packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib/sign: public API optimisation 

Removed from public `ostree_sign_detached_metadata_append` function.
Renamed `metadata_verify` into `data_verify` to fit to real
functionality.

Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
This commit is contained in:
Denis Pynkin 2019-10-07 02:59:15 +03:00
parent 95ab57c17e
commit bc4488692c
9 changed files with 75 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apidoc/ostree-sections.txt
View File

@ -715,10 +715,9 @@ ostree_sign_list_names
ostree_sign_commit ostree_sign_commit
ostree_sign_commit_verify ostree_sign_commit_verify
ostree_sign_data ostree_sign_data
ostree_sign_data_verify
ostree_sign_get_by_name ostree_sign_get_by_name
ostree_sign_get_name ostree_sign_get_name
ostree_sign_detached_metadata_append
ostree_sign_metadata_verify
ostree_sign_add_pk ostree_sign_add_pk
ostree_sign_load_pk ostree_sign_load_pk
ostree_sign_set_pk ostree_sign_set_pk

3
src/libostree/libostree-devel.sym
View File

@ -27,10 +27,9 @@ global:
ostree_sign_commit; ostree_sign_commit;
ostree_sign_commit_verify; ostree_sign_commit_verify;
ostree_sign_data; ostree_sign_data;
ostree_sign_data_verify;
ostree_sign_get_by_name; ostree_sign_get_by_name;
ostree_sign_get_name; ostree_sign_get_name;
ostree_sign_detached_metadata_append;
ostree_sign_metadata_verify;
ostree_sign_load_pk; ostree_sign_load_pk;
ostree_sign_set_pk; ostree_sign_set_pk;
ostree_sign_add_pk; ostree_sign_add_pk;

2
src/libostree/ostree-repo-pull.c
View File

@ -1586,7 +1586,7 @@ ostree_verify_unwritten_commit (OtPullData *pull_data,
} }
/* Set return to true if any sign fit */ /* Set return to true if any sign fit */
if (ostree_sign_metadata_verify (sign, if (ostree_sign_data_verify (sign,
signed_data, signed_data,
signatures, signatures,
&local_error &local_error

12
src/libostree/ostree-sign-dummy.c
View File

@ -54,13 +54,13 @@ ostree_sign_dummy_iface_init (OstreeSignInterface *self)
{ {
g_debug ("%s enter", __FUNCTION__); g_debug ("%s enter", __FUNCTION__);
self->data = ostree_sign_dummy_data;
self->get_name = ostree_sign_dummy_get_name; self->get_name = ostree_sign_dummy_get_name;
self->data = ostree_sign_dummy_data;
self->data_verify = ostree_sign_dummy_data_verify;
self->metadata_key = ostree_sign_dummy_metadata_key; self->metadata_key = ostree_sign_dummy_metadata_key;
self->metadata_format = ostree_sign_dummy_metadata_format; self->metadata_format = ostree_sign_dummy_metadata_format;
self->metadata_verify = ostree_sign_dummy_metadata_verify; self->set_sk = ostree_sign_dummy_set_key;
self->set_sk = ostree_sign_dummy_set_signature; self->set_pk = ostree_sign_dummy_set_key;
self->set_pk = ostree_sign_dummy_set_signature;
} }
static void static void
@ -77,7 +77,7 @@ ostree_sign_dummy_init (OstreeSignDummy *self)
self->signature_ascii = g_strdup(OSTREE_SIGN_DUMMY_SIGNATURE); self->signature_ascii = g_strdup(OSTREE_SIGN_DUMMY_SIGNATURE);
} }
gboolean ostree_sign_dummy_set_signature (OstreeSign *self, GVariant *key, GError **error) gboolean ostree_sign_dummy_set_key (OstreeSign *self, GVariant *key, GError **error)
{ {
g_debug ("%s enter", __FUNCTION__); g_debug ("%s enter", __FUNCTION__);
@ -130,7 +130,7 @@ const gchar * ostree_sign_dummy_metadata_format (OstreeSign *self)
return OSTREE_SIGN_METADATA_DUMMY_TYPE; return OSTREE_SIGN_METADATA_DUMMY_TYPE;
} }
gboolean ostree_sign_dummy_metadata_verify (OstreeSign *self, gboolean ostree_sign_dummy_data_verify (OstreeSign *self,
GBytes *data, GBytes *data,
GVariant *signatures, GVariant *signatures,
GError **error) GError **error)

10
src/libostree/ostree-sign-dummy.h
View File

@ -47,15 +47,15 @@ gboolean ostree_sign_dummy_data (OstreeSign *self,
GCancellable *cancellable, GCancellable *cancellable,
GError **error); GError **error);
const gchar * ostree_sign_dummy_metadata_key (OstreeSign *self); gboolean ostree_sign_dummy_data_verify (OstreeSign *self,
const gchar * ostree_sign_dummy_metadata_format (OstreeSign *self);
gboolean ostree_sign_dummy_metadata_verify (OstreeSign *self,
GBytes *data, GBytes *data,
GVariant *signatures, GVariant *signatures,
GError **error); GError **error);
gboolean ostree_sign_dummy_set_signature (OstreeSign *self, GVariant *key, GError **error); const gchar * ostree_sign_dummy_metadata_key (OstreeSign *self);
const gchar * ostree_sign_dummy_metadata_format (OstreeSign *self);
gboolean ostree_sign_dummy_set_key (OstreeSign *self, GVariant *key, GError **error);
G_END_DECLS G_END_DECLS

48
src/libostree/ostree-sign-ed25519.c
View File

@ -58,10 +58,10 @@ ostree_sign_ed25519_iface_init (OstreeSignInterface *self)
g_debug ("%s enter", __FUNCTION__); g_debug ("%s enter", __FUNCTION__);
self->data = ostree_sign_ed25519_data; self->data = ostree_sign_ed25519_data;
self->data_verify = ostree_sign_ed25519_data_verify;
self->get_name = ostree_sign_ed25519_get_name; self->get_name = ostree_sign_ed25519_get_name;
self->metadata_key = ostree_sign_ed25519_metadata_key; self->metadata_key = ostree_sign_ed25519_metadata_key;
self->metadata_format = ostree_sign_ed25519_metadata_format; self->metadata_format = ostree_sign_ed25519_metadata_format;
self->metadata_verify = ostree_sign_ed25519_metadata_verify;
self->set_sk = ostree_sign_ed25519_set_sk; self->set_sk = ostree_sign_ed25519_set_sk;
self->set_pk = ostree_sign_ed25519_set_pk; self->set_pk = ostree_sign_ed25519_set_pk;
self->add_pk = ostree_sign_ed25519_add_pk; self->add_pk = ostree_sign_ed25519_add_pk;
@ -138,29 +138,7 @@ err:
return FALSE; return FALSE;
} }
const gchar * ostree_sign_ed25519_get_name (OstreeSign *self) gboolean ostree_sign_ed25519_data_verify (OstreeSign *self,
{
g_debug ("%s enter", __FUNCTION__);
g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
return OSTREE_SIGN_ED25519_NAME;
}
const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
return OSTREE_SIGN_METADATA_ED25519_KEY;
}
const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
return OSTREE_SIGN_METADATA_ED25519_TYPE;
}
gboolean ostree_sign_ed25519_metadata_verify (OstreeSign *self,
GBytes *data, GBytes *data,
GVariant *signatures, GVariant *signatures,
GError **error) GError **error)
@ -253,6 +231,28 @@ out:
return ret; return ret;
} }
const gchar * ostree_sign_ed25519_get_name (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
return OSTREE_SIGN_ED25519_NAME;
}
const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
return OSTREE_SIGN_METADATA_ED25519_KEY;
}
const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
return OSTREE_SIGN_METADATA_ED25519_TYPE;
}
gboolean ostree_sign_ed25519_set_sk (OstreeSign *self, gboolean ostree_sign_ed25519_set_sk (OstreeSign *self,
GVariant *secret_key, GVariant *secret_key,
GError **error) GError **error)

10
src/libostree/ostree-sign-ed25519.h
View File

@ -46,15 +46,15 @@ gboolean ostree_sign_ed25519_data (OstreeSign *self,
GCancellable *cancellable, GCancellable *cancellable,
GError **error); GError **error);
const gchar * ostree_sign_ed25519_get_name (OstreeSign *self); gboolean ostree_sign_ed25519_data_verify (OstreeSign *self,
const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self);
const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self);
gboolean ostree_sign_ed25519_metadata_verify (OstreeSign *self,
GBytes *data, GBytes *data,
GVariant *signatures, GVariant *signatures,
GError **error); GError **error);
const gchar * ostree_sign_ed25519_get_name (OstreeSign *self);
const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self);
const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self);
gboolean ostree_sign_ed25519_set_sk (OstreeSign *self, gboolean ostree_sign_ed25519_set_sk (OstreeSign *self,
GVariant *secret_key, GVariant *secret_key,
GError **error); GError **error);

37
src/libostree/ostree-sign.c
View File

@ -153,11 +153,24 @@ gboolean ostree_sign_data (OstreeSign *self,
return OSTREE_SIGN_GET_IFACE (self)->data (self, data, signature, cancellable, error); return OSTREE_SIGN_GET_IFACE (self)->data (self, data, signature, cancellable, error);
} }
gboolean
ostree_sign_data_verify (OstreeSign *self,
GBytes *data,
GVariant *signatures,
GError **error)
{
g_debug ("%s enter", __FUNCTION__);
g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
g_return_val_if_fail (OSTREE_SIGN_GET_IFACE (self)->data_verify != NULL, FALSE);
return OSTREE_SIGN_GET_IFACE (self)->data_verify(self, data, signatures, error);
}
/* /*
* Adopted version of _ostree_detached_metadata_append_gpg_sig () * Adopted version of _ostree_detached_metadata_append_gpg_sig ()
*/ */
GVariant * static GVariant *
ostree_sign_detached_metadata_append (OstreeSign *self, _sign_detached_metadata_append (OstreeSign *self,
GVariant *existing_metadata, GVariant *existing_metadata,
GBytes *signature_bytes) GBytes *signature_bytes)
{ {
@ -189,20 +202,6 @@ ostree_sign_detached_metadata_append (OstreeSign *self,
return g_variant_dict_end (&metadata_dict); return g_variant_dict_end (&metadata_dict);
} }
gboolean
ostree_sign_metadata_verify (OstreeSign *self,
GBytes *data,
GVariant *signatures,
GError **error)
{
g_debug ("%s enter", __FUNCTION__);
g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
g_return_val_if_fail (OSTREE_SIGN_GET_IFACE (self)->metadata_verify != NULL, FALSE);
return OSTREE_SIGN_GET_IFACE (self)->metadata_verify(self, data, signatures, error);
}
gboolean gboolean
ostree_sign_commit_verify (OstreeSign *self, ostree_sign_commit_verify (OstreeSign *self,
OstreeRepo *repo, OstreeRepo *repo,
@ -243,7 +242,7 @@ ostree_sign_commit_verify (OstreeSign *self,
signature_format); signature_format);
return ostree_sign_metadata_verify (self, return ostree_sign_data_verify (self,
signed_data, signed_data,
signatures, signatures,
error); error);
@ -325,8 +324,6 @@ ostree_sign_commit (OstreeSign *self,
error)) error))
return glnx_prefix_error (error, "Failed to read detached metadata"); return glnx_prefix_error (error, "Failed to read detached metadata");
// TODO: d4s: check if already signed?
commit_data = g_variant_get_data_as_bytes (commit_variant); commit_data = g_variant_get_data_as_bytes (commit_variant);
if (!ostree_sign_data (self, commit_data, &signature, if (!ostree_sign_data (self, commit_data, &signature,
@ -334,7 +331,7 @@ ostree_sign_commit (OstreeSign *self,
return glnx_prefix_error (error, "Not able to sign the cobject"); return glnx_prefix_error (error, "Not able to sign the cobject");
new_metadata = new_metadata =
ostree_sign_detached_metadata_append (self, old_metadata, signature); _sign_detached_metadata_append (self, old_metadata, signature);
if (!ostree_repo_write_commit_detached_metadata (repo, if (!ostree_repo_write_commit_detached_metadata (repo,
commit_checksum, commit_checksum,

27
src/libostree/ostree-sign.h
View File

@ -53,29 +53,24 @@ struct _OstreeSignInterface
GBytes **signature, GBytes **signature,
GCancellable *cancellable, GCancellable *cancellable,
GError **error); GError **error);
const gchar *(* metadata_key) (OstreeSign *self); gboolean (* data_verify) (OstreeSign *self,
const gchar *(* metadata_format) (OstreeSign *self);
gboolean (* metadata_verify) (OstreeSign *self,
GBytes *data, GBytes *data,
GVariant *metadata, GVariant *metadata,
GError **error); GError **error);
const gchar *(* metadata_key) (OstreeSign *self);
const gchar *(* metadata_format) (OstreeSign *self);
gboolean (* set_sk) (OstreeSign *self, gboolean (* set_sk) (OstreeSign *self,
GVariant *secret_key, GVariant *secret_key,
GError **error); GError **error);
gboolean (* set_pk) (OstreeSign *self, gboolean (* set_pk) (OstreeSign *self,
GVariant *public_key, GVariant *public_key,
GError **error); GError **error);
gboolean (* add_pk) (OstreeSign *self, gboolean (* add_pk) (OstreeSign *self,
GVariant *public_key, GVariant *public_key,
GError **error); GError **error);
gboolean (* load_pk) (OstreeSign *self, gboolean (* load_pk) (OstreeSign *self,
GVariant *options, GVariant *options,
GError **error); GError **error);
}; };
_OSTREE_PUBLIC _OSTREE_PUBLIC
@ -88,6 +83,11 @@ gboolean ostree_sign_data (OstreeSign *self,
GCancellable *cancellable, GCancellable *cancellable,
GError **error); GError **error);
_OSTREE_PUBLIC
gboolean ostree_sign_data_verify (OstreeSign *self,
GBytes *data,
GVariant *signatures,
GError **error);
_OSTREE_PUBLIC _OSTREE_PUBLIC
const gchar * ostree_sign_metadata_key (OstreeSign *self); const gchar * ostree_sign_metadata_key (OstreeSign *self);
@ -95,11 +95,6 @@ const gchar * ostree_sign_metadata_key (OstreeSign *self);
_OSTREE_PUBLIC _OSTREE_PUBLIC
const gchar * ostree_sign_metadata_format (OstreeSign *self); const gchar * ostree_sign_metadata_format (OstreeSign *self);
_OSTREE_PUBLIC
GVariant * ostree_sign_detached_metadata_append (OstreeSign *self,
GVariant *existing_metadata,
GBytes *signature_bytes);
_OSTREE_PUBLIC _OSTREE_PUBLIC
gboolean ostree_sign_commit (OstreeSign *self, gboolean ostree_sign_commit (OstreeSign *self,
OstreeRepo *repo, OstreeRepo *repo,
@ -107,12 +102,6 @@ gboolean ostree_sign_commit (OstreeSign *self,
GCancellable *cancellable, GCancellable *cancellable,
GError **error); GError **error);
_OSTREE_PUBLIC
gboolean ostree_sign_metadata_verify (OstreeSign *self,
GBytes *data,
GVariant *signatures,
GError **error);
_OSTREE_PUBLIC _OSTREE_PUBLIC
gboolean ostree_sign_commit_verify (OstreeSign *self, gboolean ostree_sign_commit_verify (OstreeSign *self,
OstreeRepo *repo, OstreeRepo *repo,