9ab1876953f58537cfe025ae8e776e704b6c6227 - equinox/rt.equinox.p2

commit	9ab1876953f58537cfe025ae8e776e704b6c6227	[log] [tgz]
author	Mickael Istria <mistria@redhat.com>	Mon Oct 18 18:12:23 2021 +0200
committer	Mickael Istria <mistria@redhat.com>	Thu Oct 21 07:52:47 2021 -0400
tree	2870f871c3fefd6da4ea804594faa0ec2409c89e
parent	66ff9ad2440317e7d61834a3616096c1ef226051 [diff]

Bug 576705 - Declare some PGP keys as trusted in p2 metadata

This allows to build a product/profile or install metadata that define a
pgp.trustedPublicKeys property containing public keys to trust.

After verifying that signatures are correct when installing an artifact
(was bug 570907), deciding of whether to consider an artifact as trusted
or not will check whether one of the signing keys is already installed
trusted.
If no signing key is trusted, user is prompted for approval in order to
continue installation, as already implemented with bug 572816

Change-Id: Ie17ecca23de8186845ec943e63abb4dd0d141836
Reviewed-on: https://git.eclipse.org/r/c/equinox/rt.equinox.p2/+/186727
Tested-by: Equinox Bot <equinox-bot@eclipse.org>
Reviewed-by: Mickael Istria <mistria@redhat.com>

bundles/org.eclipse.equinox.p2.artifact.repository/src/org/eclipse/equinox/internal/p2/artifact/processors/pgp/PGPSignatureVerifier.java[diff]
bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java[diff]
bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/artifact/repository/AllTests.java[diff]
bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/artifact/repository/PGPVerifierTest.java[Renamed from bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/artifact/repository/PGPTest.java - diff]
bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java[diff]

5 files changed

tree: 2870f871c3fefd6da4ea804594faa0ec2409c89e