data, GVariant *signatures, GError **error) diff --git a/src/libostree/ostree-sign-dummy.h b/src/libostree/ostree-sign-dummy.h index 847a7313..a0d10e1d 100644 --- a/src/libostree/ostree-sign-dummy.h +++ b/src/libostree/ostree-sign-dummy.h @@ -47,15 +47,15 @@ gboolean ostree_sign_dummy_data (OstreeSign *self, GCancellable *cancellable, GError **error); +gboolean ostree_sign_dummy_data_verify (OstreeSign *self, + GBytes *data, + GVariant *signatures, + GError **error); + const gchar * ostree_sign_dummy_metadata_key (OstreeSign *self); const gchar * ostree_sign_dummy_metadata_format (OstreeSign *self); -gboolean ostree_sign_dummy_metadata_verify (OstreeSign *self, - GBytes *data, - GVariant *signatures, - GError **error); - -gboolean ostree_sign_dummy_set_signature (OstreeSign *self, GVariant *key, GError **error); +gboolean ostree_sign_dummy_set_key (OstreeSign *self, GVariant *key, GError **error); G_END_DECLS diff --git a/src/libostree/ostree-sign-ed25519.c b/src/libostree/ostree-sign-ed25519.c index 1fb6ae05..2bf10cf1 100644 --- a/src/libostree/ostree-sign-ed25519.c +++ b/src/libostree/ostree-sign-ed25519.c @@ -58,10 +58,10 @@ ostree_sign_ed25519_iface_init (OstreeSignInterface *self) g_debug ("%s enter", __FUNCTION__); self->data = ostree_sign_ed25519_data; + self->data_verify = ostree_sign_ed25519_data_verify; self->get_name = ostree_sign_ed25519_get_name; self->metadata_key = ostree_sign_ed25519_metadata_key; self->metadata_format = ostree_sign_ed25519_metadata_format; - self->metadata_verify = ostree_sign_ed25519_metadata_verify; self->set_sk = ostree_sign_ed25519_set_sk; self->set_pk = ostree_sign_ed25519_set_pk; self->add_pk = ostree_sign_ed25519_add_pk; @@ -138,32 +138,10 @@ err: return FALSE; } -const gchar * ostree_sign_ed25519_get_name (OstreeSign *self) -{ - g_debug ("%s enter", __FUNCTION__); - g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE); - - return OSTREE_SIGN_ED25519_NAME; -} - -const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self) -{ - g_debug ("%s enter", __FUNCTION__); - - return OSTREE_SIGN_METADATA_ED25519_KEY; -} - -const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self) -{ - g_debug ("%s enter", __FUNCTION__); - - return OSTREE_SIGN_METADATA_ED25519_TYPE; -} - -gboolean ostree_sign_ed25519_metadata_verify (OstreeSign *self, - GBytes *data, - GVariant *signatures, - GError **error) +gboolean ostree_sign_ed25519_data_verify (OstreeSign *self, + GBytes *data, + GVariant *signatures, + GError **error) { g_debug ("%s enter", __FUNCTION__); g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE); @@ -253,6 +231,28 @@ out: return ret; } +const gchar * ostree_sign_ed25519_get_name (OstreeSign *self) +{ + g_debug ("%s enter", __FUNCTION__); + g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE); + + return OSTREE_SIGN_ED25519_NAME; +} + +const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self) +{ + g_debug ("%s enter", __FUNCTION__); + + return OSTREE_SIGN_METADATA_ED25519_KEY; +} + +const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self) +{ + g_debug ("%s enter", __FUNCTION__); + + return OSTREE_SIGN_METADATA_ED25519_TYPE; +} + gboolean ostree_sign_ed25519_set_sk (OstreeSign *self, GVariant *secret_key, GError **error) diff --git a/src/libostree/ostree-sign-ed25519.h b/src/libostree/ostree-sign-ed25519.h index 16da4828..4519961d 100644 --- a/src/libostree/ostree-sign-ed25519.h +++ b/src/libostree/ostree-sign-ed25519.h @@ -46,15 +46,15 @@ gboolean ostree_sign_ed25519_data (OstreeSign *self, GCancellable *cancellable, GError **error); +gboolean ostree_sign_ed25519_data_verify (OstreeSign *self, + GBytes *data, + GVariant *signatures, + GError **error); + const gchar * ostree_sign_ed25519_get_name (OstreeSign *self); const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self); const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self); -gboolean ostree_sign_ed25519_metadata_verify (OstreeSign *self, - GBytes *data, - GVariant *signatures, - GError **error); - gboolean ostree_sign_ed25519_set_sk (OstreeSign *self, GVariant *secret_key, GError **error); diff --git a/src/libostree/ostree-sign.c b/src/libostree/ostree-sign.c index 6e67acaa..b1975215 100644 --- a/src/libostree/ostree-sign.c +++ b/src/libostree/ostree-sign.c @@ -153,13 +153,26 @@ gboolean ostree_sign_data (OstreeSign *self, return OSTREE_SIGN_GET_IFACE (self)->data (self, data, signature, cancellable, error); } +gboolean +ostree_sign_data_verify (OstreeSign *self, + GBytes *data, + GVariant *signatures, + GError **error) +{ + g_debug ("%s enter", __FUNCTION__); + g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE); + g_return_val_if_fail (OSTREE_SIGN_GET_IFACE (self)->data_verify != NULL, FALSE); + + return OSTREE_SIGN_GET_IFACE (self)->data_verify(self, data, signatures, error); +} + /* * Adopted version of _ostree_detached_metadata_append_gpg_sig () */ -GVariant * -ostree_sign_detached_metadata_append (OstreeSign *self, - GVariant *existing_metadata, - GBytes *signature_bytes) +static GVariant * +_sign_detached_metadata_append (OstreeSign *self, + GVariant *existing_metadata, + GBytes *signature_bytes) { g_debug ("%s enter", __FUNCTION__); g_return_val_if_fail (signature_bytes != NULL, FALSE); @@ -189,20 +202,6 @@ ostree_sign_detached_metadata_append (OstreeSign *self, return g_variant_dict_end (&metadata_dict); } - -gboolean -ostree_sign_metadata_verify (OstreeSign *self, - GBytes *data, - GVariant *signatures, - GError **error) -{ - g_debug ("%s enter", __FUNCTION__); - g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE); - g_return_val_if_fail (OSTREE_SIGN_GET_IFACE (self)->metadata_verify != NULL, FALSE); - - return OSTREE_SIGN_GET_IFACE (self)->metadata_verify(self, data, signatures, error); -} - gboolean ostree_sign_commit_verify (OstreeSign *self, OstreeRepo *repo, @@ -243,7 +242,7 @@ ostree_sign_commit_verify (OstreeSign *self, signature_format); - return ostree_sign_metadata_verify (self, + return ostree_sign_data_verify (self, signed_data, signatures, error); @@ -325,8 +324,6 @@ ostree_sign_commit (OstreeSign *self, error)) return glnx_prefix_error (error, "Failed to read detached metadata"); - // TODO: d4s: check if already signed? - commit_data = g_variant_get_data_as_bytes (commit_variant); if (!ostree_sign_data (self, commit_data, &signature, @@ -334,7 +331,7 @@ ostree_sign_commit (OstreeSign *self, return glnx_prefix_error (error, "Not able to sign the cobject"); new_metadata = - ostree_sign_detached_metadata_append (self, old_metadata, signature); + _sign_detached_metadata_append (self, old_metadata, signature); if (!ostree_repo_write_commit_detached_metadata (repo, commit_checksum, diff --git a/src/libostree/ostree-sign.h b/src/libostree/ostree-sign.h index a9648cb1..008c3f9d 100644 --- a/src/libostree/ostree-sign.h +++ b/src/libostree/ostree-sign.h @@ -53,29 +53,24 @@ struct _OstreeSignInterface GBytes **signature, GCancellable *cancellable, GError **error); + gboolean (* data_verify) (OstreeSign *self, + GBytes *data, + GVariant *metadata, + GError **error); const gchar *(* metadata_key) (OstreeSign *self); const gchar *(* metadata_format) (OstreeSign *self); - gboolean (* metadata_verify) (OstreeSign *self, - GBytes *data, - GVariant *metadata, - GError **error); - gboolean (* set_sk) (OstreeSign *self, GVariant *secret_key, GError **error); - gboolean (* set_pk) (OstreeSign *self, GVariant *public_key, GError **error); - gboolean (* add_pk) (OstreeSign *self, GVariant *public_key, GError **error); - gboolean (* load_pk) (OstreeSign *self, GVariant *options, GError **error); - }; _OSTREE_PUBLIC @@ -88,6 +83,11 @@ gboolean ostree_sign_data (OstreeSign *self, GCancellable *cancellable, GError **error); +_OSTREE_PUBLIC +gboolean ostree_sign_data_verify (OstreeSign *self, + GBytes *data, + GVariant *signatures, + GError **error); _OSTREE_PUBLIC const gchar * ostree_sign_metadata_key (OstreeSign *self); @@ -96,11 +96,6 @@ _OSTREE_PUBLIC const gchar * ostree_sign_metadata_format (OstreeSign *self); _OSTREE_PUBLIC -GVariant * ostree_sign_detached_metadata_append (OstreeSign *self, - GVariant *existing_metadata, - GBytes *signature_bytes); - -_OSTREE_PUBLIC gboolean ostree_sign_commit (OstreeSign *self, OstreeRepo *repo, const gchar *commit_checksum, @@ -108,12 +103,6 @@ gboolean ostree_sign_commit (OstreeSign *self, GError **error); _OSTREE_PUBLIC -gboolean ostree_sign_metadata_verify (OstreeSign *self, - GBytes *data, - GVariant *signatures, - GError **error); - -_OSTREE_PUBLIC gboolean ostree_sign_commit_verify (OstreeSign *self, OstreeRepo *repo, const gchar *commit_checksum, |