Пример #1
0
/*
sign privateKeyPem String privateKeyPassword String content String > signaturePem String err String

Signs based on SHA256 hash of the content.
*/
func sign(th InterpreterThread, objects []RObject) []RObject {
	privateKeyPEM := string(objects[0].(String))
	password := string(objects[1].(String))
	content := string(objects[2].(String))
	signaturePEM, err := crypto_util.Sign(privateKeyPEM, password, content)

	var errStr string
	if err != nil {
		errStr = err.Error()
	}
	return []RObject{String(signaturePEM), String(errStr)}
}
/*
  Given a zip file of the source code directory tree,
  1. Computes the SHA256 hash of the source code zip file contents, then signs the hash using
  the private key of the origin.
  2. Adds
     a. the certificate of the origin's public key (including that public key), and
     b. the signature of the source zip file (which can be verified with that public key)
     c. the source zip file
     to an outer (wrapper) zip file that it is creating.
  3. Writes the wrapper zip file as e.g. a.b.com2013--my_artifact_name--1.0.3.zip to the
     shared artifact's root directory.

  NOTE: STEPS 1 and 2. a. b. are TBD !!!! Just re-zips the src.zip file presently.
*/
func signZippedSrc(srcZipPath string,
	originPrivateKey string,
	originPrivateKeyPassword string,
	originPublicKeyCertificate string,
	sharedRelishPublicKeyCertificate string,
	sharedArtifactPath string,
	originAndArtifact string,
	version string) (err error) {
	originAndArtifactFilenamePart := strings.Replace(originAndArtifact, "/", "--", -1)
	wrapperFilename := originAndArtifactFilenamePart + "---" + version + ".zip"
	wrapperFilePath := sharedArtifactPath + "/" + wrapperFilename

	var srcZipContents []byte
	srcZipContents, err = gos.ReadFile(srcZipPath)
	if err != nil {
		return
	}

	content := wrapperFilename + "_|_" + string(srcZipContents)
	signaturePEM, err := crypto_util.Sign(originPrivateKey, originPrivateKeyPassword, content)

	var buf *bytes.Buffer
	buf, err = signZippedSrc1(srcZipPath, originPublicKeyCertificate, sharedRelishPublicKeyCertificate, signaturePEM)

	var file *os.File
	file, err = gos.Create(wrapperFilePath)
	if err != nil {
		return
	}

	_, err = buf.WriteTo(file)
	if err != nil {
		return
	}
	err = file.Close()

	return
}