lib/sign: initial implementation

Added the initial version of signing interface allowing to allowing to
sign and verify commits.
Implemented initial signing modules:
 - dummy -- simple module allowing to sign/verify with ASCII string
 - ed25519 -- module allowing to sign/verify commit with ed25519
   (EdDSA) signature scheme provided by libsodium library.

Signed-off-by: Denis Pynkin <[email protected]>

Makefile-libostree-defines.am

@@ -46,6 +46,8 @@ libostree_public_headers = \
 	src/libostree/ostree-repo-finder-mount.h \
 	src/libostree/ostree-repo-finder-override.h \
 	src/libostree/ostree-kernel-args.h \
+	src/libostree/ostree-sign.h \
+	src/libostree/ostree-sign-ed25519.h \
 	$(NULL)
 
 # This one is generated via configure.ac, and the gtk-doc

Makefile-libostree.am

@@ -262,6 +262,20 @@ libostree_1_la_CFLAGS += $(OT_DEP_SELINUX_CFLAGS)
 libostree_1_la_LIBADD += $(OT_DEP_SELINUX_LIBS)
 endif
 
+libostree_1_la_SOURCES += \
+	src/libostree/ostree-sign.c \
+	src/libostree/ostree-sign.h \
+	src/libostree/ostree-sign-dummy.c \
+	src/libostree/ostree-sign-dummy.h \
+	src/libostree/ostree-sign-ed25519.c \
+	src/libostree/ostree-sign-ed25519.h \
+	$(NULL)
+
+if USE_LIBSODIUM
+libostree_1_la_CFLAGS += $(OT_DEP_LIBSODIUM_CFLAGS)
+libostree_1_la_LIBADD += $(OT_DEP_LIBSODIUM_LIBS)
+endif # USE_LIBSODIUM
+
 # XXX: work around clang being passed -fstack-clash-protection which it doesn't understand
 # See: https://bugzilla.redhat.com/show_bug.cgi?id=1672012
 INTROSPECTION_SCANNER_ENV = CC=gcc

Makefile-ostree.am

@@ -112,11 +112,6 @@ ostree_SOURCES += \
 	$(NULL)
 endif
 
-if USE_LIBSODIUM
-ostree_CFLAGS += $(OT_DEP_LIBSODIUM_CFLAGS)
-ostree_LDADD += $(OT_DEP_LIBSODIUM_LIBS)
-endif # USE_LIBSODIUM
-
 if USE_CURL_OR_SOUP
 ostree_SOURCES += src/ostree/ot-remote-builtin-add-cookie.c \
   src/ostree/ot-remote-builtin-delete-cookie.c \
@@ -166,3 +161,8 @@ if USE_LIBARCHIVE
 ostree_CFLAGS += $(OT_DEP_LIBARCHIVE_CFLAGS)
 ostree_LDADD += $(OT_DEP_LIBARCHIVE_LIBS)
 endif
+
+if USE_LIBSODIUM
+ostree_CFLAGS += $(OT_DEP_LIBSODIUM_CFLAGS)
+ostree_LDADD += $(OT_DEP_LIBSODIUM_LIBS)
+endif # USE_LIBSODIUM

apidoc/ostree-sections.txt

@@ -705,3 +705,26 @@ ostree_kernel_args_from_string
 ostree_kernel_args_to_strv
 ostree_kernel_args_to_string
 </SECTION>
+
+<SECTION>
+<FILE>ostree-sign</FILE>
+OstreeSign
+OstreeSignDummy
+OstreeSignEd25519
+ostree_sign_list_names
+ostree_sign_commit
+ostree_sign_commit_verify
+ostree_sign_data
+ostree_sign_get_by_name
+ostree_sign_get_name
+ostree_sign_detached_metadata_append
+ostree_sign_metadata_verify
+ostree_sign_load_pk
+ostree_sign_set_pk
+ostree_sign_set_sk
+ostree_sign_ed25519_keypair_generate
+<SUBSECTION Standard>
+ostree_sign_get_type
+ostree_sign_dummy_get_type
+ostree_sign_ed25519_get_type
+</SECTION>

src/libostree/libostree-devel.sym

@@ -21,6 +21,22 @@
 LIBOSTREE_2020.2 {
 global:
   ostree_repo_commit_modifier_set_sepolicy_from_commit;
+  someostree_symbol_deleteme;
+  ostree_sign_get_type;
+  ostree_sign_list_names;
+  ostree_sign_commit;
+  ostree_sign_commit_verify;
+  ostree_sign_data;
+  ostree_sign_get_by_name;
+  ostree_sign_get_name;
+  ostree_sign_detached_metadata_append;
+  ostree_sign_metadata_verify;
+  ostree_sign_load_pk;
+  ostree_sign_set_pk;
+  ostree_sign_set_sk;
+  ostree_sign_dummy_get_type;
+  ostree_sign_ed25519_get_type;
+  ostree_sign_ed25519_keypair_generate;
 } LIBOSTREE_2020.1;
 
 /* Stub section for the stable release *after* this development one; don't

src/libostree/ostree-sign-dummy.c

@@ -0,0 +1,181 @@
+/* vim:set et sw=2 cin cino=t0,f0,(0,{s,>2s,n-s,^-s,e2s: */
+
+/*
+ * Copyright © 2019 Collabora Ltd.
+ *
+ * SPDX-License-Identifier: LGPL-2.0+
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ */
+
+#include "config.h"
+
+#include "ostree-sign-dummy.h"
+#include <string.h>
+
+#define OSTREE_SIGN_DUMMY_NAME "dummy"
+
+#define OSTREE_SIGN_METADATA_DUMMY_KEY "ostree.sign.dummy"
+#define OSTREE_SIGN_METADATA_DUMMY_TYPE "aay"
+
+#define OSTREE_SIGN_DUMMY_SIGNATURE "dummysign"
+
+struct _OstreeSignDummy
+{
+  GObject parent;
+  gchar *signature_ascii;
+};
+
+static void
+ostree_sign_dummy_iface_init (OstreeSignInterface *self);
+
+G_DEFINE_TYPE_WITH_CODE (OstreeSignDummy, ostree_sign_dummy, G_TYPE_OBJECT,
+        G_IMPLEMENT_INTERFACE (OSTREE_TYPE_SIGN, ostree_sign_dummy_iface_init));
+
+static void
+ostree_sign_dummy_iface_init (OstreeSignInterface *self)
+{
+  g_debug ("%s enter", __FUNCTION__);
+
+  self->data = ostree_sign_dummy_data;
+  self->get_name = ostree_sign_dummy_get_name;
+  self->metadata_key = ostree_sign_dummy_metadata_key;
+  self->metadata_format = ostree_sign_dummy_metadata_format;
+  self->metadata_verify = ostree_sign_dummy_metadata_verify;
+  self->set_sk = ostree_sign_dummy_set_signature;
+  self->set_pk = ostree_sign_dummy_set_signature;
+}
+
+static void
+ostree_sign_dummy_class_init (OstreeSignDummyClass *self)
+{
+  g_debug ("%s enter", __FUNCTION__);
+  GObjectClass *object_class = G_OBJECT_CLASS(self);
+}
+
+static void
+ostree_sign_dummy_init (OstreeSignDummy *self)
+{
+  g_debug ("%s enter", __FUNCTION__);
+
+  self->signature_ascii = g_strdup(OSTREE_SIGN_DUMMY_SIGNATURE);
+}
+
+gboolean ostree_sign_dummy_set_signature (OstreeSign *self, GVariant *key, GError **error)
+{
+  g_debug ("%s enter", __FUNCTION__);
+
+  OstreeSignDummy *sign =  ostree_sign_dummy_get_instance_private(OSTREE_SIGN_DUMMY(self));
+
+  if (sign->signature_ascii != NULL)
+    g_free(sign->signature_ascii);
+
+  sign->signature_ascii = g_variant_dup_string (key, 0);
+
+  return TRUE;
+}
+
+gboolean ostree_sign_dummy_data (OstreeSign *self,
+                                 GBytes *data,
+                                 GBytes **signature,
+                                 GCancellable *cancellable,
+                                 GError **error)
+{
+
+  g_debug ("%s enter", __FUNCTION__);
+  g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
+
+  OstreeSignDummy *sign =  ostree_sign_dummy_get_instance_private(OSTREE_SIGN_DUMMY(self));
+
+  *signature = g_bytes_new (sign->signature_ascii, strlen(sign->signature_ascii));
+
+  return TRUE;
+}
+
+gchar * ostree_sign_dummy_get_name (OstreeSign *self)
+{
+  g_debug ("%s enter", __FUNCTION__);
+  g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
+
+  g_autofree gchar *name = g_strdup(OSTREE_SIGN_DUMMY_NAME);
+
+  return g_steal_pointer (&name);
+}
+
+gchar * ostree_sign_dummy_metadata_key (OstreeSign *self)
+{
+  g_debug ("%s enter", __FUNCTION__);
+
+  g_autofree gchar *key = g_strdup(OSTREE_SIGN_METADATA_DUMMY_KEY);
+  return g_steal_pointer (&key);
+}
+
+gchar * ostree_sign_dummy_metadata_format (OstreeSign *self)
+{
+  g_debug ("%s enter", __FUNCTION__);
+
+  g_autofree gchar *type = g_strdup(OSTREE_SIGN_METADATA_DUMMY_TYPE);
+  return g_steal_pointer (&type);
+}
+
+gboolean ostree_sign_dummy_metadata_verify (OstreeSign *self,
+                                            GBytes     *data,
+                                            GVariant   *signatures,
+                                            GError     **error)
+{
+  g_debug ("%s enter", __FUNCTION__);
+  g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
+  g_return_val_if_fail (data != NULL, FALSE);
+
+  OstreeSignDummy *sign =  ostree_sign_dummy_get_instance_private(OSTREE_SIGN_DUMMY(self));
+
+  gboolean ret = FALSE;
+
+  if (signatures == NULL)
+    {
+      g_set_error_literal (error,
+                           G_IO_ERROR, G_IO_ERROR_FAILED,
+                           "signature: dummy: commit have no signatures of my type");
+      goto err;
+    }
+
+
+  if (!g_variant_is_of_type (signatures, (GVariantType *) OSTREE_SIGN_METADATA_DUMMY_TYPE))
+    {
+      g_set_error_literal (error,
+                           G_IO_ERROR, G_IO_ERROR_FAILED,
+                           "signature: dummy: wrong type passed for verification");
+      goto err;
+    }
+
+  for (gsize i = 0; i < g_variant_n_children(signatures); i++)
+    {
+      g_autoptr (GVariant) child = g_variant_get_child_value (signatures, i);
+      g_autoptr (GBytes) signature = g_variant_get_data_as_bytes(child);
+
+      gsize sign_size = 0;
+      g_bytes_get_data (signature, &sign_size);
+      g_autofree gchar *sign_ascii = g_strndup(g_bytes_get_data (signature, NULL), sign_size);
+      g_debug("Read signature %d: %s", (gint)i, sign_ascii);
+
+      if (!g_strcmp0(sign_ascii, sign->signature_ascii))
+          ret = TRUE;
+    }
+
+err:
+  return ret;
+}

src/libostree/ostree-sign-dummy.h

@@ -0,0 +1,63 @@
+/* vim:set et sw=2 cin cino=t0,f0,(0,{s,>2s,n-s,^-s,e2s: */
+
+/*
+ * Copyright © 2019 Collabora Ltd.
+ *
+ * SPDX-License-Identifier: LGPL-2.0+
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Authors:
+ *  - Denis Pynkin (d4s) <[email protected]>
+ */
+
+#pragma once
+
+#include "ostree-sign.h"
+
+G_BEGIN_DECLS
+
+#define OSTREE_TYPE_SIGN_DUMMY (ostree_sign_dummy_get_type ())
+
+_OSTREE_PUBLIC
+G_DECLARE_FINAL_TYPE (OstreeSignDummy,
+                      ostree_sign_dummy,
+                      OSTREE,
+                      SIGN_DUMMY,
+                      GObject)
+
+gchar * ostree_sign_dummy_get_name (OstreeSign *self);
+
+gboolean ostree_sign_dummy_data (OstreeSign *self,
+                                 GBytes *data,
+                                 GBytes **signature,
+                                 GCancellable *cancellable,
+                                 GError **error);
+
+gchar * ostree_sign_dummy_metadata_key (OstreeSign *self);
+gchar * ostree_sign_dummy_metadata_format (OstreeSign *self);
+
+gboolean ostree_sign_dummy_metadata_verify (OstreeSign *self,
+                                            GBytes     *data,
+                                            GVariant   *signatures,
+                                            GError     **error);
+
+gboolean ostree_sign_dummy_set_signature (OstreeSign *self, GVariant *key, GError **error);
+
+void ostree_sign_dummy_finalize (GObject *gobject);
+
+G_END_DECLS
+