func (p *pluginControl) returnPluginDetails(rp *core.RequestedPlugin) (*pluginDetails, serror.SnapError) { details := &pluginDetails{} var serr serror.SnapError //Check plugin signing details.Signed, serr = p.verifySignature(rp) if serr != nil { return nil, serr } details.Path = rp.Path() details.CheckSum = rp.CheckSum() details.Signature = rp.Signature() if filepath.Ext(rp.Path()) == ".aci" { f, err := os.Open(rp.Path()) if err != nil { return nil, serror.New(err) } defer f.Close() if err := aci.Validate(f); err != nil { return nil, serror.New(err) } tempPath, err := aci.Extract(f) if err != nil { return nil, serror.New(err) } details.ExecPath = path.Join(tempPath, "rootfs") if details.Manifest, err = aci.Manifest(f); err != nil { return nil, serror.New(err) } details.Exec = details.Manifest.App.Exec[0] details.IsPackage = true } else { details.IsPackage = false details.Exec = filepath.Base(rp.Path()) details.ExecPath = filepath.Dir(rp.Path()) } return details, nil }
func (p *pluginControl) verifySignature(rp *core.RequestedPlugin) (bool, serror.SnapError) { f := map[string]interface{}{ "_block": "verifySignature", } switch p.pluginTrust { case PluginTrustDisabled: return false, nil case PluginTrustEnabled: err := p.signingManager.ValidateSignature(p.keyringFiles, rp.Path(), rp.Signature()) if err != nil { return false, serror.New(err) } case PluginTrustWarn: if rp.Signature() == nil { controlLogger.WithFields(f).Warn("Loading unsigned plugin ", rp.Path()) return false, nil } else { err := p.signingManager.ValidateSignature(p.keyringFiles, rp.Path(), rp.Signature()) if err != nil { return false, serror.New(err) } } } return true, nil }