On Sat, Jan 1, 2022 at 2:49 PM Jeremy Huntwork <jeremy@merelinux.org> wrote:
libasignify provides a simple API for checking ed25519 signatures of blake2 file digests. See: https://github.com/vstakhov/asignify
These changes add support into libalpm, a new configuration option for the location of trusted public keys that libasignify uses, and modify the build to support only one signature method, gpgme or asignify.
A future patch will be needed to add appropriate asignify signing commands to makepkg.
Jeremy Huntwork (4): libalpm: Add support for asignify signatures Add a configuration option for asignify's key dir Add documentation for the AsignifyDir option Update meson for asignify
doc/pacman.conf.5.asciidoc | 8 +++++ etc/pacman.conf.in | 1 + lib/libalpm/alpm.c | 2 +- lib/libalpm/alpm.h | 19 +++++++++++ lib/libalpm/be_package.c | 22 ++++++++++--- lib/libalpm/be_sync.c | 2 +- lib/libalpm/error.c | 8 ++--- lib/libalpm/handle.c | 23 ++++++++++++-- lib/libalpm/handle.h | 1 + lib/libalpm/signing.c | 65 ++++++++++++++++++++++++++++++++++++++ lib/libalpm/signing.h | 1 + meson.build | 33 +++++++++++++------ meson_options.txt | 4 +-- src/pacman/conf.c | 16 ++++++++++ src/pacman/conf.h | 2 ++ src/pacman/pacman.c | 40 ++++++++++++++++++----- test/pacman/meson.build | 2 +- 17 files changed, 216 insertions(+), 33 deletions(-)
Hi, any feedback on this? I'm at the point in my own project where I need to decide how I'm moving forward, so it would be nice to have a feel for which way the wind is blowing. :) Thanks again, JH