Skip to content

Commit

Permalink
sign: Support spki signature type
Browse files Browse the repository at this point in the history
The current "ed25519" signing type assumes raw Ed25519 key format for
both public and private keys. That requires custom processing of keys
after generated with openssl tools, and also lacks cryptographic
agility[1]; when Ed25519 becomes vulnerable, it would not be
straightforward to migrate to other algorithms, such as post-quantum
signature algorithms.

This patch adds a new signature type "spki" which uses the X.509
SubjectPublicKeyInfo format for public keys. Keys in this format can
easily be created with openssl tools and provide crypto agility as the
format embeds algorithm identifier.

Currently, the corresponding private keys shall be in the PKCS#8
format, while future extensions may support other format such as
opaque key handles on a hardware token.

The "spki" signature type prefers keys to be encoded in the PEM
format on disk, while it still accepts base64 encoded keys when given
through the command-line.

1. https://en.wikipedia.org/wiki/Cryptographic_agility

Signed-off-by: Daiki Ueno <dueno@redhat.com>
  • Loading branch information
ueno committed Sep 17, 2024
1 parent 5583563 commit e83eda0
Show file tree
Hide file tree
Showing 17 changed files with 1,128 additions and 61 deletions.
2 changes: 2 additions & 0 deletions Makefile-libostree.am
Original file line number Diff line number Diff line change
Expand Up @@ -261,6 +261,8 @@ libostree_1_la_SOURCES += \
src/libostree/ostree-sign-dummy.h \
src/libostree/ostree-sign-ed25519.c \
src/libostree/ostree-sign-ed25519.h \
src/libostree/ostree-sign-spki.c \
src/libostree/ostree-sign-spki.h \
src/libostree/ostree-sign-private.h \
src/libostree/ostree-blob-reader.c \
src/libostree/ostree-blob-reader.h \
Expand Down
1 change: 1 addition & 0 deletions Makefile-otcore.am
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ libotcore_la_SOURCES = \
src/libotcore/otcore.h \
src/libotcore/otcore-ed25519-verify.c \
src/libotcore/otcore-prepare-root.c \
src/libotcore/otcore-spki-verify.c \
$(NULL)

libotcore_la_CFLAGS = $(AM_CFLAGS) -I$(srcdir)/libglnx -I$(srcdir)/src/libotutil -DLOCALEDIR=\"$(datadir)/locale\" $(OT_INTERNAL_GIO_UNIX_CFLAGS) $(OT_INTERNAL_GPGME_CFLAGS) $(OT_DEP_CRYPTO_LIBS) $(LIBSYSTEMD_CFLAGS)
Expand Down
14 changes: 13 additions & 1 deletion Makefile-tests.am
Original file line number Diff line number Diff line change
Expand Up @@ -156,12 +156,24 @@ _installed_or_uninstalled_test_scripts = \
tests/test-summary-collections.sh \
tests/test-pull-collections.sh \
tests/test-config.sh \
tests/test-signed-commit.sh \
tests/test-signed-commit-dummy.sh \
tests/test-signed-pull.sh \
tests/test-pre-signed-pull.sh \
tests/test-signed-pull-summary.sh \
$(NULL)

if HAVE_ED25519
_installed_or_uninstalled_test_scripts += \
tests/test-signed-commit-ed25519.sh \
$(NULL)
endif

if HAVE_SPKI
_installed_or_uninstalled_test_scripts += \
tests/test-signed-commit-spki.sh \
$(NULL)
endif

if USE_GPGME
_installed_or_uninstalled_test_scripts += \
tests/test-remote-gpg-import.sh \
Expand Down
15 changes: 12 additions & 3 deletions configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -452,10 +452,19 @@ if test x$with_openssl != xno; then OSTREE_FEATURES="$OSTREE_FEATURES openssl";
AM_CONDITIONAL(USE_OPENSSL, test $with_openssl != no)
dnl end openssl

if test x$with_openssl != xno || test x$with_ed25519_libsodium != xno; then
AM_CONDITIONAL([HAVE_ED25519], [test x$with_openssl != xno || test x$with_ed25519_libsodium != xno])

AM_COND_IF([HAVE_ED25519], [
AC_DEFINE([HAVE_ED25519], 1, [Define if ed25519 is supported ])
OSTREE_FEATURES="$OSTREE_FEATURES sign-ed25519"
fi
])

AM_CONDITIONAL([HAVE_SPKI], [test x$with_openssl != xno])

AM_COND_IF([HAVE_SPKI], [
AC_DEFINE([HAVE_SPKI], 1, [Define if spki is supported ])
OSTREE_FEATURES="$OSTREE_FEATURES sign-spki"
])

dnl begin gnutls; in contrast to openssl this one only
dnl supports --with-crypto=gnutls
Expand Down Expand Up @@ -697,7 +706,7 @@ echo "
systemd: $with_libsystemd
libmount: $with_libmount
libsodium (ed25519 signatures): $with_ed25519_libsodium
openssl (ed25519 signatures): $with_openssl
openssl (ed25519 and spki signatures): $with_openssl
libarchive (parse tar files directly): $with_libarchive
static deltas: yes (always enabled now)
O_TMPFILE: $enable_otmpfile
Expand Down
7 changes: 4 additions & 3 deletions man/ostree-commit.xml
Original file line number Diff line number Diff line change
Expand Up @@ -312,7 +312,7 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
<term><option>-s, --sign-type</option></term>
<listitem><para>
Use particular signature engine. Currently
available <arg choice="plain">ed25519</arg> and <arg choice="plain">dummy</arg>
available <arg choice="plain">ed25519</arg>, <arg choice="plain">spki</arg>, and <arg choice="plain">dummy</arg>
signature types.

The default is <arg choice="plain">ed25519</arg>.
Expand All @@ -323,7 +323,8 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
<varlistentry>
<term><option>--sign-from-file</option>="PATH"</term>
<listitem><para>
This will read a key (corresponding to the provided <literal>--sign-type</literal> from the provided path. The key should be base64 encoded.
This will read a key (corresponding to the provided <literal>--sign-type</literal> from the provided path. The encoding of the key depends on
signature engine. For ed25519 the key should be base64 encoded, for spki it should be in PEM format, and for dummy it should be an ASCII-string.
</para></listitem>
</varlistentry>

Expand All @@ -337,7 +338,7 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
The <literal>KEY-ID</literal> is:
<variablelist>
<varlistentry>
<term><option>for ed25519:</option></term>
<term><option>for ed25519 and spki:</option></term>
<listitem><para>
<literal>base64</literal>-encoded secret key for commit signing.
</para></listitem>
Expand Down
28 changes: 15 additions & 13 deletions man/ostree-sign.xml
Original file line number Diff line number Diff line change
Expand Up @@ -64,26 +64,28 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
</para>

<para>
There are several "well-known" system places for `ed25519` trusted and revoked public keys -- expected single <literal>base64</literal>-encoded key per line.
For `ed25519` and `spki`, there are several "well-known" system places for trusted and revoked public keys as listed below.
</para>

<para>Files:
<itemizedlist>
<listitem><para><filename>/etc/ostree/trusted.ed25519</filename></para></listitem>
<listitem><para><filename>/etc/ostree/revoked.ed25519</filename></para></listitem>
<listitem><para><filename>/usr/share/ostree/trusted.ed25519</filename></para></listitem>
<listitem><para><filename>/usr/share/ostree/revoked.ed25519</filename></para></listitem>
<listitem><para><filename>/etc/ostree/trusted.<replaceable>SIGN-TYPE</replaceable></filename></para></listitem>
<listitem><para><filename>/etc/ostree/revoked.<replaceable>SIGN-TYPE</replaceable></filename></para></listitem>
<listitem><para><filename>/usr/share/ostree/trusted.<replaceable>SIGN-TYPE</replaceable></filename></para></listitem>
<listitem><para><filename>/usr/share/ostree/revoked.<replaceable>SIGN-TYPE</replaceable></filename></para></listitem>
</itemizedlist>
</para>

<para>Directories containing files with keys:
<itemizedlist>
<listitem><para><filename>/etc/ostree/trusted.ed25519.d</filename></para></listitem>
<listitem><para><filename>/etc/ostree/revoked.ed25519.d</filename></para></listitem>
<listitem><para><filename>/usr/share/ostree/trusted.ed25519.d</filename></para></listitem>
<listitem><para><filename>/usr/share/ostree/revoked.ed25519.d</filename></para></listitem>
<listitem><para><filename>/etc/ostree/trusted.<replaceable>SIGN-TYPE</replaceable>.d</filename></para></listitem>
<listitem><para><filename>/etc/ostree/revoked.<replaceable>SIGN-TYPE</replaceable>.d</filename></para></listitem>
<listitem><para><filename>/usr/share/ostree/trusted.<replaceable>SIGN-TYPE</replaceable>.d</filename></para></listitem>
<listitem><para><filename>/usr/share/ostree/revoked.<replaceable>SIGN-TYPE</replaceable>.d</filename></para></listitem>
</itemizedlist>
</para>

<para>The format of those files depends on the signature mechanism; for `ed25519`, keys are stored in the <literal>base64</literal> encoding per line, while for `spki` they are stored in the PEM "PUBLIC KEY" encoding.</para>
</refsect1>

<refsect1>
Expand All @@ -95,7 +97,7 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
<listitem><para>
<variablelist>
<varlistentry>
<term><option>for ed25519:</option></term>
<term><option>for ed25519 and spki:</option></term>
<listitem><para>
<literal>base64</literal>-encoded secret (for signing) or public key (for verifying).
</para></listitem>
Expand All @@ -120,7 +122,7 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
<term><option>-s, --sign-type</option></term>
<listitem><para>
Use particular signature mechanism. Currently
available <arg choice="plain">ed25519</arg> and <arg choice="plain">dummy</arg>
available <arg choice="plain">ed25519</arg>, <arg choice="plain">spki</arg>, and <arg choice="plain">dummy</arg>
signature types.

The default is <arg choice="plain">ed25519</arg>.
Expand All @@ -133,8 +135,8 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
</para></listitem>

<listitem><para>
Valid for <literal>ed25519</literal> signature type.
For <literal>ed25519</literal> this file must contain <literal>base64</literal>-encoded
Valid for <literal>ed25519</literal> and <literal>spki</literal> signature types.
This file must contain <literal>base64</literal>-encoded
secret key(s) (for signing) or public key(s) (for verifying) per line.
</para></listitem>
</varlistentry>
Expand Down
1 change: 1 addition & 0 deletions rust-bindings/sys/tests/constant.c
Original file line number Diff line number Diff line change
Expand Up @@ -157,6 +157,7 @@ main ()
PRINT_CONSTANT (OSTREE_SHA256_DIGEST_LEN);
PRINT_CONSTANT (OSTREE_SHA256_STRING_LEN);
PRINT_CONSTANT (OSTREE_SIGN_NAME_ED25519);
PRINT_CONSTANT (OSTREE_SIGN_NAME_SPKI);
PRINT_CONSTANT ((gint)OSTREE_STATIC_DELTA_GENERATE_OPT_LOWLATENCY);
PRINT_CONSTANT ((gint)OSTREE_STATIC_DELTA_GENERATE_OPT_MAJOR);
PRINT_CONSTANT ((gint)OSTREE_STATIC_DELTA_INDEX_FLAGS_NONE);
Expand Down
Loading

0 comments on commit e83eda0

Please sign in to comment.