lib/repo: Add ostree_repo_remote_get_gpg_keys()

This function enumerates the trusted GPG keys for a remote and returns
an array of `GVariant`s describing them. This is useful to see which
keys are collected by ostree for a particular remote. The same
information can be gathered with `gpg`. However, since ostree allows
multiple keyring locations, that's only really useful if you have
knowledge of how ostree collects GPG keyrings.

The format of the variants is documented in
`OSTREE_GPG_KEY_GVARIANT_FORMAT`. This format is primarily a copy of
selected fields within `gpgme_key_t` and its subtypes. The fields are
placed within vardicts rather than using a more efficient tuple of
concrete types. This will allow flexibility if more components of
`gpgme_key_t` are desired in the future.
This commit is contained in:
Dan Nicholson 2019-08-13 13:36:00 -06:00 committed by Dan Nicholson
parent fc073654dc
commit a50f6d0b9f
7 changed files with 266 additions and 3 deletions

View File

@ -173,9 +173,9 @@ endif # USE_GPGME
symbol_files = $(top_srcdir)/src/libostree/libostree-released.sym
# Uncomment this include when adding new development symbols.
#if BUILDOPT_IS_DEVEL_BUILD
#symbol_files += $(top_srcdir)/src/libostree/libostree-devel.sym
#endif
if BUILDOPT_IS_DEVEL_BUILD
symbol_files += $(top_srcdir)/src/libostree/libostree-devel.sym
endif
# http://blog.jgc.org/2007/06/escaping-comma-and-space-in-gnu-make.html
wl_versionscript_arg = -Wl,--version-script=

View File

@ -337,6 +337,7 @@ ostree_repo_remote_list_collection_refs
ostree_repo_remote_get_url
ostree_repo_remote_get_gpg_verify
ostree_repo_remote_get_gpg_verify_summary
ostree_repo_remote_get_gpg_keys
ostree_repo_remote_gpg_import
ostree_repo_remote_fetch_summary
ostree_repo_remote_fetch_summary_with_options
@ -482,6 +483,8 @@ ostree_repo_regenerate_summary
OSTREE_REPO
OSTREE_IS_REPO
OSTREE_TYPE_REPO
OSTREE_GPG_KEY_GVARIANT_STRING
OSTREE_GPG_KEY_GVARIANT_FORMAT
ostree_repo_get_type
ostree_repo_commit_modifier_get_type
ostree_repo_transaction_stats_get_type

View File

@ -22,6 +22,11 @@
- uncomment the include in Makefile-libostree.am
*/
LIBOSTREE_2021.4 {
global:
ostree_repo_remote_get_gpg_keys;
} LIBOSTREE_2021.3;
/* Stub section for the stable release *after* this development one; don't
* edit this other than to update the year. This is just a copy/paste
* source. Replace $LASTSTABLE with the last stable version, and $NEWVERSION

View File

@ -185,6 +185,91 @@ _ostree_gpg_verifier_import_keys (OstreeGpgVerifier *self,
return ret;
}
gboolean
_ostree_gpg_verifier_list_keys (OstreeGpgVerifier *self,
const char * const *key_ids,
GPtrArray **out_keys,
GCancellable *cancellable,
GError **error)
{
GLNX_AUTO_PREFIX_ERROR("GPG", error);
g_auto(gpgme_ctx_t) context = NULL;
g_autoptr(GOutputStream) pubring_stream = NULL;
g_autofree char *tmp_dir = NULL;
g_autoptr(GPtrArray) keys = NULL;
gpgme_error_t gpg_error = 0;
gboolean ret = FALSE;
if (g_cancellable_set_error_if_cancelled (cancellable, error))
goto out;
context = ot_gpgme_new_ctx (NULL, error);
if (context == NULL)
goto out;
if (!ot_gpgme_ctx_tmp_home_dir (context, &tmp_dir, &pubring_stream,
cancellable, error))
goto out;
if (!_ostree_gpg_verifier_import_keys (self, context, pubring_stream,
cancellable, error))
goto out;
keys = g_ptr_array_new_with_free_func ((GDestroyNotify) gpgme_key_unref);
if (key_ids != NULL)
{
for (guint i = 0; key_ids[i] != NULL; i++)
{
gpgme_key_t key = NULL;
gpg_error = gpgme_get_key (context, key_ids[i], &key, 0);
if (gpg_error != GPG_ERR_NO_ERROR)
{
ot_gpgme_throw (gpg_error, error, "Unable to find key \"%s\"",
key_ids[i]);
goto out;
}
/* Transfer ownership. */
g_ptr_array_add (keys, key);
}
}
else
{
gpg_error = gpgme_op_keylist_start (context, NULL, 0);
while (gpg_error == GPG_ERR_NO_ERROR)
{
gpgme_key_t key = NULL;
gpg_error = gpgme_op_keylist_next (context, &key);
if (gpg_error != GPG_ERR_NO_ERROR)
break;
/* Transfer ownership. */
g_ptr_array_add (keys, key);
}
if (gpgme_err_code (gpg_error) != GPG_ERR_EOF)
{
ot_gpgme_throw (gpg_error, error, "Unable to list keys");
goto out;
}
}
if (out_keys != NULL)
*out_keys = g_steal_pointer (&keys);
ret = TRUE;
out:
if (tmp_dir != NULL) {
ot_gpgme_kill_agent (tmp_dir);
(void) glnx_shutil_rm_rf_at (AT_FDCWD, tmp_dir, NULL, NULL);
}
return ret;
}
OstreeGpgVerifyResult *
_ostree_gpg_verifier_check_signature (OstreeGpgVerifier *self,
GBytes *signed_data,

View File

@ -51,6 +51,12 @@ OstreeGpgVerifyResult *_ostree_gpg_verifier_check_signature (OstreeGpgVerifier *
GCancellable *cancellable,
GError **error);
gboolean _ostree_gpg_verifier_list_keys (OstreeGpgVerifier *self,
const char * const *key_ids,
GPtrArray **out_keys,
GCancellable *cancellable,
GError **error);
gboolean _ostree_gpg_verifier_add_keyring_dir (OstreeGpgVerifier *self,
GFile *path,
GCancellable *cancellable,

View File

@ -2353,6 +2353,130 @@ out:
#endif /* OSTREE_DISABLE_GPGME */
}
static gboolean
_ostree_repo_gpg_prepare_verifier (OstreeRepo *self,
const gchar *remote_name,
GFile *keyringdir,
GFile *extra_keyring,
gboolean add_global_keyrings,
OstreeGpgVerifier **out_verifier,
GCancellable *cancellable,
GError **error);
/**
* ostree_repo_remote_get_gpg_keys:
* @self: an #OstreeRepo
* @name (nullable): name of the remote or %NULL
* @key_ids: (array zero-terminated=1) (element-type utf8) (nullable):
* a %NULL-terminated array of GPG key IDs to include, or %NULL
* @out_keys: (out) (optional) (element-type GVariant) (transfer container):
* return location for a #GPtrArray of the remote's trusted GPG keys, or
* %NULL
* @cancellable: (nullable): a #GCancellable, or %NULL
* @error: return location for a #GError, or %NULL
*
* Enumerate the trusted GPG keys for the remote @name. If @name is
* %NULL, the global GPG keys will be returned. The keys will be
* returned in the @out_keys #GPtrArray. Each element in the array is a
* #GVariant of format %OSTREE_GPG_KEY_GVARIANT_FORMAT. The @key_ids
* array can be used to limit which keys are included. If @key_ids is
* %NULL, then all keys are included.
*
* Returns: %TRUE if the GPG keys could be enumerated, %FALSE otherwise
*
* Since: 2021.4
*/
gboolean
ostree_repo_remote_get_gpg_keys (OstreeRepo *self,
const char *name,
const char * const *key_ids,
GPtrArray **out_keys,
GCancellable *cancellable,
GError **error)
{
#ifndef OSTREE_DISABLE_GPGME
g_autoptr(OstreeGpgVerifier) verifier = NULL;
gboolean global_keyrings = (name == NULL);
if (!_ostree_repo_gpg_prepare_verifier (self, name, NULL, NULL, global_keyrings,
&verifier, cancellable, error))
return FALSE;
g_autoptr(GPtrArray) gpg_keys = NULL;
if (!_ostree_gpg_verifier_list_keys (verifier, key_ids, &gpg_keys,
cancellable, error))
return FALSE;
g_autoptr(GPtrArray) keys =
g_ptr_array_new_with_free_func ((GDestroyNotify) g_variant_unref);
for (guint i = 0; i < gpg_keys->len; i++)
{
gpgme_key_t key = gpg_keys->pdata[i];
g_auto(GVariantBuilder) subkeys_builder = OT_VARIANT_BUILDER_INITIALIZER;
g_variant_builder_init (&subkeys_builder, G_VARIANT_TYPE ("a(a{sv})"));
g_auto(GVariantBuilder) uids_builder = OT_VARIANT_BUILDER_INITIALIZER;
g_variant_builder_init (&uids_builder, G_VARIANT_TYPE ("a(a{sv})"));
for (gpgme_subkey_t subkey = key->subkeys; subkey != NULL;
subkey = subkey->next)
{
g_auto(GVariantDict) subkey_dict = OT_VARIANT_BUILDER_INITIALIZER;
g_variant_dict_init (&subkey_dict, NULL);
g_variant_dict_insert_value (&subkey_dict, "fingerprint",
g_variant_new_string (subkey->fpr));
g_variant_dict_insert_value (&subkey_dict, "created",
g_variant_new_int64 (GINT64_TO_BE (subkey->timestamp)));
g_variant_dict_insert_value (&subkey_dict, "expires",
g_variant_new_int64 (GINT64_TO_BE (subkey->expires)));
g_variant_dict_insert_value (&subkey_dict, "revoked",
g_variant_new_boolean (subkey->revoked));
g_variant_dict_insert_value (&subkey_dict, "expired",
g_variant_new_boolean (subkey->expired));
g_variant_dict_insert_value (&subkey_dict, "invalid",
g_variant_new_boolean (subkey->invalid));
g_variant_builder_add (&subkeys_builder, "(@a{sv})",
g_variant_dict_end (&subkey_dict));
}
for (gpgme_user_id_t uid = key->uids; uid != NULL; uid = uid->next)
{
g_auto(GVariantDict) uid_dict = OT_VARIANT_BUILDER_INITIALIZER;
g_variant_dict_init (&uid_dict, NULL);
g_variant_dict_insert_value (&uid_dict, "uid",
g_variant_new_string (uid->uid));
g_variant_dict_insert_value (&uid_dict, "name",
g_variant_new_string (uid->name));
g_variant_dict_insert_value (&uid_dict, "comment",
g_variant_new_string (uid->comment));
g_variant_dict_insert_value (&uid_dict, "email",
g_variant_new_string (uid->email));
g_variant_dict_insert_value (&uid_dict, "revoked",
g_variant_new_boolean (uid->revoked));
g_variant_dict_insert_value (&uid_dict, "invalid",
g_variant_new_boolean (uid->invalid));
g_variant_builder_add (&uids_builder, "(@a{sv})",
g_variant_dict_end (&uid_dict));
}
/* Currently empty */
g_auto(GVariantDict) metadata_dict = OT_VARIANT_BUILDER_INITIALIZER;
g_variant_dict_init (&metadata_dict, NULL);
GVariant *key_variant = g_variant_new ("(@a(a{sv})@a(a{sv})@a{sv})",
g_variant_builder_end (&subkeys_builder),
g_variant_builder_end (&uids_builder),
g_variant_dict_end (&metadata_dict));
g_ptr_array_add (keys, g_variant_ref_sink (key_variant));
}
if (out_keys)
*out_keys = g_steal_pointer (&keys);
return TRUE;
#else /* OSTREE_DISABLE_GPGME */
return glnx_throw (error, "GPG feature is disabled in a build time");
#endif /* OSTREE_DISABLE_GPGME */
}
/**
* ostree_repo_remote_fetch_summary:
* @self: Self

View File

@ -1425,6 +1425,46 @@ gboolean ostree_repo_remote_get_gpg_verify_summary (OstreeRepo *self,
const char *name,
gboolean *out_gpg_verify_summary,
GError **error);
/**
* OSTREE_GPG_KEY_GVARIANT_FORMAT:
*
* - a(a{sv}) - Array of subkeys. Each a{sv} dictionary represents a
* subkey. The primary key is the first subkey. The following keys are
* currently recognized:
* - key: `fingerprint`, value: `s`, key fingerprint hexadecimal string
* - key: `created`, value: `x`, key creation timestamp (seconds since
* the Unix epoch in UTC, big-endian)
* - key: `expires`, value: `x`, key expiration timestamp (seconds since
* the Unix epoch in UTC, big-endian). If this value is 0, the key does
* not expire.
* - key: `revoked`, value: `b`, whether key is revoked
* - key: `expired`, value: `b`, whether key is expired
* - key: `invalid`, value: `b`, whether key is invalid
* - a(a{sv}) - Array of user IDs. Each a{sv} dictionary represents a
* user ID. The following keys are currently recognized:
* - key: `uid`, value: `s`, full user ID (name, email and comment)
* - key: `name`, value: `s`, user ID name component
* - key: `comment`, value: `s`, user ID comment component
* - key: `email`, value: `s`, user ID email component
* - key: `revoked`, value: `b`, whether user ID is revoked
* - key: `invalid`, value: `b`, whether user ID is invalid
* - a{sv} - Additional metadata dictionary. There are currently no
* additional metadata keys defined.
*
* Since: 2021.4
*/
#define OSTREE_GPG_KEY_GVARIANT_STRING "(a(a{sv})a(a{sv})a{sv})"
#define OSTREE_GPG_KEY_GVARIANT_FORMAT G_VARIANT_TYPE (OSTREE_GPG_KEY_GVARIANT_STRING)
_OSTREE_PUBLIC
gboolean ostree_repo_remote_get_gpg_keys (OstreeRepo *self,
const char *name,
const char * const *key_ids,
GPtrArray **out_keys,
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_repo_remote_gpg_import (OstreeRepo *self,
const char *name,