[FEATURE] Repository Authentication

[vector-of-bool]

Describe the scenario and circumstances that should be addressed

Every dds repository should have a globally unique name. dds stores each package listing alongside the repository that contains it, so it is important that one repository not override the listings of another. Currently, when dds downloads a repository, it will replace all listings that have the name of that repository, regardless of whether the downloaded repository data actually comes from the original host of that repository.

If repo-1.example.com contains dds-repo-example, and it is added in dds, and repo-2.example.com also defines a repository with name dds-repo-example, then adding repo-2.example.com as a repository must validate that they are actually the same repository, and repo-2.example.com is not simply trying to override the content from repo-1.example.com.

Describe the solution you'd like

A repository should have a keypair:

• Repository metadata (i.e. repo.db) should be signed with that keypair.
• When dds first adds a repository, the public key should be recorded with the name of the repository.
• When dds downloads a repo.db, it should verify that it has been signed by the private key associated with the repository name that it claims.
• When a repo.db claims a name for which it is not appropriately signed, dds should refuse to import the repository data and present an appropriate error to the user.
• The user should be able to drop the recorded public key associate with a repository name.