From ceaf6d7f546690601df98ee5e9d971f5b31096a9 Mon Sep 17 00:00:00 2001 From: Denis Pynkin Date: Sun, 27 Oct 2019 19:45:48 +0000 Subject: [PATCH] lib/sign: add ostree_seign_clear_keys function Add the function for implicit cleanup of all loaded keys. Signed-off-by: Denis Pynkin --- apidoc/ostree-sections.txt | 1 + src/libostree/libostree-devel.sym | 1 + src/libostree/ostree-sign-ed25519.c | 40 ++++++++++++++++++++++++----- src/libostree/ostree-sign-ed25519.h | 3 +++ src/libostree/ostree-sign.c | 11 ++++++++ src/libostree/ostree-sign.h | 6 +++++ 6 files changed, 55 insertions(+), 7 deletions(-) diff --git a/apidoc/ostree-sections.txt b/apidoc/ostree-sections.txt index 440338c2..9b71d610 100644 --- a/apidoc/ostree-sections.txt +++ b/apidoc/ostree-sections.txt @@ -719,6 +719,7 @@ ostree_sign_data_verify ostree_sign_get_by_name ostree_sign_get_name ostree_sign_add_pk +ostree_sign_clear_keys ostree_sign_load_pk ostree_sign_set_pk ostree_sign_set_sk diff --git a/src/libostree/libostree-devel.sym b/src/libostree/libostree-devel.sym index 3ca8f2c6..a10ec266 100644 --- a/src/libostree/libostree-devel.sym +++ b/src/libostree/libostree-devel.sym @@ -30,6 +30,7 @@ global: ostree_sign_data_verify; ostree_sign_get_by_name; ostree_sign_get_name; + ostree_sign_clear_keys; ostree_sign_load_pk; ostree_sign_set_pk; ostree_sign_add_pk; diff --git a/src/libostree/ostree-sign-ed25519.c b/src/libostree/ostree-sign-ed25519.c index 662521b9..f61c3bdd 100644 --- a/src/libostree/ostree-sign-ed25519.c +++ b/src/libostree/ostree-sign-ed25519.c @@ -62,6 +62,7 @@ ostree_sign_ed25519_iface_init (OstreeSignInterface *self) self->get_name = ostree_sign_ed25519_get_name; self->metadata_key = ostree_sign_ed25519_metadata_key; self->metadata_format = ostree_sign_ed25519_metadata_format; + self->clear_keys = ostree_sign_ed25519_clear_keys; self->set_sk = ostree_sign_ed25519_set_sk; self->set_pk = ostree_sign_ed25519_set_pk; self->add_pk = ostree_sign_ed25519_add_pk; @@ -253,6 +254,36 @@ const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self) return OSTREE_SIGN_METADATA_ED25519_TYPE; } +gboolean ostree_sign_ed25519_clear_keys (OstreeSign *self, + GError **error) +{ + g_debug ("%s enter", __FUNCTION__); + g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE); + +#ifdef HAVE_LIBSODIUM + OstreeSignEd25519 *sign = ostree_sign_ed25519_get_instance_private(OSTREE_SIGN_ED25519(self)); + + /* Clear secret key */ + if (sign->secret_key != NULL) + { + memset (sign->secret_key, 0, crypto_sign_SECRETKEYBYTES); + g_free (sign->secret_key); + sign->secret_key = NULL; + } + + /* Clear already loaded trusted keys */ + if (sign->public_keys != NULL) + { + g_list_free_full (sign->public_keys, g_free); + sign->public_keys = NULL; + } + + return TRUE; + +#endif /* HAVE_LIBSODIUM */ + return FALSE; +} + /* Support 2 representations: * base64 ascii -- secret key is passed as string * raw key -- key is passed as bytes array @@ -267,7 +298,7 @@ gboolean ostree_sign_ed25519_set_sk (OstreeSign *self, #ifdef HAVE_LIBSODIUM OstreeSignEd25519 *sign = ostree_sign_ed25519_get_instance_private(OSTREE_SIGN_ED25519(self)); - g_free (sign->secret_key); + ostree_sign_ed25519_clear_keys (self, error); gsize n_elements = 0; @@ -315,12 +346,7 @@ gboolean ostree_sign_ed25519_set_pk (OstreeSign *self, OstreeSignEd25519 *sign = ostree_sign_ed25519_get_instance_private(OSTREE_SIGN_ED25519(self)); - /* Substitute the key(s) with a new one */ - if (sign->public_keys != NULL) - { - g_list_free_full (sign->public_keys, g_free); - sign->public_keys = NULL; - } + ostree_sign_ed25519_clear_keys (self, error); return ostree_sign_ed25519_add_pk (self, public_key, error); } diff --git a/src/libostree/ostree-sign-ed25519.h b/src/libostree/ostree-sign-ed25519.h index 4519961d..bced1cdf 100644 --- a/src/libostree/ostree-sign-ed25519.h +++ b/src/libostree/ostree-sign-ed25519.h @@ -55,6 +55,9 @@ const gchar * ostree_sign_ed25519_get_name (OstreeSign *self); const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self); const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self); +gboolean ostree_sign_ed25519_clear_keys (OstreeSign *self, + GError **error); + gboolean ostree_sign_ed25519_set_sk (OstreeSign *self, GVariant *secret_key, GError **error); diff --git a/src/libostree/ostree-sign.c b/src/libostree/ostree-sign.c index b1975215..e5d55ef2 100644 --- a/src/libostree/ostree-sign.c +++ b/src/libostree/ostree-sign.c @@ -87,6 +87,17 @@ const gchar * ostree_sign_metadata_format (OstreeSign *self) return OSTREE_SIGN_GET_IFACE (self)->metadata_format (self); } +gboolean ostree_sign_clear_keys (OstreeSign *self, + GError **error) +{ + g_debug ("%s enter", __FUNCTION__); + + if (OSTREE_SIGN_GET_IFACE (self)->clear_keys == NULL) + return TRUE; + + return OSTREE_SIGN_GET_IFACE (self)->clear_keys (self, error); +} + gboolean ostree_sign_set_sk (OstreeSign *self, GVariant *secret_key, GError **error) diff --git a/src/libostree/ostree-sign.h b/src/libostree/ostree-sign.h index 008c3f9d..9add0450 100644 --- a/src/libostree/ostree-sign.h +++ b/src/libostree/ostree-sign.h @@ -59,6 +59,8 @@ struct _OstreeSignInterface GError **error); const gchar *(* metadata_key) (OstreeSign *self); const gchar *(* metadata_format) (OstreeSign *self); + gboolean (* clear_keys) (OstreeSign *self, + GError **error); gboolean (* set_sk) (OstreeSign *self, GVariant *secret_key, GError **error); @@ -109,6 +111,10 @@ gboolean ostree_sign_commit_verify (OstreeSign *self, GCancellable *cancellable, GError **error); +_OSTREE_PUBLIC +gboolean ostree_sign_clear_keys (OstreeSign *self, + GError **error); + _OSTREE_PUBLIC gboolean ostree_sign_set_sk (OstreeSign *self, GVariant *secret_key,