diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c index 5b9548d7..c3672b78 100644 --- a/src/libostree/ostree-repo-pull.c +++ b/src/libostree/ostree-repo-pull.c @@ -1527,6 +1527,7 @@ ostree_verify_unwritten_commit (OtPullData *pull_data, g_autofree gchar *signature_key = NULL; g_autofree GVariantType *signature_format = NULL; g_autofree gchar *pk_ascii = NULL; + g_autofree gchar *pk_file = NULL; if ((sign = ostree_sign_get_by_name (names[i], error)) == NULL) { @@ -1543,7 +1544,25 @@ ostree_verify_unwritten_commit (OtPullData *pull_data, if (!signatures) continue; - /* TODO: load keys for remote here */ + /* Load keys for remote from file */ + ostree_repo_get_remote_option (pull_data->repo, + pull_data->remote_name, + "verification-file", NULL, + &pk_file, NULL); + if (pk_file != NULL) + { + g_autoptr (GVariantBuilder) builder = NULL; + g_autoptr (GVariant) options = NULL; + + builder = g_variant_builder_new (G_VARIANT_TYPE ("a{sv}")); + g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (pk_file)); + options = g_variant_builder_end (builder); + + if (!ostree_sign_load_pk (sign, options, error)) + g_clear_error (error); + } + + /* Override key if it is set explicitly */ ostree_repo_get_remote_option (pull_data->repo, pull_data->remote_name, "verification-key", NULL, @@ -1931,13 +1950,32 @@ scan_commit_object (OtPullData *pull_data, { g_autoptr (OstreeSign) sign = NULL; g_autofree gchar *pk_ascii = NULL; + g_autofree gchar *pk_file = NULL; if ((sign = ostree_sign_get_by_name (names[i], error)) == NULL) { g_clear_error (error); continue; } - /* TODO: load keys for remote here */ + + /* Load keys for remote from file */ + ostree_repo_get_remote_option (pull_data->repo, + pull_data->remote_name, + "verification-file", NULL, + &pk_file, NULL); + if (pk_file != NULL) + { + g_autoptr (GVariantBuilder) builder = NULL; + g_autoptr (GVariant) options = NULL; + + builder = g_variant_builder_new (G_VARIANT_TYPE ("a{sv}")); + g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (pk_file)); + options = g_variant_builder_end (builder); + + if (!ostree_sign_load_pk (sign, options, error)) + g_clear_error (error); + } + ostree_repo_get_remote_option (pull_data->repo, pull_data->remote_name, "verification-key", NULL, diff --git a/tests/test-signed-pull.sh b/tests/test-signed-pull.sh index 2f4d4527..dc922e81 100755 --- a/tests/test-signed-pull.sh +++ b/tests/test-signed-pull.sh @@ -23,7 +23,7 @@ set -euo pipefail . $(dirname $0)/libtest.sh -echo "1..4" +echo "1..7" setup_fake_remote_repo1 "archive" @@ -90,3 +90,19 @@ repo_init --set=sign-verify=true ${CMD_PREFIX} ostree --repo=repo config set 'remote "origin"'.verification-key "${PUBLIC}" test_signed_pull "ed25519" +# Prepare files with public ed25519 signatures +PUBKEYS="$(mktemp -p ${test_tmpdir} ed25519_XXXXXX.ed25519)" + +# Test the file with multiple keys without a valid public key +for((i=0;i<100;i++)); do + # Generate a list with some public signatures + openssl genpkey -algorithm ED25519 | openssl pkey -outform DER | tail -c 32 | base64 +done > ${PUBKEYS} +# Add correct key into the list +echo ${PUBLIC} >> ${PUBKEYS} + +repo_init --set=sign-verify=true +${CMD_PREFIX} ostree --repo=repo config set 'remote "origin"'.verification-file "${PUBKEYS}" +test_signed_pull "ed25519" + +echo "ok verify ed25519 keys file"