blob: 0aa395e9814fe1533886bbba67b7c3e66afe0f6e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
function versioning / ABI locks / dependency public keys
========================================================
Alternative 1: combine public keys and ABI locks into one hash
--------------------------------------------------------------
"Client" module:
\depends some_module 1.0.0 lock 029f87e3d80f8fd9b1be67c7426b4cc1
\depends other_module 1.0.0 lock 26d4e06132b69f18a628a82c165b2027
Library module:
\pubkey mykey1.gpg 6bd69125a7bd052366467d3b0d17fef7
\pubkey mykey2.gpg d106e5ca9fcc1fc53b9eace6cc5fffc7
\lock 1.0.0 mykey1.gpg 029f87e3d80f8fd9b1be67c7426b4cc1
The lock hash is based on these things:
- module name
- module version
- public key fingerprint(s)
- ABI lock
Hashed twice, perhaps using SHA-256.
Then truncated to 128 bits (32 bytes)
Advantages:
- Only one hash
- Hash is truncated and quite short
Disadvantages:
- Only one author key's fingerprint is included in hash
- Cannot switch implementation (at least not without added functionality)
- Needs a separate key file
Alternative 2: Separate public keys and ABI locks
-------------------------------------------------
"Client" module:
\depends some_module 1.0.0 lock 029f87e3d80f8fd9b1be67c7426b4cc1 pubkey johndoe1
\pubkey johndoe1 19c358d6d876d82e19b4bfc8256ba6c1ef6ba2f71a40f336077039a3ae06fe6f
Library module:
\pubkey johndoe1 19c358d6d876d82e19b4bfc8256ba6c1ef6ba2f71a40f336077039a3ae06fe6f
\lock 1.0.0 johndoe1 029f87e3d80f8fd9b1be67c7426b4cc1
Alternative 3: Only hashes, with pubkeys part of "ABI"
------------------------------------------------------
With this syntax, the \version attribute can occur multiple times.
"Client" module:
\depends some_module 1.0.0 lock 029f87e3d80f8fd9b1be67c7426b4cc1
Library module:
\pubkey johndoe 19c358d6d876d82e19b4bfc8256ba6c1ef6ba2f71a40f336077039a3ae06fe6f since 0.9.2
\pubkey jane 81408cb2b977d38c99de36c08c919f9a3d70aa2ce33561c1ac99da27a94c1f64 since 0.9.1
\version 1.0.0 lock 029f87e3d80f8fd9b1be67c7426b4cc1
\version 0.9.2 lock 6283fec2a4024bbf5d5f076a490d8926
\version 0.9.1 lock d3b4d33a5fe4e6d97bd244e87e9e01c7
\sign 1.0.0 johndoe c7057d1d51bf01f5b79473741ad54741d8f3c94260d812000acf05592efaca10
\sign 0.9.2 johndoe 9b3fb134fb43e5d0050ac2686d32fdbc4016007db675d8e01baaed677a4801ec
\sign 0.9.1 jane 240a346171ac4887568219842b42120a699f0771f684738034cef94dd3675a08
Signatures should be on the full 256-bit lock (non-truncated version)
The implementation should also be signed, but the signature is not included
in the interface file.
|
