-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add GPGKey and use with GPGSigner #488
Commits on Mar 6, 2023
-
signer: add GPGKey and use with GPGSigner
GPGKey is a regular Key with additional GnuPG specific key fields, and verification method. It also has conversion helpers to translate from and to a non-in-toto/tuf-spec compliant key format, which is still used by the underlying securesystemslib.gpg subpackage. GPGSigner is updated to: - take a GPGKey as constructor argument, and implement - `from_priv_key_uri`, to load signer from `"gnupg:[<GnuPG homedir>][?id=<keyid>]"` - `import_`, to import a public key from a GnuPG keyring and return it along with a uri to create the signer. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 688d7a8 - Browse repository at this point
Copy the full SHA 688d7a8View commit details -
signer: fix GPGSigner test after rebase
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 71b8e27 - Browse repository at this point
Copy the full SHA 71b8e27View commit details -
signer: address GPGSigner review comments
- add expected exception to verify method - warn on passed secrets handler, don't raise Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 6f3ed0d - Browse repository at this point
Copy the full SHA 6f3ed0dView commit details -
signer: remove unused secrets handler warning
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 831811d - Browse repository at this point
Copy the full SHA 831811dView commit details -
signer: remove keyid attribute from GPGSigner
The keyid is redundant with the keyid of the attached public key instance. Same goes for the keyid parameter in the related private key uri, which can also be read from the public key instance passed to the from_priv_key_uri method. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 61ddeb7 - Browse repository at this point
Copy the full SHA 61ddeb7View commit details -
signer: fix gpg key serialization bug
Include unrecognized fields in GPGKey.to_dict. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 68aff11 - Browse repository at this point
Copy the full SHA 68aff11View commit details -
signer: add missing type hint in gpg signer method
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for e36b46c - Browse repository at this point
Copy the full SHA e36b46cView commit details -
signer: improve and add tests for gpg signer
New tests for: - `sign` and `import_` failure but successful verification, if 'gpg' is not available. - verification failure, if 'cryptography' is not available. - key de/serialization (also legacy format) and comparison (__eq__) - expected failures on `from_priv_key` and `verify_signature` Improvements: - remove obsolete `assertFalse` in `with self.assertRaises` block - condense tests in `test_gpg_functions` (use DDT instead of copy-paste) Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 7528f35 - Browse repository at this point
Copy the full SHA 7528f35View commit details -
signer: assert keyid match GPGSigner import_, sign
Supporting subkeys in a GPGKey and considering them for verification adds, for no benefit, a PKI hierarchy to tuf/in-toto, which already have their own PKI hierarchies. In addition it makes the verification (and delegation) code more complex and error prone. This commit drops subkey support, by the following two changes: - import_: require exact match between passed keyid, and one of the keys in the bundle returned by gpg, and return a GPGKey only for that key, w/o subkeys - sign: require exact match between keyid on attached public key and keyid on the signature returned by gpg Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 0deab05 - Browse repository at this point
Copy the full SHA 0deab05View commit details -
signer: remove redundant gpg default key test
GPGSigner does not support signing with a default key (unlike the lower level securesystemslib gpg signing function), thus the test is redundant with the non-default key test. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 6244616 - Browse repository at this point
Copy the full SHA 6244616View commit details -
signer: remove obsolete fields from GPGKey
- creation_time + validity_period: key validity should be determined by the metadata expiration time alone, and not by an additional signer-specific key expiration, which is prone to be out of sync (we don't use gpg for verification) - subkeys: dropped support in a previous commit - hashes: static for currently supported schemes. If other hash algorithms are needed, they should be encoded it in the scheme string. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for 0527b7c - Browse repository at this point
Copy the full SHA 0527b7cView commit details -
signer: move legacy gpg key conversion methods
These methods are ugly no matter where they are implemented. I move them to the signer to keep them together with the legacy signature format conversion methods. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for e281947 - Browse repository at this point
Copy the full SHA e281947View commit details -
gpg: change warning log statement to debug
Change warning type log statement about exported subkeys to debug. This is no longer relevant for GPGSigner.import_, which don't return key bundles to the user, but only a key or a subkey. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Configuration menu - View commit details
-
Copy full SHA for cc14e51 - Browse repository at this point
Copy the full SHA cc14e51View commit details