* @self: Self
* @from_commit: SHA256 of starting commit to sign, or %NULL
* @to_commit: SHA256 of target commit to sign
- * @key_id: Use this GPG key id
- * @homedir: (allow-none): GPG home directory, or %NULL
- * @cancellable: A #GCancellable
- * @error: a #GError
- *
* This function is deprecated, sign the summary file instead.
* Add a GPG signature to a static delta.
*/
return FALSE;
}
- OstreeGpgVerifyResult *
+/**
+ * ostree_repo_add_gpg_signature_summary:
+ * @self: Self
+ * @key_id: NULL-terminated array of GPG keys.
+ * @homedir: (allow-none): GPG home directory, or %NULL
+ * @cancellable: A #GCancellable
+ * @error: a #GError
+ *
+ * Add a GPG signature to a static delta.
+ */
+gboolean
+ostree_repo_add_gpg_signature_summary (OstreeRepo *self,
+ const gchar **key_id,
+ const gchar *homedir,
+ GCancellable *cancellable,
+ GError **error)
+{
+ gboolean ret = FALSE;
+ g_autoptr(GBytes) summary_data = NULL;
+ g_autoptr(GFile) summary_file = NULL;
+ g_autoptr(GFile) signature_path = NULL;
+ GError *temp_error = NULL;
+ g_autoptr(GVariant) existing_signatures = NULL;
+ g_autoptr(GVariant) new_metadata = NULL;
+ g_autoptr(GVariant) normalized = NULL;
+ guint i;
+ signature_path = g_file_resolve_relative_path (self->repodir, "summary.sig");
+
+ summary_file = g_file_resolve_relative_path (self->repodir, "summary");
+ summary_data = gs_file_map_readonly (summary_file, cancellable, error);
+ if (!summary_data)
+ goto out;
+
+ if (!ot_util_variant_map (signature_path, G_VARIANT_TYPE ("a{sv}"),
+ TRUE, &existing_signatures, &temp_error))
+ {
+ if (g_error_matches (temp_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
+ {
+ g_clear_error (&temp_error);
+ }
+ else
+ {
+ g_propagate_error (error, temp_error);
+ goto out;
+ }
+ }
+
+ for (i = 0; key_id[i]; i++)
+ {
+ g_autoptr(GBytes) signature_data = NULL;
+ if (!sign_data (self, summary_data, key_id[i], homedir,
+ &signature_data,
+ cancellable, error))
+ goto out;
+
+ new_metadata = _ostree_detached_metadata_append_gpg_sig (existing_signatures, signature_data);
+ }
+
+ normalized = g_variant_get_normal_form (new_metadata);
+
+ if (!_ostree_repo_file_replace_contents (self,
+ self->repo_dir_fd,
+ "summary.sig",
+ g_variant_get_data (normalized),
+ g_variant_get_size (normalized),
+ cancellable, error))
+ goto out;
+
+ ret = TRUE;
+ out:
+ return ret;
+}
+
+OstreeGpgVerifyResult *
_ostree_repo_gpg_verify_with_metadata (OstreeRepo *self,
GBytes *signed_data,
GVariant *metadata,
projects / ostree.git / commitdiff