From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6699413522129879040
X-Received: by 2002:a05:6402:1644:: with SMTP id s4mr49746097edx.182.1559828762448;
        Thu, 06 Jun 2019 06:46:02 -0700 (PDT)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a50:bdcc:: with SMTP id z12ls1313556edh.16.gmail; Thu, 06
 Jun 2019 06:46:02 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxylqp/ksCX9v573/462+7oES2BsJpdbuvUvbaB0IlNe/UDvEslqAIRR/kjMBIPXKJlLGEv
X-Received: by 2002:a50:b662:: with SMTP id c31mr50149234ede.252.1559828762077;
        Thu, 06 Jun 2019 06:46:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1559828762; cv=none;
        d=google.com; s=arc-20160816;
        b=lgQKkZ+9r+BjsMqmMZLbfDa1M8Xfm88YC1MmrNBxkHSb1D5dI/Lqq9sntYZb+4keHB
         BERox3d74aqDAC4Sbc5yj8bMvI0ycExPlP2N9Nf6AGihlnAhe19Huziuc/iWhuDWeJcf
         jmRvK3IQ6kgrw4wJeZtF5bE4EcBmDdZEg1JNySEjjTVk7ajFfj2243QVLL2TUKXKWpnN
         OSyTVCVWu+pxaRPM8ImV5T35JrF2pgkQLO0w82mnrG9+aTkyTgRBRYZ/2FMl3J6fmJuk
         5umAaUI1UEK4lr5O8kmJwto6PnTMVlNKlfs9Lh1PpMbLq+AD3xHCln59M1fkYTROvkop
         bQ4A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:message-id:subject:cc:to
         :from:date;
        bh=9oOTYUCyRAt8WHUe4ufgitWB4qmx1sBUneQdPdwt8d8=;
        b=JKy4kbhNzahDS3rT4A0YkcMXNc//OFFGqdIDNowPM9l9MKAL+3+GENQiJxZmixUL3m
         amjaRf//VEhP3bsaJddQH9sDYqpIw1ymvZgCkV/1yxuNufSfbsAtEpgsa44WNDXxXdLk
         uLVgwvRgQ/3EXoNose/RPhuQtLnhDn8Upp2wr/BdhXcxFzQ8GxnowjI4LO2gtTw7ou7e
         lph0S8lpZqQUQhUdMGK6VIAjEhc3+5pABy7cuoGjP28R5EXucwvryZ01fZS4cSYz5DEk
         wyx4HHk40aNw8BqLUMH8WxhEpxlFXbbkiGhkKQCg7leoJL3X37P62tECE/B9FoSEA1/j
         +CsQ==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Return-Path: <henning.schild@siemens.com>
Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2])
        by gmr-mx.google.com with ESMTPS id g22si96562edc.1.2019.06.06.06.46.01
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 06 Jun 2019 06:46:02 -0700 (PDT)
Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66])
	by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id x56Dk0Rm009197
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Thu, 6 Jun 2019 15:46:01 +0200
Received: from md1za8fc.ad001.siemens.net ([139.25.69.195])
	by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id x56Dk0UR028979;
	Thu, 6 Jun 2019 15:46:00 +0200
Date: Thu, 6 Jun 2019 15:45:58 +0200
From: Henning Schild <henning.schild@siemens.com>
To: <isar-users@googlegroups.com>
Cc: Vijai Kumar K <Vijaikumar_Kanagarajan@mentor.com>
Subject: base-apt signing interface could be improved
Message-ID: <20190606154558.7eea07bd@md1za8fc.ad001.siemens.net>
X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-TUID: 58hxyIgMiVyu

Hi,

i just had a quick look at the implementation of the base-apt signing
for the first time. The interface is not ideal and has potential for
the signing key and the checking key not actually belonging together.

As far as i understand the code i read, Isar will start signing
base-apt if BASE_REPO_KEY is set to anything. The private key it will
use to sign the repo is not specified at all, it will be whatever gnupg
defaults to, given its configuration.

I would suggest to switch from "SignWith yes" to "SignWith <keyid>",
and derive the id from BASE_REPO_KEY.

Further improvements would be to actually configure gnupg inside Isar
and not rely on an outside configuration. Relying on the outside config
means that all (multi)configs will have to use the same keypair.
So we would add

BASE_REPO_KEY_PRIVATE and ..._PASSPHRASE

Now we would create a new gpg homedir next to where we store base-apt.
We would import that one key there and potentially unlock it with its
passphrase. If we clean and rebuild we get a working gpghome for sure.

Henning