GithubHelp home page GithubHelp logo

pastalian / rpm-sequoia Goto Github PK

View Code? Open in Web Editor NEW

This project forked from rpm-software-management/rpm-sequoia

0.0 0.0 0.0 240 KB

An OpenPGP backend for rpm using Sequoia PGP

Home Page: https://sequoia-pgp.org/

License: Other

Shell 1.10% Rust 98.90%

rpm-sequoia's Introduction

This library provides an implementation of the rpm's pgp interface using Sequoia.

Configuration

This library's crypto policy can be customized. It finds the configuration file by checking the following in turn:

  • the RPM_SEQUOIA_CRYPTO_POLICY environment variable,
  • /etc/crypto-policies/back-ends/rpm-sequoia.config,
  • the SEQUOIA_CRYPTO_POLICY environment variable, and finally,
  • /etc/crypto-policies/back-ends/sequoia.config.

Only the first configuration file that is present is used. If an environment is set to the empty string, then an empty configuration file is used. That is, the default policy is used.

Thus, if RPM_SEQUOIA_CRYPTO_POLICY is not set, and /etc/crypto-policies/back-ends/rpm-sequoia.config, the latter will be used. In this case, SEQUOIA_CRYPTO_POLICY and /etc/crypto-policies/back-ends/sequoia.config will be completely ignored.

Refer to the Fedora Crypto Policy project for information about the crypto policy.

Building

To build, you need rustc (version 1.63 or later), cargo, and nettle-devel, which is the cryptographic library that Sequoia uses by default.

Here's how to build rpm-sequoia and a version of rpm that uses it:

$ sudo dnf install cargo rustc clang pkg-config nettle-devel
$ mkdir /tmp/rpm
$ cd /tmp/rpm
$ git clone [email protected]:rpm-software-management/rpm-sequoia.git
Cloning into 'rpm-sequoia'...
done.
$ cd rpm-sequoia
$ PREFIX=/usr LIBDIR="\${prefix}/lib64" \
  cargo build --release && cargo test --release
    Updating crates.io index
...
test result: ok. ...
$ cd /tmp/rpm
$ git clone [email protected]:rpm-software-management/rpm.git
Cloning into 'rpm'...
done.
$ cd rpm
$ git checkout rpm-4.18.1-release
Switched to a new branch 'rpm-4.18.1-release'
$ sudo dnf install automake autoconf gettext-devel libtool tar zlib-devel file-devel libarchive-devel popt-devel sqlite-devel lua-devel fakechroot
$ autoreconf -fis
...
$ mkdir b
$ cd b
$ export PKG_CONFIG_PATH=/tmp/rpm/rpm-sequoia/target/release
$ export LD_LIBRARY_PATH=/tmp/rpm/rpm-sequoia/target/release
$ ../configure --prefix=/ --with-crypto=sequoia
$ make
$ make check

Note: this builds version 4.18 of rpm, which is the current stable release of rpm. The current development branch of rpm has switched to using cmake instead of autoconf. Please refer to rpm's INSTALL file for how to build master.

To use a different cryptographic backend, you need to disable the default backend, and select your preferred backend. For instance, to use Sequoia's OpenSSL backend, you would compile rpm-sequoia as follows:

$ cargo build --release --no-default-features --features crypto-openssl

See sequoia-openpgp's README for the list of currently supported cryptographic backends.

The rpm-sequoia artifacts (the .a, .so, and the .pc files) are placed in the build directory, which, in this case, is /tmp/rpm/rpm-sequoia/target/release.

We also set two environment variables when calling cargo build:

  • PREFIX is the prefix that will be used in the generated rpm-sequoia.pc file. It defaults to /usr/local.

  • LIBDIR is the installed library path listed in the generated metadata. It can be an absolute path or one based on ${prefix}, and defaults to ${prefix}/lib.

To run just one or two tests, do something like the following:

Note: when building or running the test suite, it is essential to make sure PKG_CONFIG_PATH and LD_LIBRARY_PATH are set appropriately (as in the above transcript).

$ cd /tmp/rpm/rpm/b/tests
$ export PKG_CONFIG_PATH=/tmp/rpm/rpm-sequoia/target/release
$ export LD_LIBRARY_PATH=/tmp/rpm/rpm-sequoia/target/release
$ make populate_testing
$ T="266 273"; for t in $T; do if ! ../../tests/rpmtests $t; then cat rpmtests.dir/$t/rpmtests.log; fi; done

To get tracing output, set RPM_TRACE to 1:

$ cd /tmp/rpm/rpm/b/tests
$ export PKG_CONFIG_PATH=/tmp/rpm/rpm-sequoia/target/release
$ export LD_LIBRARY_PATH=/tmp/rpm/rpm-sequoia/target/release
$ make populate_testing
$ export RPM_TRACE=1
$ ../../tests/rpmtests 273
$ cat rpmtests.dir/273/rpmtests.log
...
+pgpDigParamsFree: -> success
+rpmFreeCrypto: entered
+rpmFreeCrypto: -> success
273. rpmsigdig.at:495: 273. rpmsign --addsign (rpmsigdig.at:495): FAILED (rpmsigdig.at:503)
...

rpm-sequoia's People

Contributors

nwalfield avatar t184256 avatar ferdnyc avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.