Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sign: Support x509 signature type #3278

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

sign: Support x509 signature type #3278

wants to merge 6 commits into from

Commits on Sep 11, 2024

  1. sign: Fix typo in error messages and comments 

    Signed-off-by: Daiki Ueno <dueno@redhat.com>
    @ueno
    ueno committed Sep 11, 2024
    Configuration menu
    Copy the full SHA
    334e0b0 View commit details
    Browse the repository at this point in the history

  2. sign: Use explicit_bzero to clear secret key material 

    Suggested in:
ostreedev#3278 (comment)

Signed-off-by: Daiki Ueno <dueno@redhat.com>
    @ueno
    ueno committed Sep 11, 2024
    Configuration menu
    Copy the full SHA
    62e5452 View commit details
    Browse the repository at this point in the history

  3. sign: Factor out logic to read key blobs 

    This defines a new interface OstreeBlobReader, which encapsulates the
key file parsing logic. This would make it easy to support custom file
formats such as PEM.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
    @ueno
    ueno committed Sep 11, 2024
    Configuration menu
    Copy the full SHA
    ef44e33 View commit details
    Browse the repository at this point in the history

Commits on Sep 12, 2024

  1. sign: Add PEM reading facility 

    This adds a new class OstreePemReader, which reads PEM blocks from an
input stream.  This would be useful for the "x509" signing backend, as
the keys are typically stored in the PEM format.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
    @ueno
    ueno committed Sep 12, 2024
    Configuration menu
    Copy the full SHA
    0fa1061 View commit details
    Browse the repository at this point in the history

  2. tests: Use tap_ok/tap_end in test-signed-commit.sh 

    Signed-off-by: Daiki Ueno <dueno@redhat.com>
    @ueno
    ueno committed Sep 12, 2024
    Configuration menu
    Copy the full SHA
    5583563 View commit details
    Browse the repository at this point in the history

Commits on Sep 17, 2024

  1. sign: Support spki signature type 

    The current "ed25519" signing type assumes raw Ed25519 key format for
both public and private keys. That requires custom processing of keys
after generated with openssl tools, and also lacks cryptographic
agility[1]; when Ed25519 becomes vulnerable, it would not be
straightforward to migrate to other algorithms, such as post-quantum
signature algorithms.

This patch adds a new signature type "spki" which uses the X.509
SubjectPublicKeyInfo format for public keys. Keys in this format can
easily be created with openssl tools and provide crypto agility as the
format embeds algorithm identifier.

Currently, the corresponding private keys shall be in the PKCS#8
format, while future extensions may support other format such as
opaque key handles on a hardware token.

The "spki" signature type prefers keys to be encoded in the PEM
format on disk, while it still accepts base64 encoded keys when given
through the command-line.

1. https://en.wikipedia.org/wiki/Cryptographic_agility

Signed-off-by: Daiki Ueno <dueno@redhat.com>
    @ueno
    ueno committed Sep 17, 2024
    Configuration menu
    Copy the full SHA
    e83eda0 View commit details
    Browse the repository at this point in the history