Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Metadata API: Don't peek into Key internals
There was an attempt at ensuring key content uniqueness in verify_delegate() by making sure the values corresponding to "public" keys in Key.keyval dictionaries are unique. This had two issues: * it wasn't a security measure: it's not difficult to produce two different "public" values of the same key content * Spec does not actually guarantee the existence of "public" key in the keyval dictionary (the three keys included in the spec just all happen to have it) Luckily the spec does require KEYIDs to be unique so we do not need to do all this: Just count keyids of keys with verified signatures. Keep building a Set of keyids as a belt-and-suspenders strategy: Role keyids are currently guaranteed to be unique but we'd notice here if they weren't. Add a logger call for failed verifys: this might useful to figure out which keys exactly are the issue when a delegate can not be verified. Signed-off-by: Jussi Kukkonen <[email protected]>
- Loading branch information