[ostree] ostree-repo: add new API to sign the summary file
- From: Giuseppe Scrivano <gscrivano src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [ostree] ostree-repo: add new API to sign the summary file
- Date: Thu, 7 May 2015 20:02:10 +0000 (UTC)
commit fee785a72e2f7fcdb4f3792b845c456614829884
Author: Giuseppe Scrivano <gscrivan redhat com>
Date: Sun May 3 22:40:27 2015 +0200
ostree-repo: add new API to sign the summary file
Signed-off-by: Giuseppe Scrivano <gscrivan redhat com>
src/libostree/ostree-repo.c | 80 +++++++++++++++++++++++++++++++++++++++---
src/libostree/ostree-repo.h | 7 ++++
2 files changed, 81 insertions(+), 6 deletions(-)
---
diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c
index 0346a3d..8affec5 100644
--- a/src/libostree/ostree-repo.c
+++ b/src/libostree/ostree-repo.c
@@ -3324,11 +3324,6 @@ out:
* @self: Self
* @from_commit: SHA256 of starting commit to sign, or %NULL
* @to_commit: SHA256 of target commit to sign
- * @key_id: Use this GPG key id
- * @homedir: (allow-none): GPG home directory, or %NULL
- * @cancellable: A #GCancellable
- * @error: a #GError
- *
* This function is deprecated, sign the summary file instead.
* Add a GPG signature to a static delta.
*/
@@ -3345,7 +3340,80 @@ ostree_repo_sign_delta (OstreeRepo *self,
return FALSE;
}
- OstreeGpgVerifyResult *
+/**
+ * ostree_repo_add_gpg_signature_summary:
+ * @self: Self
+ * @key_id: NULL-terminated array of GPG keys.
+ * @homedir: (allow-none): GPG home directory, or %NULL
+ * @cancellable: A #GCancellable
+ * @error: a #GError
+ *
+ * Add a GPG signature to a static delta.
+ */
+gboolean
+ostree_repo_add_gpg_signature_summary (OstreeRepo *self,
+ const gchar **key_id,
+ const gchar *homedir,
+ GCancellable *cancellable,
+ GError **error)
+{
+ gboolean ret = FALSE;
+ g_autoptr(GBytes) summary_data = NULL;
+ g_autoptr(GFile) summary_file = NULL;
+ g_autoptr(GFile) signature_path = NULL;
+ GError *temp_error = NULL;
+ g_autoptr(GVariant) existing_signatures = NULL;
+ g_autoptr(GVariant) new_metadata = NULL;
+ g_autoptr(GVariant) normalized = NULL;
+ guint i;
+ signature_path = g_file_resolve_relative_path (self->repodir, "summary.sig");
+
+ summary_file = g_file_resolve_relative_path (self->repodir, "summary");
+ summary_data = gs_file_map_readonly (summary_file, cancellable, error);
+ if (!summary_data)
+ goto out;
+
+ if (!ot_util_variant_map (signature_path, G_VARIANT_TYPE ("a{sv}"),
+ TRUE, &existing_signatures, &temp_error))
+ {
+ if (g_error_matches (temp_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
+ {
+ g_clear_error (&temp_error);
+ }
+ else
+ {
+ g_propagate_error (error, temp_error);
+ goto out;
+ }
+ }
+
+ for (i = 0; key_id[i]; i++)
+ {
+ g_autoptr(GBytes) signature_data = NULL;
+ if (!sign_data (self, summary_data, key_id[i], homedir,
+ &signature_data,
+ cancellable, error))
+ goto out;
+
+ new_metadata = _ostree_detached_metadata_append_gpg_sig (existing_signatures, signature_data);
+ }
+
+ normalized = g_variant_get_normal_form (new_metadata);
+
+ if (!_ostree_repo_file_replace_contents (self,
+ self->repo_dir_fd,
+ "summary.sig",
+ g_variant_get_data (normalized),
+ g_variant_get_size (normalized),
+ cancellable, error))
+ goto out;
+
+ ret = TRUE;
+ out:
+ return ret;
+}
+
+OstreeGpgVerifyResult *
_ostree_repo_gpg_verify_with_metadata (OstreeRepo *self,
GBytes *signed_data,
GVariant *metadata,
diff --git a/src/libostree/ostree-repo.h b/src/libostree/ostree-repo.h
index c882356..92bddd4 100644
--- a/src/libostree/ostree-repo.h
+++ b/src/libostree/ostree-repo.h
@@ -712,6 +712,13 @@ gboolean ostree_repo_sign_delta (OstreeRepo *self,
GCancellable *cancellable,
GError **error);
+gboolean
+ostree_repo_add_gpg_signature_summary (OstreeRepo *self,
+ const gchar **key_id,
+ const gchar *homedir,
+ GCancellable *cancellable,
+ GError **error);
+
gboolean ostree_repo_append_gpg_signature (OstreeRepo *self,
const gchar *commit_checksum,
GBytes *signature_bytes,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
