lib/sign: add ostree_seign_clear_keys function

Add the function for implicit cleanup of all loaded keys. Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
2025-04-01 18:50:37 +03:00 · 2019-10-27 19:45:48 +00:00 · 2019-10-27 19:45:48 +00:00 · ceaf6d7f54
commit ceaf6d7f54
parent eb8e501ece
6 changed files with 55 additions and 7 deletions
--- a/apidoc/ostree-sections.txt
+++ b/apidoc/ostree-sections.txt
@ -719,6 +719,7 @@ ostree_sign_data_verify
 ostree_sign_get_by_name
 ostree_sign_get_name
 ostree_sign_add_pk
+ostree_sign_clear_keys
 ostree_sign_load_pk
 ostree_sign_set_pk
 ostree_sign_set_sk
--- a/src/libostree/libostree-devel.sym
+++ b/src/libostree/libostree-devel.sym
@ -30,6 +30,7 @@ global:
  ostree_sign_data_verify;
  ostree_sign_get_by_name;
  ostree_sign_get_name;
+  ostree_sign_clear_keys;
  ostree_sign_load_pk;
  ostree_sign_set_pk;
  ostree_sign_add_pk;
--- a/src/libostree/ostree-sign-ed25519.c
+++ b/src/libostree/ostree-sign-ed25519.c
@ -62,6 +62,7 @@ ostree_sign_ed25519_iface_init (OstreeSignInterface *self)
  self->get_name = ostree_sign_ed25519_get_name;
  self->metadata_key = ostree_sign_ed25519_metadata_key;
  self->metadata_format = ostree_sign_ed25519_metadata_format;
+  self->clear_keys = ostree_sign_ed25519_clear_keys;
  self->set_sk = ostree_sign_ed25519_set_sk;
  self->set_pk = ostree_sign_ed25519_set_pk;
  self->add_pk = ostree_sign_ed25519_add_pk;
@ -253,6 +254,36 @@ const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self)
  return OSTREE_SIGN_METADATA_ED25519_TYPE;
 }

+gboolean ostree_sign_ed25519_clear_keys (OstreeSign *self,
+                                         GError **error)
+{
+  g_debug ("%s enter", __FUNCTION__);
+  g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
+
+#ifdef HAVE_LIBSODIUM
+  OstreeSignEd25519 *sign = ostree_sign_ed25519_get_instance_private(OSTREE_SIGN_ED25519(self));
+
+  /* Clear secret key */
+  if (sign->secret_key != NULL)
+  {
+    memset (sign->secret_key, 0, crypto_sign_SECRETKEYBYTES);
+    g_free (sign->secret_key);
+    sign->secret_key = NULL;
+  }
+
+  /* Clear already loaded trusted keys */
+  if (sign->public_keys != NULL)
+    {
+      g_list_free_full (sign->public_keys, g_free);
+      sign->public_keys = NULL;
+    }
+
+  return TRUE;
+
+#endif /* HAVE_LIBSODIUM */
+  return FALSE;
+}
+
 /* Support 2 representations:
 * base64 ascii -- secret key is passed as string
 * raw key -- key is passed as bytes array
@ -267,7 +298,7 @@ gboolean ostree_sign_ed25519_set_sk (OstreeSign *self,
 #ifdef HAVE_LIBSODIUM
  OstreeSignEd25519 *sign = ostree_sign_ed25519_get_instance_private(OSTREE_SIGN_ED25519(self));

-  g_free (sign->secret_key);
+  ostree_sign_ed25519_clear_keys (self, error);

  gsize n_elements = 0;

@ -315,12 +346,7 @@ gboolean ostree_sign_ed25519_set_pk (OstreeSign *self,

  OstreeSignEd25519 *sign = ostree_sign_ed25519_get_instance_private(OSTREE_SIGN_ED25519(self));

-  /* Substitute the key(s) with a new one */
-  if (sign->public_keys != NULL)
-    {
-      g_list_free_full (sign->public_keys, g_free);
-      sign->public_keys = NULL;
-    }
+  ostree_sign_ed25519_clear_keys (self, error);

  return ostree_sign_ed25519_add_pk (self, public_key, error);
 }
--- a/src/libostree/ostree-sign-ed25519.h
+++ b/src/libostree/ostree-sign-ed25519.h
@ -55,6 +55,9 @@ const gchar * ostree_sign_ed25519_get_name (OstreeSign *self);
 const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self);
 const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self);

+gboolean ostree_sign_ed25519_clear_keys (OstreeSign *self,
+                                         GError **error);
+
 gboolean ostree_sign_ed25519_set_sk (OstreeSign *self,
                                     GVariant *secret_key,
                                     GError **error);
--- a/src/libostree/ostree-sign.c
+++ b/src/libostree/ostree-sign.c
@ -87,6 +87,17 @@ const gchar * ostree_sign_metadata_format (OstreeSign *self)
  return OSTREE_SIGN_GET_IFACE (self)->metadata_format (self);
 }

+gboolean ostree_sign_clear_keys (OstreeSign *self,
+                                 GError **error)
+{
+  g_debug ("%s enter", __FUNCTION__);
+
+  if (OSTREE_SIGN_GET_IFACE (self)->clear_keys == NULL)
+    return TRUE;
+
+  return OSTREE_SIGN_GET_IFACE (self)->clear_keys (self, error);
+}
+
 gboolean ostree_sign_set_sk (OstreeSign *self,
                             GVariant *secret_key,
                             GError **error)
--- a/src/libostree/ostree-sign.h
+++ b/src/libostree/ostree-sign.h
@ -59,6 +59,8 @@ struct _OstreeSignInterface
                            GError **error);
  const gchar *(* metadata_key) (OstreeSign *self);
  const gchar *(* metadata_format) (OstreeSign *self);
+  gboolean (* clear_keys) (OstreeSign *self,
+                           GError **error);
  gboolean (* set_sk) (OstreeSign *self,
                       GVariant *secret_key,
                       GError **error);
@ -109,6 +111,10 @@ gboolean ostree_sign_commit_verify (OstreeSign *self,
                                    GCancellable   *cancellable,
                                    GError         **error);

+_OSTREE_PUBLIC
+gboolean ostree_sign_clear_keys (OstreeSign *self,
+                                 GError **error);
+
 _OSTREE_PUBLIC
 gboolean ostree_sign_set_sk (OstreeSign *self,
                             GVariant *secret_key,