Commit 48b58d9
Jussi Kukkonen
Metadata API: Don't peek into Key internals
There was an attempt at ensuring key content uniqueness in
verify_delegate() by making sure the values corresponding to "public"
keys in Key.keyval dictionaries are unique. This had two issues:
* it wasn't a security measure: it's not difficult to produce two
different "public" values of the same key content
* Spec does not actually guarantee the existence of "public" key in
the keyval dictionary (the three keys included in the spec just all
happen to have it)
Luckily the spec does require KEYIDs to be unique so we do not need to
do all this: Just count keyids of keys with verified signatures. Keep
building a Set of keyids as a belt-and-suspenders strategy: Role keyids
are currently guaranteed to be unique but we'd notice here if they
weren't.
Add a logger call for failed verifys: this might useful to figure out
which keys exactly are the issue when a delegate can not be verified.
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>1 parent d00af4c commit 48b58d9
1 file changed
+5
-3
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
17 | 17 | | |
18 | 18 | | |
19 | 19 | | |
| 20 | + | |
20 | 21 | | |
21 | 22 | | |
22 | 23 | | |
| |||
49 | 50 | | |
50 | 51 | | |
51 | 52 | | |
| 53 | + | |
| 54 | + | |
52 | 55 | | |
53 | 56 | | |
54 | 57 | | |
| |||
309 | 312 | | |
310 | 313 | | |
311 | 314 | | |
312 | | - | |
313 | | - | |
| 315 | + | |
314 | 316 | | |
315 | | - | |
| 317 | + | |
316 | 318 | | |
317 | 319 | | |
318 | 320 | | |
| |||
0 commit comments