From 0a79b3b1e298117d5d951e171caa569b041ec627 Mon Sep 17 00:00:00 2001 From: Alexander Larsson Date: Wed, 16 Aug 2023 10:59:47 +0200 Subject: [PATCH] prepare-root: Only support base64 formated public key files I've updated the automotive samples to not use the raw format, so there is no use anymore to support both formats, as base64 is strictly better. --- src/switchroot/ostree-prepare-root.c | 25 +++++++++---------------- 1 file changed, 9 insertions(+), 16 deletions(-) diff --git a/src/switchroot/ostree-prepare-root.c b/src/switchroot/ostree-prepare-root.c index 31365b91..db76de12 100644 --- a/src/switchroot/ostree-prepare-root.c +++ b/src/switchroot/ostree-prepare-root.c @@ -330,23 +330,16 @@ load_composefs_config (GKeyFile *config, GError **error) return glnx_prefix_error_null (error, "Reading public key file '%s'", ret->signature_pubkey); - /* Raw binary form if right size */ - if (pubkeys_size == OSTREE_SIGN_ED25519_PUBKEY_SIZE) - g_ptr_array_add (ret->pubkeys, g_bytes_new_take (g_steal_pointer (&pubkeys), pubkeys_size)); - else /* otherwise text with base64 key per line */ + g_auto (GStrv) lines = g_strsplit (pubkeys, "\n", -1); + for (char **iter = lines; *iter; iter++) { - g_auto (GStrv) lines = g_strsplit (pubkeys, "\n", -1); - for (char **iter = lines; *iter; iter++) - { - const char *line = *iter; - if (!*line) - continue; - - gsize pubkey_size; - g_autofree guchar *pubkey = g_base64_decode (line, &pubkey_size); - g_ptr_array_add (ret->pubkeys, - g_bytes_new_take (g_steal_pointer (&pubkey), pubkey_size)); - } + const char *line = *iter; + if (!*line) + continue; + + gsize pubkey_size; + g_autofree guchar *pubkey = g_base64_decode (line, &pubkey_size); + g_ptr_array_add (ret->pubkeys, g_bytes_new_take (g_steal_pointer (&pubkey), pubkey_size)); } if (ret->pubkeys->len == 0) -- 2.30.2