Bug 572816 - p2 "trust" strategy to support PGP signers public keys similarly to Certificates
Summary: p2 "trust" strategy to support PGP signers public keys similarly to Certificates
Status: RESOLVED FIXED
Alias: None
Product: Equinox
Classification: Eclipse Project
Component: p2 (show other bugs)
Version: unspecified   Edit
Hardware: All All
: P3 enhancement (vote)
Target Milestone: 4.21 M1   Edit
Assignee: Mickael Istria CLA
QA Contact:
URL:
Whiteboard:
Keywords: noteworthy
Depends on: 570907
Blocks: 577028
  Show dependency tree
 
Reported: 2021-04-13 16:49 EDT by Mickael Istria CLA
Modified: 2021-11-03 04:56 EDT (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mickael Istria CLA 2021-04-13 16:49:37 EDT 
With bug 570907, p2 will now verify if the signature provided in p2 metadata is correct and match the file. That allows to provide a form of certification.
Next step after certification is about defining trust, and is the topic of that ticket: the resolved "PGP Certifiactions" which in practice can be reduced to the PGP public key of the signer(s) need to be trusted, similarly to Certificates. The CheckTrust mechanism should be augemented to also support trusting relevant PGP public keys that were involved in artifact signing.
Comment 1 Ed Merks CLA 2021-04-27 03:43:16 EDT 
I imagine this will impact the installer.  Many of the other p2 dialogs do not work in the installer because of dependencies on the existence of a workbench so likely there will be similar issues.
Comment 2 Mickael Istria CLA 2021-04-27 07:50:28 EDT 
(In reply to Ed Merks from comment #1)
> I imagine this will impact the installer.  Many of the other p2 dialogs do
> not work in the installer because of dependencies on the existence of a
> workbench so likely there will be similar issues.

How does the installer deal with content with untrusted certificates?
Comment 3 Ed Merks CLA 2021-04-27 09:31:53 EDT 
This creates a dialog:

org.eclipse.oomph.p2.internal.ui.P2ServiceUI.getTrustInfo(Certificate[][], String[])

This contains helper classes:

org.eclipse.oomph.p2.core.CertificateConfirmer

This helps implement storage of certificates in the User.setup so that they are available/reusable in all installers and all installations after trust is confirmed and the user requests to remember that confirmation:

org.eclipse.oomph.setup.internal.core.util.SetupCoreUtil.createCertificateConfirmer(User, boolean)
Comment 4 Mickael Istria CLA 2021-06-14 12:19:02 EDT 
Unless I misunderstood something, the patch adds a method and a new constructor; so it shouldn't break extenders (such as installer).
Extenders however would have to implement support for PGP signatures in their "trust" dialog similarly to what they do for Certificates if they want to install p2 artifacts that have PGP signtures using newer version of p2. For artifacts that don't have PGP signatures, nothing additional is necessary, they'll keep being installable without change.
Comment 6 Eclipse Genie CLA 2021-06-15 09:56:19 EDT 
New Gerrit change created: https://git.eclipse.org/r/c/www.eclipse.org/eclipse/news/+/181998
Comment 8 Andrey Loskutov CLA 2021-06-15 14:59:24 EDT 
(In reply to Eclipse Genie from comment #5)
> Gerrit change https://git.eclipse.org/r/c/equinox/rt.equinox.p2/+/179275 was
> merged to [master].
> Commit:
> http://git.eclipse.org/c/equinox/rt.equinox.p2.git/commit/
> ?id=45af7098437c45a46e7637d9aeb0177ca998e209

This causes two compilation error in the IDE:

Description	Resource	Path	Location	Type
Discouraged access: The type 'PGPSignatureVerifier' is not API (restriction on required library '/data/eclipse4.21/eclipse/plugins/org.eclipse.equinox.p2.artifact.repository_1.4.100.v20210418-1636.jar')	CertificateChecker.java	/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases	line 26	Java Problem
Discouraged access: The type 'PGPSignatureVerifier' is not API (restriction on required library '/data/eclipse4.21/eclipse/plugins/org.eclipse.equinox.p2.artifact.repository_1.4.100.v20210418-1636.jar')	CertificateChecker.java	/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases	line 129	Java Problem
Comment 9 Andrey Loskutov CLA 2021-06-15 15:02:18 EDT 
(In reply to Andrey Loskutov from comment #8)
> (In reply to Eclipse Genie from comment #5)
> > Gerrit change https://git.eclipse.org/r/c/equinox/rt.equinox.p2/+/179275 was
> > merged to [master].
> > Commit:
> > http://git.eclipse.org/c/equinox/rt.equinox.p2.git/commit/
> > ?id=45af7098437c45a46e7637d9aeb0177ca998e209
> 
> This causes two compilation error in the IDE:

Sorry, I haven't org.eclipse.equinox.p2.artifact.repository in the workspace
Comment 10 Andrey Loskutov CLA 2021-06-16 04:12:18 EDT 
Me again.

Releng test complain about javadoc errors:

https://download.eclipse.org/eclipse/downloads/drops4/I20210615-1800/testresults/html/org.eclipse.releng.tests_ep421I-unit-cen64-gtk3-java11_linux.gtk.x86_64_11.html

https://download.eclipse.org/eclipse/downloads/drops4/I20210615-1800/compilelogs/platform.doc.isv.javadoc.txt

../../../rt.equinox.p2/bundles/org.eclipse.equinox.p2.core/src/org/eclipse/equinox/p2/core/UIServices.java:20: error: package org.bouncycastle.openpgp does not exist
import org.bouncycastle.openpgp.PGPPublicKey;
                               ^
../../../rt.equinox.p2/bundles/org.eclipse.equinox.p2.core/src/org/eclipse/equinox/p2/core/UIServices.java:222: error: cannot find symbol
	public TrustInfo getTrustInfo(Certificate[][] unTrustedCertificateChains, Collection<PGPPublicKey> untrustedPGPKeys,
	                                                                                     ^
  symbol:   class PGPPublicKey
  location: class UIServices
../../../rt.equinox.p2/bundles/org.eclipse.equinox.p2.core/src/org/eclipse/equinox/p2/core/UIServices.java:80: error: cannot find symbol
		private final Collection<PGPPublicKey> trustedPGPKeys;
		                         ^
  symbol:   class PGPPublicKey
  location: class TrustInfo
../../../rt.equinox.p2/bundles/org.eclipse.equinox.p2.core/src/org/eclipse/equinox/p2/core/UIServices.java:107: error: cannot find symbol
		public TrustInfo(Collection<Certificate> trustedCertificates, Collection<PGPPublicKey> trustedPGPKeys,
		                                                                         ^
  symbol:   class PGPPublicKey
  location: class TrustInfo
../../../rt.equinox.p2/bundles/org.eclipse.equinox.p2.core/src/org/eclipse/equinox/p2/core/UIServices.java:132: error: cannot find symbol
		public Collection<PGPPublicKey> getTrustedPGPKeys() {
		                  ^
  symbol:   class PGPPublicKey
  location: class TrustInfo
5 errors
Comment 11 Mickael Istria CLA 2021-06-16 11:15:50 EDT 
(In reply to Andrey Loskutov from comment #10)
> Releng test complain about javadoc errors:

Thanks for reporting Andrey!
Anyone knows how I can reproduce this error locally, I tried
  mistria@localhost:~/git/eclipse.platform.releng.aggregator/eclipse.platform.common/bundles/org.eclipse.platform.doc.isv$ mvn clean verify -Pbuild-individual-bundles

but didn't see the issue mentioned with up-to-date modules, however it seems that Javadoc generation as a whole is skipped.
@Sravan: do you have any clue on the simplest way to reproduce Javadoc build issues from CLI?
Comment 12 Sravan Kumar Lakkimsetti CLA 2021-06-17 01:54:36 EDT 
(In reply to Mickael Istria from comment #11)
> (In reply to Andrey Loskutov from comment #10)
> > Releng test complain about javadoc errors:
> 
> Thanks for reporting Andrey!
> Anyone knows how I can reproduce this error locally, I tried
>  
> mistria@localhost:~/git/eclipse.platform.releng.aggregator/eclipse.platform.
> common/bundles/org.eclipse.platform.doc.isv$ mvn clean verify
> -Pbuild-individual-bundles
> 
> but didn't see the issue mentioned with up-to-date modules, however it seems
> that Javadoc generation as a whole is skipped.
> @Sravan: do you have any clue on the simplest way to reproduce Javadoc build
> issues from CLI?

I am able to reproduce the problem with the above command. You'll need all the submodules in aggregator up-to-date. 

The error log is in target/doc.bin.log

The problem here is bouncycastle javadoc is not added as link in https://git.eclipse.org/c/platform/eclipse.platform.common.git/tree/bundles/org.eclipse.platform.doc.isv/platformOptions.txt#n191
Comment 13 Eclipse Genie CLA 2021-06-17 12:38:45 EDT 
New Gerrit change created: https://git.eclipse.org/r/c/platform/eclipse.platform.common/+/182127
Comment 15 Sravan Kumar Lakkimsetti CLA 2021-06-17 23:31:24 EDT Comment hidden (obsolete)
Comment 16 Sravan Kumar Lakkimsetti CLA 2021-06-17 23:51:45 EDT Comment hidden (obsolete)
Comment 17 Sravan Kumar Lakkimsetti CLA 2021-06-18 00:30:06 EDT 
Here is the new javadoc error log

https://download.eclipse.org/eclipse/downloads/drops4/I20210617-1800/compilelogs/platform.doc.isv.javadoc.txt

For the implSpec you'll need to add 

-tag "implSpec:a:Implementation Requirements:"

to platformOptions.txt file. 

I think the other errors and warnings are self explanatory.
Comment 18 Eclipse Genie CLA 2021-06-18 03:17:46 EDT 
New Gerrit change created: https://git.eclipse.org/r/c/equinox/rt.equinox.p2/+/182152
Comment 20 Mickael Istria CLA 2021-06-19 02:47:06 EDT 
Javadoc seems all right now