From 1df16a76759b29bf1419abff7f0e82d5378dbce3 Mon Sep 17 00:00:00 2001 From: Matthew Barnes Date: Wed, 16 Dec 2015 18:53:57 -0500 Subject: [PATCH] repo: Add ostree_repo_verify_summary() Verifies signatures on a summary -- both taken as GBytes inputs -- and returns an OstreeGpgVerifyResult. --- doc/ostree-sections.txt | 1 + src/libostree/ostree-repo.c | 57 ++++++++++++++++++++++++++++++------- src/libostree/ostree-repo.h | 7 +++++ 3 files changed, 55 insertions(+), 10 deletions(-) diff --git a/doc/ostree-sections.txt b/doc/ostree-sections.txt index aecaa566..5e9dfb9b 100644 --- a/doc/ostree-sections.txt +++ b/doc/ostree-sections.txt @@ -313,6 +313,7 @@ ostree_repo_sign_commit ostree_repo_append_gpg_signature ostree_repo_verify_commit ostree_repo_verify_commit_ext +ostree_repo_verify_summary ostree_repo_regenerate_summary OSTREE_REPO diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c index cc3bd6f7..f9cd5cc4 100644 --- a/src/libostree/ostree-repo.c +++ b/src/libostree/ostree-repo.c @@ -1879,17 +1879,13 @@ ostree_repo_remote_fetch_summary (OstreeRepo *self, if (gpg_verify_summary && summary != NULL && signatures != NULL) { glnx_unref_object OstreeGpgVerifyResult *result = NULL; - g_autoptr(GVariant) signatures_variant = NULL; - signatures_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT, - signatures, FALSE); - result = _ostree_repo_gpg_verify_with_metadata (self, - summary, - signatures_variant, - name, - NULL, NULL, - cancellable, - error); + result = ostree_repo_verify_summary (self, + name, + summary, + signatures, + cancellable, + error); if (result == NULL) goto out; @@ -4489,6 +4485,47 @@ ostree_repo_verify_commit_ext (OstreeRepo *self, error); } +/** + * ostree_repo_verify_summary: + * @self: Repo + * @remote_name: Name of remote + * @summary: Summary data as a #GBytes + * @signatures: Summary signatures as a #GBytes + * @cancellable: Cancellable + * @error: Error + * + * Verify @signatures for @summary data using GPG keys in the keyring for + * @remote_name, and return an #OstreeGpgVerifyResult. + * + * Returns: (transfer full): an #OstreeGpgVerifyResult, or %NULL on error + */ +OstreeGpgVerifyResult * +ostree_repo_verify_summary (OstreeRepo *self, + const char *remote_name, + GBytes *summary, + GBytes *signatures, + GCancellable *cancellable, + GError **error) +{ + g_autoptr(GVariant) signatures_variant = NULL; + + g_return_val_if_fail (OSTREE_IS_REPO (self), NULL); + g_return_val_if_fail (remote_name != NULL, NULL); + g_return_val_if_fail (summary != NULL, NULL); + g_return_val_if_fail (signatures != NULL, NULL); + + signatures_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT, + signatures, FALSE); + + return _ostree_repo_gpg_verify_with_metadata (self, + summary, + signatures_variant, + remote_name, + NULL, NULL, + cancellable, + error); +} + /** * ostree_repo_regenerate_summary: * @self: Repo diff --git a/src/libostree/ostree-repo.h b/src/libostree/ostree-repo.h index 69720a2e..51a40751 100644 --- a/src/libostree/ostree-repo.h +++ b/src/libostree/ostree-repo.h @@ -782,6 +782,13 @@ OstreeGpgVerifyResult * ostree_repo_verify_commit_ext (OstreeRepo *self, GCancellable *cancellable, GError **error); +OstreeGpgVerifyResult * ostree_repo_verify_summary (OstreeRepo *self, + const char *remote_name, + GBytes *summary, + GBytes *signatures, + GCancellable *cancellable, + GError **error); + gboolean ostree_repo_regenerate_summary (OstreeRepo *self, GVariant *additional_metadata, GCancellable *cancellable,