kit

kit
git clone https://git.ryansepassi.com/git/kit.git
Log | Files | Refs | README

trust.h (1155B)

      1 #ifndef KIT_DIST_TRUST_H
      2 #define KIT_DIST_TRUST_H
      3 
      4 #include <stddef.h>
      5 #include <stdint.h>
      6 
      7 #include "dist.h"
      8 
      9 /* The trusted-keys store: the only anchor of trust. Plain text, one key per
     10  * line: "<keyid-hex> <pubkey-base64> <label...>". This module is pure
     11  * byte-level logic; path resolution and file I/O live in the `pkg` tool. A
     12  * key embedded in a manifest is never trust — only a key present here is. */
     13 
     14 #define DIST_TRUST_LINE_MAX 1024u
     15 
     16 /* Find `keyid` in the store bytes, writing its public key to `pk`. Returns
     17  * DIST_OK if present, DIST_ERR if absent or on a malformed line for that id. */
     18 int dist_trust_lookup(const uint8_t* file, size_t len,
     19                       const uint8_t keyid[DIST_KEYID_LEN],
     20                       uint8_t pk[DIST_ED25519_PK_LEN]);
     21 
     22 /* Format a store line for `keyid`/`pk`/`label` (NUL-terminated, newline
     23  * included). Returns DIST_OK / DIST_ERR (buffer too small). */
     24 int dist_trust_format_entry(char* out, size_t cap,
     25                             const uint8_t keyid[DIST_KEYID_LEN],
     26                             const uint8_t pk[DIST_ED25519_PK_LEN],
     27                             const char* label);
     28 
     29 #endif