Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

shared: generalize signature schemes #303

Merged
merged 9 commits into from
Sep 3, 2024
Merged

shared: generalize signature schemes #303

merged 9 commits into from
Sep 3, 2024

Conversation

RaitoBezarius
Copy link
Member

Split off #278. Contains only signature generalization contents and misc refactoring to make things easier for the remote signing PR.

@RaitoBezarius RaitoBezarius force-pushed the refactor-signature branch 3 times, most recently from a8fabe0 to 0ca99b0 Compare February 11, 2024 19:45
@RaitoBezarius
Copy link
Member Author

@blitz I added more documentation (overview too), let me know if this is what you had in mind or where would you like me to expand.

blitz
blitz requested changes Mar 19, 2024
View reviewed changes
Copy link
Member

@blitz blitz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! I liked the clear commit history, which made this easier to review.

Will approve when the merge conflicts are resolved. Feel free to address any of the other nitpicky comments as well or ignore them.

@RaitoBezarius RaitoBezarius force-pushed the refactor-signature branch 2 times, most recently from a416d9e to a2ecf9d Compare August 28, 2024 09:24
@RaitoBezarius
flake: support fine-grained buildRustApp inside of the workspace wr…
365092a 
…t packages

Now, it is possible to build any package of the workspace in a fine grained fashion.
@RaitoBezarius
tool(pe): extract stub parameters in their own structure
c462f63 
We want here to capture the required data to assemble a stub, here is a partial structure
modulo ESP generation paths.

Other pieces of code can consume this structure, validate it before passing it to the PE assembler
and the signer.

We convert everything into owned structures because we cannot really do
deserialization in any context with lifetimes going around, but,
allocations are generally very cheap in this context.
@RaitoBezarius
tool(*): generalize signature mechanisms
0fa5e45 
In order to offer more flexible signature mechanisms in lanzaboote,
we need to take a step back and offer a general PE signature trait.

After this, we will be able to plug various different implementations.
@RaitoBezarius
Copy link
Member Author

@blitz This is ready for a review again, I think.

blitz
blitz approved these changes Aug 31, 2024
View reviewed changes
Copy link
Member

@blitz blitz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't have time for a deep review. I like the documentation. Looks like a useful refactoring. @nikstur Are you ok with this?

nikstur
nikstur reviewed Sep 3, 2024
View reviewed changes
Copy link
Member

@nikstur nikstur left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to go from my end after you removed tests/lib.nix

nix/tests/lib.nix Outdated Show resolved Hide resolved
@RaitoBezarius
nix/tests: extract into a lanzaboote library some common functions
14b833b 
Our lanzaboote integration tests are getting more and more sophisticated and ambitious.

Let's extract them into a "lanzalib", so they can be used with multiple backends.
@RaitoBezarius
tool(systemd): improve testing logic for overwrite unsigned images
3e14644 
We didn't test if there *was* a signature, idempotency of removal of signatures (i.e. removing an non-existent signature
is the identity operation) could fool us into believing we had a signed thing then not signed.
@RaitoBezarius
fix: do not emit a temporary initrd location if it's not needed
e965b60 
We fabricated a lot of initrds which were exactly the same as the one in
our store when we had no initrd secrets. This ends this practice.
@RaitoBezarius
chore(docs): address documentation comments
99ccde6 
We moved into docstrings the module-level README.

Signed-off-by: Raito Bezarius <[email protected]>
@RaitoBezarius
chore(naming): rename LanzabooteSigner into Signer
30713d7 
Signed-off-by: Raito Bezarius <[email protected]>
@RaitoBezarius
chore: remove comment about error bubbling with sbsign
8373fae 
Signed-off-by: Raito Bezarius <[email protected]>
@nikstur nikstur added this pull request to the merge queue Sep 3, 2024
Merged via the queue into master with commit e7bd94e Sep 3, 2024
42 checks passed
@nikstur nikstur deleted the refactor-signature branch September 3, 2024 16:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blitz blitz blitz approved these changes

@nikstur nikstur nikstur approved these changes

Assignees
No one assigned
Labels
review-next
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@RaitoBezarius @blitz @kuflierl @nikstur