packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ostree-repo: add new API to sign the summary file 

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2015-05-03 22:40:27 +02:00
parent 94360d3d1c
commit fee785a72e
2 changed files with 81 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
src/libostree/ostree-repo.c
View File

@ -3324,11 +3324,6 @@ out:
* @self: Self * @self: Self
* @from_commit: SHA256 of starting commit to sign, or %NULL * @from_commit: SHA256 of starting commit to sign, or %NULL
* @to_commit: SHA256 of target commit to sign * @to_commit: SHA256 of target commit to sign
* @key_id: Use this GPG key id
* @homedir: (allow-none): GPG home directory, or %NULL
* @cancellable: A #GCancellable
* @error: a #GError
*
* This function is deprecated, sign the summary file instead. * This function is deprecated, sign the summary file instead.
* Add a GPG signature to a static delta. * Add a GPG signature to a static delta.
*/ */
@ -3345,7 +3340,80 @@ ostree_repo_sign_delta (OstreeRepo *self,
return FALSE; return FALSE;
} }
OstreeGpgVerifyResult * /**
* ostree_repo_add_gpg_signature_summary:
* @self: Self
* @key_id: NULL-terminated array of GPG keys.
* @homedir: (allow-none): GPG home directory, or %NULL
* @cancellable: A #GCancellable
* @error: a #GError
*
* Add a GPG signature to a static delta.
*/
gboolean
ostree_repo_add_gpg_signature_summary (OstreeRepo *self,
const gchar **key_id,
const gchar *homedir,
GCancellable *cancellable,
GError **error)
{
gboolean ret = FALSE;
g_autoptr(GBytes) summary_data = NULL;
g_autoptr(GFile) summary_file = NULL;
g_autoptr(GFile) signature_path = NULL;
GError *temp_error = NULL;
g_autoptr(GVariant) existing_signatures = NULL;
g_autoptr(GVariant) new_metadata = NULL;
g_autoptr(GVariant) normalized = NULL;
guint i;
signature_path = g_file_resolve_relative_path (self->repodir, "summary.sig");
summary_file = g_file_resolve_relative_path (self->repodir, "summary");
summary_data = gs_file_map_readonly (summary_file, cancellable, error);
if (!summary_data)
goto out;
if (!ot_util_variant_map (signature_path, G_VARIANT_TYPE ("a{sv}"),
TRUE, &existing_signatures, &temp_error))
{
if (g_error_matches (temp_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
{
g_clear_error (&temp_error);
}
else
{
g_propagate_error (error, temp_error);
goto out;
}
}
for (i = 0; key_id[i]; i++)
{
g_autoptr(GBytes) signature_data = NULL;
if (!sign_data (self, summary_data, key_id[i], homedir,
&signature_data,
cancellable, error))
goto out;
new_metadata = _ostree_detached_metadata_append_gpg_sig (existing_signatures, signature_data);
}
normalized = g_variant_get_normal_form (new_metadata);
if (!_ostree_repo_file_replace_contents (self,
self->repo_dir_fd,
"summary.sig",
g_variant_get_data (normalized),
g_variant_get_size (normalized),
cancellable, error))
goto out;
ret = TRUE;
out:
return ret;
}
OstreeGpgVerifyResult *
_ostree_repo_gpg_verify_with_metadata (OstreeRepo *self, _ostree_repo_gpg_verify_with_metadata (OstreeRepo *self,
GBytes *signed_data, GBytes *signed_data,
GVariant *metadata, GVariant *metadata,

7
src/libostree/ostree-repo.h
View File

@ -712,6 +712,13 @@ gboolean ostree_repo_sign_delta (OstreeRepo *self,
GCancellable *cancellable, GCancellable *cancellable,
GError **error); GError **error);
gboolean
ostree_repo_add_gpg_signature_summary (OstreeRepo *self,
const gchar **key_id,
const gchar *homedir,
GCancellable *cancellable,
GError **error);
gboolean ostree_repo_append_gpg_signature (OstreeRepo *self, gboolean ostree_repo_append_gpg_signature (OstreeRepo *self,
const gchar *commit_checksum, const gchar *commit_checksum,
GBytes *signature_bytes, GBytes *signature_bytes,