func checkContent(c *C, a asserts.Assertion, encoded string) { expected, err := asserts.Decode([]byte(encoded)) c.Assert(err, IsNil) expectedCont, _ := expected.Signature() cont, _ := a.Signature() c.Check(cont, DeepEquals, expectedCont) }
// serialRequestToSerial converts a serial-request to a serial assertion func serialRequestToSerial(assertion asserts.Assertion, signingLog *SigningLog) (asserts.Assertion, error) { // Create the serial assertion header from the serial-request headers serialHeaders := assertion.Headers() headers := map[string]interface{}{ "type": asserts.SerialType.Name, "authority-id": serialHeaders["brand-id"], "brand-id": serialHeaders["brand-id"], "serial": serialHeaders["serial"], "device-key": serialHeaders["device-key"], "sign-key-sha3-384": serialHeaders["sign-key-sha3-384"], "device-key-sha3-384": serialHeaders["sign-key-sha3-384"], "model": serialHeaders["model"], "timestamp": time.Now().Format(time.RFC3339), } // Get the serial-number from the header, but fallback to the body if it is not there if headers["serial"] == nil || headers["serial"].(string) == "" { // Decode the body which must be YAML, ignore errors body := make(map[string]interface{}) yaml.Unmarshal(assertion.Body(), &body) // Get the extra headers from the body headers["serial"] = body["serial"] } // Check that we have a serial if headers["serial"] == nil { logMessage("SIGN", "create-assertion", ErrorEmptySerial.Message) return nil, errors.New(ErrorEmptySerial.Message) } // Check that we have not already signed this device, and get the max. revision number for the serial number signingLog.SerialNumber = headers["serial"].(string) duplicateExists, maxRevision, err := Environ.DB.CheckForDuplicate(signingLog) if err != nil { logMessage("SIGN", "duplicate-assertion", err.Error()) return nil, errors.New(ErrorDuplicateAssertion.Message) } if duplicateExists { logMessage("SIGN", "duplicate-assertion", "The serial number and/or device-key have already been used to sign a device") } // Set the revision number, incrementing the previously used one signingLog.Revision = maxRevision + 1 headers["revision"] = fmt.Sprintf("%d", signingLog.Revision) // If we have a body, set the body length if len(assertion.Body()) > 0 { headers["body-length"] = serialHeaders["body-length"] } // Create a new serial assertion content, signature := assertion.Signature() return asserts.Assemble(headers, assertion.Body(), content, signature) }
// serialRequestToSerial converts a serial-request to a serial assertion func serialRequestToSerial(assertion asserts.Assertion) (asserts.Assertion, error) { headers := assertion.Headers() headers["type"] = asserts.SerialType.Name headers["authority-id"] = headers["brand-id"] headers["timestamp"] = time.Now().Format(time.RFC3339) delete(headers, "request-id") // Decode the body which must be YAML, ignore errors body := make(map[string]interface{}) yaml.Unmarshal(assertion.Body(), &body) // Get the extra headers from the body headers["serial"] = body["serial"] // Create a new serial assertion content, signature := assertion.Signature() return asserts.Assemble(headers, assertion.Body(), content, signature) }