You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi!
I wanted to try composefs with the verification of the userspace by ostree-prepare-root, however I am not able to pass the ed25519 key to ostree sign .
I've generated the key using openssl genpkey -algorithm ed25519 -out private.key
and took only the base64-encoded part, and tried to pass it using both --keys-file and <KEY-ID> arguments to ostree sign. In either way, I get:
While inspecting the code, I found that the outputs of validate_lenghtfunction are probably swapped, but also that the comments suggest that the API accepts also keys in binary format. So I've tried OpenSSL key in DER format, getting output:
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi!
I wanted to try composefs with the verification of the userspace by
ostree-prepare-root, however I am not able to pass the ed25519 key toostree sign.I've generated the key using
openssl genpkey -algorithm ed25519 -out private.keyand took only the base64-encoded part, and tried to pass it using both
--keys-fileand<KEY-ID>arguments toostree sign. In either way, I get:While inspecting the code, I found that the outputs of
validate_lenghtfunction are probably swapped, but also that the comments suggest that the API accepts also keys in binary format. So I've tried OpenSSL key in DER format, getting output:Could you please take a look? 😅 I'm using latest Fedora Kinoite 41, the output of
ostree --version:Resources I've been following:
https://ostreedev.github.io/ostree/composefs/
https://blogs.gnome.org/alexl/2024/01/15/testing-composefs-in-silverblue/
#2867
Beta Was this translation helpful? Give feedback.
All reactions