diff options
author | Denis Pynkin <denis.pynkin@collabora.com> | 2019-08-09 22:07:57 +0300 |
---|---|---|
committer | Denis Pynkin <denis.pynkin@collabora.com> | 2020-03-25 15:23:54 +0300 |
commit | 2303202c86c96768abb42728b2e5b2090b9d0198 (patch) | |
tree | b9196cbce2b60230729f7ed30ec9217fc1d64db0 /tests/test-signed-commit.sh | |
parent | 9e8f0f4ca0350cd43c202fe25b99900450e53406 (diff) | |
download | ostree-2303202c86c96768abb42728b2e5b2090b9d0198.tar.gz |
sign: API changes for public keys and CLI keys format
API changes:
- added function `ostree_sign_add_pk()` for multiple public keys using.
- `ostree_sign_set_pk()` now substitutes all previously added keys.
- added function `ostree_sign_load_pk()` allowed to load keys from file.
- `ostree_sign_ed25519_load_pk()` able to load the raw keys list from file.
- use base64 encoded public and private ed25519 keys for CLI and keys file.
Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
Diffstat (limited to 'tests/test-signed-commit.sh')
-rwxr-xr-x | tests/test-signed-commit.sh | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/tests/test-signed-commit.sh b/tests/test-signed-commit.sh index 08993c60..55945f8a 100755 --- a/tests/test-signed-commit.sh +++ b/tests/test-signed-commit.sh @@ -60,16 +60,16 @@ openssl genpkey -algorithm ed25519 -outform PEM -out "${PEMFILE}" if has_libsodium; then # Based on: http://openssl.6102.n7.nabble.com/ed25519-key-generation-td73907.html # Extract the private and public parts from generated key. - PUBLIC="$(openssl pkey -outform DER -pubout -in ${PEMFILE} | hexdump -s 12 -e '16/1 "%.2x"')" - SEED="$(openssl pkey -outform DER -in ${PEMFILE} | hexdump -s 16 -e '16/1 "%.2x"')" + PUBLIC="$(openssl pkey -outform DER -pubout -in ${PEMFILE} | tail -c 32 | base64)" + SEED="$(openssl pkey -outform DER -in ${PEMFILE} | tail -c 32 | base64)" # Secret key is concantination of SEED and PUBLIC - SECRET="${SEED}${PUBLIC}" + SECRET="$(echo ${SEED}${PUBLIC} | base64 -d | base64 -w 0)" echo "SEED = $SEED" echo "PUBLIC = $PUBLIC" echo "Signed commit with ed25519: ${SECRET}" >> file.txt - ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo commit -b main -s "Signed with ed25519 module" --sign=${SECRET} --sign-type=ed25519 + ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo commit -b main -s "Signed with ed25519 module" --sign="${SECRET}" --sign-type=ed25519 COMMIT="$(ostree --repo=${test_tmpdir}/repo rev-parse main)" # Ensure that detached metadata contain signature |