Commit Graph

1491 Commits (cute-signatures)

Author SHA1 Message Date
Aydin Mercan 4436222e90
crypto: make init more readable 2022-08-26 12:39:52 +03:00
Aydin Mercan 962eed50db
crypto/signature: remove domain seperators for now 2022-08-24 10:16:01 +03:00
Aydin Mercan b4089b97b1
crypto/signature: remove tables
State unions and operation lists aren't really useful here.
For example, if someone wanted to have cute-only signatures, we would
need to have stubs that return unsupported only.
2022-08-24 10:15:59 +03:00
Aydin Mercan 0d59807471
extract/v2: simply finding the signature type 2022-08-24 10:15:58 +03:00
Aydin Mercan 1c54a3fbb4
trust: add draft seperate public/secret loading
It isn't clear where secret keys will be located at but this should at
least allow for cleaner seperation in lists.
2022-08-24 10:15:56 +03:00
Aydin Mercan 5b020ec9ef
crypto/signature: introduce domain seperation
It might seem a bit like unnecessary bikeshedding but it shouldn't hurt
2022-08-24 10:15:54 +03:00
Aydin Mercan dea8ded23e
crypto/digest: simply state in oneshot calculation 2022-08-24 10:15:53 +03:00
Aydin Mercan 86da6dc599
apk: better messaging when crypto init fails 2022-08-24 10:15:46 +03:00
Aydin Mercan 0b7d6dfbf2
crypto: start seperating public/private key usage
Digests now use bearssl + libsodium instead of openssl + libsodium.
It fits better with the API looking more similar and I don't think it
will be that much of a bottleneck.

Instead of a apk_pkey that mimicks the EVP_PKEY semantics, have seperate
public and private key structures. However, apk is broken because of it
and needs fixing. The rest of the code might compile but won't work
as I haven't handled the cases where pkey corressponds to public/private
keys in codebase properly. Also, DSA signatures are removed.

Public and private keys impls' now use a static array of vtables
internally. The indicies correspond to the signature scheme version and
checking `< APK_*_MAX` should be enough? I tried to make so that higher
values correspond to more desirable constructs, this might come in handy.

Signing/verifying start is free from keys as it isn't used though it
might be brought back for domain seperated hashes, ability to get
timestamps involved with epheremal keys in the future etc.

`apk_crypto.h` is free from openssl includes although some headers still
use them for now.
2022-08-24 10:15:14 +03:00
Aydin Mercan 2727846361
crypto: start tinkering
Start working on "cute" signatures because why not? Cute signatures are
inspired/ripped of from the signify and minisign design:

Key (URL-Safe, padded base64):
- 2 bytes of version tag (specifies the algorithm)
- 16 bytes of key ID
- Public/Private key (size depending on the version tag)

Signature (raw):
- 2 bytes of version tag (specifies the algorithm)
- Signature depending (size depending on the version tag)

The new scheme uses libsodium and thus the work of
abstracting cryptographic operations from libcrypto should also be
completed. Also, since the key of the signature is provided in the
filename, there shouldn't be a need for ID

There is also the possibility of using epheremal keys for signatures and
sign the package's public key, signature and signing timestamp in the header
such as:

- 2 bytes of version tag
- signing timestamp
- epheremal public key used
- epheremal signature
- signature of the previous sections
2022-08-24 10:13:22 +03:00
Timo Teräs c21f61ddd8 db: fix change detection for symlinks
apk_fileinfo_get() special cases symlink digest calculation.
Convert apk_fsdir_ops.file_digest to .file_info to fix symlink
change detection.

fixes #10853
2022-08-17 21:13:40 +03:00
Felix Yan 1ababaa99d Correct a typo in Make.rules 2022-08-15 13:04:45 +00:00
Timo Teräs ff7c8f6ee9 fetch: implement --world
fixes #10838
2022-05-04 19:56:04 +03:00
Timo Teräs f8cf7a0a0d add: allow specifying a version for --virtual package
fixes #10835
2022-05-04 19:56:00 +03:00
Ariadne Conill 44994a46d4 portability: check for qsort_r which does not match POSIX-next definition
FreeBSD (and also Darwin) introduced its own qsort_r, which has different
semantics than the one slated for inclusion in POSIX.  Add a portability
thunk to deal with translating between implementations.

[TT: minor stylistic fixes]
2022-04-11 09:35:47 +03:00
Timo Teräs 191e2d412d io: move make_dirs as apk_make_dirs and use it 2022-04-05 10:53:52 +03:00
Timo Teräs 232067b3d1 db: fix atfd for access repository index
fixes #10834
2022-04-05 10:31:57 +03:00
Daniel Kolesa 55e20d3e5b mkpkg: use correct script counter when writing scripts to adb
Previously this would result in post-upgrade scripts not being
written at all.
2022-04-04 05:05:08 +00:00
Daniel Kolesa d06a99128f package: respect version fuzziness when creating dep from adb 2022-03-31 01:59:50 +02:00
Ariadne Conill feec480b34 keep APK_DEFAULT_ARCH as the define used in source code 2022-03-30 09:17:25 +00:00
Ariadne Conill 917698ec1d use arch_prefix for this feature instead 2022-03-30 09:17:25 +00:00
Ariadne Conill c29638cd81 use APK_DEFAULT_ABI_TAG everywhere APK_DEFAULT_ARCH was previously used 2022-03-30 09:17:25 +00:00
Ariadne Conill fee0587660 defines: introduce APK_DEFAULT_ABI_TAG
for most cases, this replaces APK_DEFAULT_ARCH.  if apk-tools is built without
a configured abi-tag, the ABI tag is equivalent to APK_DEFAULT_ARCH, providing
backwards compatibility with apk v2

the /etc/apk/arch configuration file is assumed to actually describe an ABI
2022-03-30 09:17:25 +00:00
Ariadne Conill 8051d458c6 meson: support definition of a custom abi tag
this is intended to allow for distributions to have alternate streams, such as
glibc-x86_64 or darwin-aarch64
2022-03-30 09:17:25 +00:00
Timo Teräs bc2b5b69b7 db: make --no-cache disable the cache completely
Including using files found from the cache, or creating the cache
directories with --initdb.

Based on patch by Paul Spooren.
2022-03-29 10:01:34 +03:00
Timo Teräs d0821b6d42 pkg: recursive create exec dir
fixes #10825
2022-03-29 09:59:59 +03:00
Timo Teräs a0bfa074f8 mkndx: fix v3 package handling
remove incorrect intialization of the ctx->pkginfo

fixes commit 950972a5 "mkndx: fix index generation for v2 and v3 packages"
2022-03-21 15:25:12 +02:00
Daniel Kolesa 386cadd0d4 package: fix error message when script fails to execute
2022-03-21 12:10:54 +00:00
Timo Teräs 1d473e004c adb: use qsort_r 2022-03-21 14:09:06 +02:00
Timo Teräs 925b435faf portability: add qsort_r 2022-03-21 14:09:06 +02:00
Timo Teräs c6b9297bcb mkndx, adb: fix index searching
Additioal logic is needed to search objects on array: the object
comparer needs separate modes to match index, template or exact
object template. This should fix mkndx to be able to use old index.

fixes #10828
2022-03-21 14:09:06 +02:00
Timo Teräs 950972a56b mkndx: fix index generation for v2 and v3 packages
For v2 packages, the identity was never set.
For v3 packages, the file size was never set.

This fixes both issues.
2022-03-21 14:09:06 +02:00
Daniel Kolesa 9d6c96324a portability, fetch: drop static_deps dependencies
This is not actually needed, and it results in both static and
shared versions of zlib and openssl linked into libapk otherwise,
which is bad.
2022-03-07 13:04:05 +01:00
Daniel Kolesa c5d9aaa1ee adb: fix handling of conflicts
Ensure not to mask away previously set APK_VERSION_CONFLICT when

When deserializing, make sure to actually write out the conflict
flag when no version part is set.

When creating apk_dependency, ensure to set the conflict bit
correctly and mask it off result_mask.

2022-03-07 08:26:07 +00:00
Timo Teräs fa913aba4b test: fix tests by setting sane active_layers without state
finally fixes #10821
2022-03-07 10:15:06 +02:00
Daniel Kolesa 1be55db3d0 db: fix APK_OPENF_NO_STATE check
fixes #10821
2022-03-06 18:28:10 +02:00
Timo Teräs 296647e3f9 mkpkg: use -I for --info
-i is already global option

fixes #10822
2022-03-06 16:18:11 +02:00
Timo Teräs b5da1ccf4c mkpkg: check apk_ostream_to_file/adb_compress error
fixes #10823
2022-03-06 16:15:53 +02:00
Timo Teräs 00e397d564 db: honor APK_OPENF_NO_STATE again
Do not call apk_db_read_layer() or try to process the layer
if APK_OPENF_NO_STATE is specified. It might fail because of
non-existing database directory. Based on patch by Daniel.

fixes commit 9e4dd29f "db: prepare database reading for layers"

Fixes #10821

Reported-and-analyzed-by: Daniel Kolesa <>
2022-03-06 16:07:42 +02:00
Timo Teräs 62bc43d2a4 pkg: use lib/apk/exec as the package script execution directory
var/cache is also reported to be mounted noexec on hardened
systems. Document some of the issues, and use lib/apk/exec
for the time being. Keep the scripts still in separate directory
from lib/apk so we can just delete directory if needed.

fixes #6591
2022-02-24 14:29:38 +02:00
Timo Teräs e4dc2373d6 solver: do not auto select virtual-only package with one provider
This reverts most of 0dcbd933 which allowed automatic selection
of package with a "virtual provides" having only one provider.
While convenient, it creates problems if multiple versions of the
same package exist, or if in future other providers would be added
to one of the repositories. This restore the original behaviour,
and improve the error message to tell the user to mention one of
the providers explicitly.

fixes #10810
2022-02-24 14:18:41 +02:00
Timo Teräs 86d75e10f5 db, uvol: commit regular files before uvol volumes
add priority to order fsdir commit sequence
2022-02-22 14:03:47 +02:00
Timo Teräs 3a194ea5d7 db: fix apkindex path generation
remove the left over apk_blob_push_fmt() call that corrupted uri and
trim the path end from trailing slashes to get original functionality.

fixes commit be4ce407 "support new index format without attaching arch"
2022-02-22 14:02:44 +02:00
Timo Teräs fedaa44546 io_gunzip: fix handling short reads near end-of-file
The gzip library can drain all of the input to internal buffers
and still keep providing data even if avail_in is zero. Previously
it was assumed that avail_in != 0 if there is still data expected out,
but this logic breaks near end-of-file for multiple short reads.

Adjust logic to not process end-of-file event too early.

fixes #10809
2022-02-21 12:36:46 +02:00
Timo Teräs 17f22530a5 fs_fsys: ignore mkdir EEXIST
Be happy if the directory already exists.
2022-02-21 12:10:52 +02:00
ptrcnull b576f08284 tar: allow for space as numeric field terminator 2022-02-21 08:26:20 +00:00
Timo Teräs 3ad4d6bed1 solver: require package layer to be enabled for install 2022-02-21 10:24:05 +02:00
Timo Teräs 21519221c2 adb: add layer to pkginfo 2022-02-21 10:24:05 +02:00
Timo Teräs f69ae30272 db: sort world dependencies to layers 2022-02-21 10:24:05 +02:00
Timo Teräs 9089edcc44 db: prepare database writing for layers 2022-02-21 10:24:05 +02:00