&pk_ascii, NULL);
if (pk_ascii != NULL)
{
- g_autoptr (GVariant) pk = NULL;
-
- if (!g_strcmp0(ostree_sign_get_name(sign), "dummy"))
- {
- // Just use the string as signature
- pk = g_variant_new_string(pk_ascii);
- }
- else if (!g_strcmp0(ostree_sign_get_name(sign), "ed25519"))
- {
- gsize key_len = 0;
- g_autofree guchar *key = g_base64_decode (pk_ascii, &key_len);
- pk = g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, key, key_len, sizeof(guchar));
- }
-
+ g_autoptr (GVariant) pk = g_variant_new_string(pk_ascii);
if (!ostree_sign_set_pk (sign, pk, &local_error))
continue;
}
{
g_autoptr (GVariant) pk = NULL;
- if (!g_strcmp0(ostree_sign_get_name(sign), "dummy"))
- {
- // Just use the string as signature
- pk = g_variant_new_string(pk_ascii);
- }
- else if (!g_strcmp0(ostree_sign_get_name(sign), "ed25519"))
- {
- gsize key_len = 0;
- g_autofree guchar *key = g_base64_decode (pk_ascii, &key_len);
- pk = g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, key, key_len, sizeof(guchar));
- }
-
+ // Just use the string as signature
+ pk = g_variant_new_string(pk_ascii);
if (!ostree_sign_set_pk (sign, pk, &local_error))
continue;
}
else
gpg_verify_state = (pull_data->gpg_verify ? "commit" : "disabled");
- g_string_append_printf (msg, "\nsecurity: GPG: %s ", gpg_verify_state);
#else
gpg_verify_state = "disabled";
- g_string_append_printf (msg, "\nsecurity: %s ", gpg_verify_state);
#endif /* OSTREE_DISABLE_GPGME */
+ g_string_append_printf (msg, "\nsecurity: GPG: %s ", gpg_verify_state);
const char *sign_verify_state;
sign_verify_state = (pull_data->sign_verify ? "commit" : "disabled");
return OSTREE_SIGN_METADATA_ED25519_TYPE;
}
+/* Support 2 representations:
+ * base64 ascii -- secret key is passed as string
+ * raw key -- key is passed as bytes array
+ * */
gboolean ostree_sign_ed25519_set_sk (OstreeSign *self,
GVariant *secret_key,
GError **error)
g_free (sign->secret_key);
gsize n_elements = 0;
- sign->secret_key = (guchar *) g_variant_get_fixed_array (secret_key, &n_elements, sizeof(guchar));
+
+ if (g_variant_is_of_type (secret_key, G_VARIANT_TYPE_STRING))
+ {
+ const gchar *sk_ascii = g_variant_get_string (secret_key, NULL);
+ sign->secret_key = g_base64_decode (sk_ascii, &n_elements);
+ }
+ else if (g_variant_is_of_type (secret_key, G_VARIANT_TYPE_BYTESTRING))
+ {
+ sign->secret_key = (guchar *) g_variant_get_fixed_array (secret_key, &n_elements, sizeof(guchar));
+ }
+ else
+ {
+ g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Unknown ed25519 secret key type");
+ goto err;
+ }
+
if (n_elements != crypto_sign_SECRETKEYBYTES)
{
return FALSE;
}
+/* Support 2 representations:
+ * base64 ascii -- public key is passed as string
+ * raw key -- key is passed as bytes array
+ * */
gboolean ostree_sign_ed25519_set_pk (OstreeSign *self,
GVariant *public_key,
GError **error)
return ostree_sign_ed25519_add_pk (self, public_key, error);
}
+/* Support 2 representations:
+ * base64 ascii -- public key is passed as string
+ * raw key -- key is passed as bytes array
+ * */
gboolean ostree_sign_ed25519_add_pk (OstreeSign *self,
GVariant *public_key,
GError **error)
gpointer key = NULL;
gsize n_elements = 0;
- key = (gpointer) g_variant_get_fixed_array (public_key, &n_elements, sizeof(guchar));
+
+ if (g_variant_is_of_type (public_key, G_VARIANT_TYPE_STRING))
+ {
+ const gchar *pk_ascii = g_variant_get_string (public_key, NULL);
+ key = g_base64_decode (pk_ascii, &n_elements);
+ }
+ else if (g_variant_is_of_type (public_key, G_VARIANT_TYPE_BYTESTRING))
+ {
+ key = (gpointer) g_variant_get_fixed_array (public_key, &n_elements, sizeof(guchar));
+ }
+ else
+ {
+ g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Unknown ed25519 public key type");
+ goto err;
+ }
hex = g_malloc0 (crypto_sign_PUBLICKEYBYTES*2 + 1);
g_debug ("Read ed25519 public key = %s", sodium_bin2hex (hex, crypto_sign_PUBLICKEYBYTES*2+1, key, n_elements));
const char *keyid = *iter;
g_autoptr (GVariant) secret_key = NULL;
- if (!g_strcmp0(ostree_sign_get_name (sign), "dummy"))
- {
- secret_key = g_variant_new_string (keyid);
- }
- else if (!g_strcmp0 (ostree_sign_get_name (sign), "ed25519"))
- {
- gsize key_len = 0;
- g_autofree guchar *key = g_base64_decode (keyid, &key_len);
-
- secret_key = g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, key, key_len, sizeof(guchar));
- }
+ secret_key = g_variant_new_string (keyid);
if (!ostree_sign_set_sk (sign, secret_key, error))
goto out;
char **key_ids;
int n_key_ids, ii;
gboolean ret = FALSE;
-#if defined(HAVE_LIBSODIUM)
- g_autoptr (GVariant) ed25519_sk = NULL;
- g_autoptr (GVariant) ed25519_pk = NULL;
-#endif
-
context = g_option_context_new ("COMMIT KEY-ID...");
{
g_autoptr (GVariant) sk = NULL;
g_autoptr (GVariant) pk = NULL;
- g_autofree guchar *key = NULL;
- if (!g_strcmp0(ostree_sign_get_name(sign), "dummy"))
- {
- // Just use the string as signature
- sk = g_variant_new_string(key_ids[ii]);
- pk = g_variant_new_string(key_ids[ii]);
- }
if (opt_verify)
{
g_autoptr (GError) local_error = NULL;
- if (!g_strcmp0(ostree_sign_get_name(sign), "ed25519"))
- {
- gsize key_len = 0;
- g_autofree guchar *key = g_base64_decode (key_ids[ii], &key_len);
- pk = g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, key, key_len, sizeof(guchar));
- }
+ // Pass the key as a string
+ pk = g_variant_new_string(key_ids[ii]);
if (!ostree_sign_set_pk (sign, pk, &local_error))
continue;
}
else
{
- if (!g_strcmp0(ostree_sign_get_name(sign), "ed25519"))
- {
- gsize key_len = 0;
- g_autofree guchar *key = g_base64_decode (key_ids[ii], &key_len);
- sk = g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, key, key_len, sizeof(guchar));
- }
-
+ // Pass the key as a string
+ sk = g_variant_new_string(key_ids[ii]);
if (!ostree_sign_set_sk (sign, sk, error))
{
ret = FALSE;
break;
- if (!g_strcmp0(ostree_sign_get_name(sign), "dummy"))
- {
- // Just use the string as signature
- sk = g_variant_new_string(line);
- }
-
-
- if (!g_strcmp0(ostree_sign_get_name(sign), "ed25519"))
- {
- gsize key_len = 0;
- g_autofree guchar *key = g_base64_decode (line, &key_len);
- sk = g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, key, key_len, sizeof(guchar));
- }
-
+ // Pass the key as a string
+ sk = g_variant_new_string(line);
if (!ostree_sign_set_sk (sign, sk, error))
{
ret = FALSE;
projects / ostree.git / commitdiff