Example #1
0
func (eds *encodeDigestSuite) TestEncodeDigestErrors(c *C) {
	_, err := asserts.EncodeDigest(crypto.SHA1, nil)
	c.Check(err, ErrorMatches, "unsupported hash")

	_, err = asserts.EncodeDigest(crypto.SHA256, []byte{1, 2})
	c.Check(err, ErrorMatches, "hash digest by sha256 should be 32 bytes")
}
Example #2
0
func (eds *encodeDigestSuite) TestEncodeDigestOK(c *C) {
	h := crypto.SHA256.New()
	h.Write([]byte("some stuff to hash"))
	digest := h.Sum(nil)
	encoded, err := asserts.EncodeDigest(crypto.SHA256, digest)
	c.Assert(err, IsNil)

	c.Check(strings.HasPrefix(encoded, "sha256 "), Equals, true)
	decoded, err := base64.RawURLEncoding.DecodeString(encoded[len("sha256 "):])
	c.Assert(err, IsNil)
	c.Check(decoded, DeepEquals, digest)
}
Example #3
0
func (x *snapBuild) Execute(args []string) error {
	authID := x.Positional.AuthorityID
	if authID == "" {
		return fmt.Errorf("missing devel/authority-id")
	}
	authKey, err := findPublicKey(db, authID)
	if err != nil {
		return err
	}

	snapFile := x.Positional.SnapFile
	if snapFile == "" {
		return fmt.Errorf("missing snap-file")
	}
	snap := squashfs.New(snapFile)
	nameParts := strings.SplitN(snap.Name(), "_", 2)
	snapID := nameParts[0] // XXX: cheat/guess
	size, hashDigest, err := snap.HashDigest(crypto.SHA256)
	if err != nil {
		return fmt.Errorf("failed to hash snap: %v", err)
	}
	formattedDigest, err := asserts.EncodeDigest(crypto.SHA256, hashDigest)
	if err != nil {
		return err
	}

	now := time.Now().UTC()
	headers := map[string]string{
		"authority-id": strings.Split(authID, "/")[0],
		"snap-id":      snapID,
		"snap-digest":  formattedDigest,
		"snap-size":    fmt.Sprintf("%d", size),
		"grade":        "devel",
		"timestamp":    now.Format(time.RFC3339),
	}
	snapDecl, err := db.Sign(asserts.SnapBuildType, headers, nil, authKey.ID())
	if err != nil {
		return err
	}
	os.Stdout.Write(asserts.Encode(snapDecl))
	return nil
}