本文整理汇总了Golang中github.com/snapcore/snapd/asserts.SnapFileSHA3_384函数的典型用法代码示例。如果您正苦于以下问题:Golang SnapFileSHA3_384函数的具体用法?Golang SnapFileSHA3_384怎么用?Golang SnapFileSHA3_384使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SnapFileSHA3_384函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: getSha
func getSha(fn string) string {
snapDigest, _, err := asserts.SnapFileSHA3_384(fn)
if err != nil {
panic(err)
}
return hexify(snapDigest)
}示例2: addSystemSnapAssertions
func (s *imageSuite) addSystemSnapAssertions(c *C, snapName string) {
snapID := snapName + "-Id"
decl, err := s.storeSigning.Sign(asserts.SnapDeclarationType, map[string]interface{}{
"series": "16",
"snap-id": snapID,
"snap-name": snapName,
"publisher-id": "can0nical",
"timestamp": time.Now().UTC().Format(time.RFC3339),
}, nil, "")
c.Assert(err, IsNil)
err = s.storeSigning.Add(decl)
c.Assert(err, IsNil)
snapSHA3_384, snapSize, err := asserts.SnapFileSHA3_384(s.downloadedSnaps[snapName])
c.Assert(err, IsNil)
snapRev, err := s.storeSigning.Sign(asserts.SnapRevisionType, map[string]interface{}{
"snap-sha3-384": snapSHA3_384,
"snap-size": fmt.Sprintf("%d", snapSize),
"snap-id": snapID,
"snap-revision": s.storeSnapInfo[snapName].Revision.String(),
"developer-id": "can0nical",
"timestamp": time.Now().UTC().Format(time.RFC3339),
}, nil, "")
c.Assert(err, IsNil)
err = s.storeSigning.Add(snapRev)
c.Assert(err, IsNil)
}示例3: makeAssertions
func (s *storeTestSuite) makeAssertions(c *C, snapFn, name, snapID, develName, develID string, revision int) {
dgst, size, err := asserts.SnapFileSHA3_384(snapFn)
c.Assert(err, IsNil)
info := essentialInfo{
Name: name,
SnapID: snapID,
DeveloperID: develID,
DevelName: develName,
Revision: revision,
Size: size,
Digest: dgst,
}
f, err := os.OpenFile(filepath.Join(s.store.assertDir, snapID+".fake.snap-declaration"), os.O_CREATE|os.O_WRONLY, 0644)
c.Assert(err, IsNil)
err = tSnapDecl.Execute(f, info)
c.Assert(err, IsNil)
f, err = os.OpenFile(filepath.Join(s.store.assertDir, dgst+".fake.snap-revision"), os.O_CREATE|os.O_WRONLY, 0644)
c.Assert(err, IsNil)
err = tSnapRev.Execute(f, info)
c.Assert(err, IsNil)
f, err = os.OpenFile(filepath.Join(s.store.assertDir, develID+".fake.account"), os.O_CREATE|os.O_WRONLY, 0644)
c.Assert(err, IsNil)
err = tAccount.Execute(f, info)
c.Assert(err, IsNil)
}示例4: main
func main() {
sha3_384, _, err := asserts.SnapFileSHA3_384(os.Args[1])
if err != nil {
fmt.Fprintf(os.Stderr, "cannot compute digest: %v\n", err)
os.Exit(1)
}
fmt.Fprintf(os.Stdout, "%s\n", sha3_384)
}示例5: FetchAndCheckSnapAssertions
// FetchAndCheckSnapAssertions fetches and cross checks the snap assertions matching the given snap file using the provided asserts.Fetcher and assertion database.
func FetchAndCheckSnapAssertions(snapPath string, info *snap.Info, f asserts.Fetcher, db asserts.RODatabase) error {
sha3_384, size, err := asserts.SnapFileSHA3_384(snapPath)
if err != nil {
return err
}
if err := snapasserts.FetchSnapAssertions(f, sha3_384); err != nil {
return fmt.Errorf("cannot fetch snap signatures/assertions: %v", err)
}
// cross checks
return snapasserts.CrossCheck(info.Name(), sha3_384, size, &info.SideInfo, db)
}示例6: snapEssentialInfo
func snapEssentialInfo(w http.ResponseWriter, fn, snapID string, bs asserts.Backstore) (*essentialInfo, error) {
snapFile, err := snap.Open(fn)
if err != nil {
http.Error(w, fmt.Sprintf("cannot read: %v: %v", fn, err), http.StatusBadRequest)
return nil, errInfo
}
info, err := snap.ReadInfoFromSnapFile(snapFile, nil)
if err != nil {
http.Error(w, fmt.Sprintf("can get info for: %v: %v", fn, err), http.StatusBadRequest)
return nil, errInfo
}
snapDigest, size, err := asserts.SnapFileSHA3_384(fn)
if err != nil {
http.Error(w, fmt.Sprintf("can get digest for: %v: %v", fn, err), http.StatusBadRequest)
return nil, errInfo
}
snapRev, devAcct, err := findSnapRevision(snapDigest, bs)
if err != nil && err != asserts.ErrNotFound {
http.Error(w, fmt.Sprintf("can get info for: %v: %v", fn, err), http.StatusBadRequest)
return nil, errInfo
}
var devel, develID string
var revision int
if snapRev != nil {
snapID = snapRev.SnapID()
develID = snapRev.DeveloperID()
devel = devAcct.Username()
revision = snapRev.SnapRevision()
} else {
// XXX: fallback until we are always assertion based
develID = defaultDeveloperID
devel = defaultDeveloper
revision = makeRevision(info)
}
return &essentialInfo{
Name: info.Name(),
SnapID: snapID,
DeveloperID: develID,
DevelName: devel,
Revision: revision,
Version: info.Version,
Digest: snapDigest,
Size: size,
}, nil
}示例7: Execute
func (x *cmdSignBuild) Execute(args []string) error {
if len(args) > 0 {
return ErrExtraArgs
}
snapDigest, snapSize, err := asserts.SnapFileSHA3_384(x.Positional.Filename)
if err != nil {
return err
}
gkm := asserts.NewGPGKeypairManager()
privKey, err := gkm.GetByName(x.KeyName)
if err != nil {
// TRANSLATORS: %q is the key name, %v the error message
return fmt.Errorf(i18n.G("cannot use %q key: %v"), x.KeyName, err)
}
pubKey := privKey.PublicKey()
timestamp := time.Now().Format(time.RFC3339)
headers := map[string]interface{}{
"developer-id": x.DeveloperID,
"authority-id": x.DeveloperID,
"snap-sha3-384": snapDigest,
"snap-id": x.SnapID,
"snap-size": fmt.Sprintf("%d", snapSize),
"grade": x.Grade,
"timestamp": timestamp,
}
adb, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: gkm,
})
if err != nil {
return fmt.Errorf(i18n.G("cannot open the assertions database: %v"), err)
}
a, err := adb.Sign(asserts.SnapBuildType, headers, nil, pubKey.ID())
if err != nil {
return fmt.Errorf(i18n.G("cannot sign assertion: %v"), err)
}
_, err = Stdout.Write(asserts.Encode(a))
if err != nil {
return err
}
return nil
}示例8: TestSnapFileSHA3_384
func (s *snapFileDigestSuite) TestSnapFileSHA3_384(c *C) {
exData := []byte("hashmeplease")
tempdir := c.MkDir()
snapFn := filepath.Join(tempdir, "ex.snap")
err := ioutil.WriteFile(snapFn, exData, 0644)
c.Assert(err, IsNil)
encDgst, size, err := asserts.SnapFileSHA3_384(snapFn)
c.Assert(err, IsNil)
c.Check(size, Equals, uint64(len(exData)))
h3_384 := sha3.Sum384(exData)
expected := base64.RawURLEncoding.EncodeToString(h3_384[:])
c.Check(encDgst, DeepEquals, expected)
}示例9: DeriveSideInfo
// DeriveSideInfo tries to construct a SideInfo for the given snap using its digest to find the relevant snap assertions with the information in the given database. It will fail with asserts.ErrNotFound if it cannot find them.
func DeriveSideInfo(snapPath string, db asserts.RODatabase) (*snap.SideInfo, error) {
snapSHA3_384, snapSize, err := asserts.SnapFileSHA3_384(snapPath)
if err != nil {
return nil, err
}
// get relevant assertions and reconstruct metadata
a, err := db.Find(asserts.SnapRevisionType, map[string]string{
"snap-sha3-384": snapSHA3_384,
})
if err != nil {
return nil, err
}
snapRev := a.(*asserts.SnapRevision)
if snapRev.SnapSize() != snapSize {
return nil, fmt.Errorf("snap %q does not have expected size according to signatures (broken or tampered): %d != %d", snapPath, snapSize, snapRev.SnapSize())
}
snapID := snapRev.SnapID()
snapDecl, err := findSnapDeclaration(snapID, snapPath, db)
if err != nil {
return nil, err
}
name := snapDecl.SnapName()
// TODO: once we are fully migrated to assertions this can
// be done dynamically later instead of statically here
a, err = db.Find(asserts.AccountType, map[string]string{
"account-id": snapRev.DeveloperID(),
})
if err != nil {
return nil, fmt.Errorf("internal error: cannot find developer account for snap %q (%q): %s", name, snapPath, snapRev.DeveloperID())
}
devAcct := a.(*asserts.Account)
return &snap.SideInfo{
RealName: name,
SnapID: snapID,
Revision: snap.R(snapRev.SnapRevision()),
DeveloperID: snapRev.DeveloperID(),
Developer: devAcct.Username(),
}, nil
}示例10: buildSnap
func buildSnap(snapDir, targetDir string) (*info, error) {
// build in /var/tmp (which is not a tempfs)
cmd := exec.Command("snapbuild", snapDir, targetDir)
cmd.Env = append(os.Environ(), "TMPDIR=/var/tmp")
output, err := cmd.CombinedOutput()
if err != nil {
return nil, fmt.Errorf("building fake snap: %v, output: %s", err, output)
}
out := strings.TrimSpace(string(output))
if !strings.HasPrefix(out, "built: ") {
return nil, fmt.Errorf("building fake snap got unexpected output: %s", output)
}
fn := out[len("built: "):]
newDigest, size, err := asserts.SnapFileSHA3_384(fn)
if err != nil {
return nil, err
}
return &info{digest: newDigest, size: size}, nil
}示例11: makeStoreTestSnap
func (ms *mgrsSuite) makeStoreTestSnap(c *C, snapYaml string, revno string) (path, digest string) {
snapPath := makeTestSnap(c, snapYaml)
snapDigest, size, err := asserts.SnapFileSHA3_384(snapPath)
c.Assert(err, IsNil)
headers := map[string]interface{}{
"snap-id": fooSnapID,
"snap-sha3-384": snapDigest,
"snap-size": fmt.Sprintf("%d", size),
"snap-revision": revno,
"developer-id": "devdevdev",
"timestamp": time.Now().Format(time.RFC3339),
}
snapRev, err := ms.storeSigning.Sign(asserts.SnapRevisionType, headers, nil, "")
c.Assert(err, IsNil)
err = ms.storeSigning.Add(snapRev)
c.Assert(err, IsNil)
return snapPath, snapDigest
}示例12: doValidateSnap
// doValidateSnap fetches the relevant assertions for the snap being installed and cross checks them with the snap.
func doValidateSnap(t *state.Task, _ *tomb.Tomb) error {
t.State().Lock()
defer t.State().Unlock()
ss, err := snapstate.TaskSnapSetup(t)
if err != nil {
return nil
}
sha3_384, snapSize, err := asserts.SnapFileSHA3_384(ss.SnapPath)
if err != nil {
return err
}
err = doFetch(t.State(), ss.UserID, func(f asserts.Fetcher) error {
return snapasserts.FetchSnapAssertions(f, sha3_384)
})
if notFound, ok := err.(*store.AssertionNotFoundError); ok {
if notFound.Ref.Type == asserts.SnapRevisionType {
return fmt.Errorf("cannot verify snap %q, no matching signatures found", ss.Name())
} else {
return fmt.Errorf("cannot find supported signatures to verify snap %q and its hash (%v)", ss.Name(), notFound)
}
}
if err != nil {
return err
}
db := DB(t.State())
err = snapasserts.CrossCheck(ss.Name(), sha3_384, snapSize, ss.SideInfo, db)
if err != nil {
// TODO: trigger a global sanity check
// that will generate the changes to deal with this
// for things like snap-decl revocation and renames?
return err
}
// TODO: set DeveloperID from assertions
return nil
}示例13: copySnap
func copySnap(snapName, targetDir string) (*info, error) {
baseDir := filepath.Join(dirs.SnapMountDir, snapName)
if _, err := os.Stat(baseDir); err != nil {
return nil, err
}
sourceDir := filepath.Join(baseDir, "current")
files, err := filepath.Glob(filepath.Join(sourceDir, "*"))
if err != nil {
return nil, err
}
revnoDir, err := filepath.EvalSymlinks(sourceDir)
if err != nil {
return nil, err
}
origRevision := filepath.Base(revnoDir)
for _, m := range files {
if err = exec.Command("sudo", "cp", "-a", m, targetDir).Run(); err != nil {
return nil, err
}
}
rev, err := snap.ParseRevision(origRevision)
if err != nil {
return nil, err
}
place := snap.MinimalPlaceInfo(snapName, rev)
origDigest, origSize, err := asserts.SnapFileSHA3_384(place.MountFile())
if err != nil {
return nil, err
}
return &info{revision: origRevision, size: origSize, digest: origDigest}, nil
}示例14: TestPopulateFromSeedHappyMultiAssertsFiles
func (s *FirstBootTestSuite) TestPopulateFromSeedHappyMultiAssertsFiles(c *C) {
// put a firstboot snap into the SnapBlobDir
snapYaml := `name: foo
version: 1.0`
mockSnapFile := snaptest.MakeTestSnapWithFiles(c, snapYaml, nil)
fooSnapFile := filepath.Join(dirs.SnapSeedDir, "snaps", filepath.Base(mockSnapFile))
err := os.Rename(mockSnapFile, fooSnapFile)
c.Assert(err, IsNil)
// put a 2nd firstboot snap into the SnapBlobDir
snapYaml = `name: bar
version: 1.0`
mockSnapFile = snaptest.MakeTestSnapWithFiles(c, snapYaml, nil)
barSnapFile := filepath.Join(dirs.SnapSeedDir, "snaps", filepath.Base(mockSnapFile))
err = os.Rename(mockSnapFile, barSnapFile)
c.Assert(err, IsNil)
devAcct := assertstest.NewAccount(s.storeSigning, "developer", map[string]interface{}{
"account-id": "developerid",
}, "")
snapDeclFoo, err := s.storeSigning.Sign(asserts.SnapDeclarationType, map[string]interface{}{
"series": "16",
"snap-id": "foosnapidsnapid",
"publisher-id": "developerid",
"snap-name": "foo",
"timestamp": time.Now().UTC().Format(time.RFC3339),
}, nil, "")
c.Assert(err, IsNil)
sha3_384, size, err := asserts.SnapFileSHA3_384(fooSnapFile)
c.Assert(err, IsNil)
snapRevFoo, err := s.storeSigning.Sign(asserts.SnapRevisionType, map[string]interface{}{
"snap-sha3-384": sha3_384,
"snap-size": fmt.Sprintf("%d", size),
"snap-id": "foosnapidsnapid",
"developer-id": "developerid",
"snap-revision": "128",
"timestamp": time.Now().UTC().Format(time.RFC3339),
}, nil, "")
c.Assert(err, IsNil)
writeAssertionsToFile("foo.asserts", []asserts.Assertion{devAcct, snapRevFoo, snapDeclFoo})
snapDeclBar, err := s.storeSigning.Sign(asserts.SnapDeclarationType, map[string]interface{}{
"series": "16",
"snap-id": "barsnapidsnapid",
"publisher-id": "developerid",
"snap-name": "bar",
"timestamp": time.Now().UTC().Format(time.RFC3339),
}, nil, "")
c.Assert(err, IsNil)
sha3_384, size, err = asserts.SnapFileSHA3_384(barSnapFile)
c.Assert(err, IsNil)
snapRevBar, err := s.storeSigning.Sign(asserts.SnapRevisionType, map[string]interface{}{
"snap-sha3-384": sha3_384,
"snap-size": fmt.Sprintf("%d", size),
"snap-id": "barsnapidsnapid",
"developer-id": "developerid",
"snap-revision": "65",
"timestamp": time.Now().UTC().Format(time.RFC3339),
}, nil, "")
c.Assert(err, IsNil)
writeAssertionsToFile("bar.asserts", []asserts.Assertion{devAcct, snapDeclBar, snapRevBar})
// add a model assertion and its chain
assertsChain := s.makeModelAssertionChain(c)
writeAssertionsToFile("model.asserts", assertsChain)
// create a seed.yaml
content := []byte(fmt.Sprintf(`
snaps:
- name: foo
file: %s
- name: bar
file: %s
`, filepath.Base(fooSnapFile), filepath.Base(barSnapFile)))
err = ioutil.WriteFile(filepath.Join(dirs.SnapSeedDir, "seed.yaml"), content, 0644)
c.Assert(err, IsNil)
// run the firstboot stuff
st := s.overlord.State()
st.Lock()
defer st.Unlock()
tsAll, err := devicestate.PopulateStateFromSeedImpl(st)
c.Assert(err, IsNil)
chg := st.NewChange("run-it", "run the populate from seed changes")
for _, ts := range tsAll {
chg.AddAll(ts)
}
c.Assert(st.Changes(), HasLen, 1)
st.Unlock()
s.overlord.Settle()
st.Lock()
//.........这里部分代码省略.........
示例15: TestPopulateFromSeedHappy
func (s *FirstBootTestSuite) TestPopulateFromSeedHappy(c *C) {
// put a firstboot snap into the SnapBlobDir
snapYaml := `name: foo
version: 1.0`
mockSnapFile := snaptest.MakeTestSnapWithFiles(c, snapYaml, nil)
targetSnapFile := filepath.Join(dirs.SnapSeedDir, "snaps", filepath.Base(mockSnapFile))
err := os.Rename(mockSnapFile, targetSnapFile)
c.Assert(err, IsNil)
// put a firstboot local snap into the SnapBlobDir
snapYaml = `name: local
version: 1.0`
mockSnapFile = snaptest.MakeTestSnapWithFiles(c, snapYaml, nil)
targetSnapFile2 := filepath.Join(dirs.SnapSeedDir, "snaps", filepath.Base(mockSnapFile))
err = os.Rename(mockSnapFile, targetSnapFile2)
c.Assert(err, IsNil)
devAcct := assertstest.NewAccount(s.storeSigning, "developer", map[string]interface{}{
"account-id": "developerid",
}, "")
devAcctFn := filepath.Join(dirs.SnapSeedDir, "assertions", "developer.account")
err = ioutil.WriteFile(devAcctFn, asserts.Encode(devAcct), 0644)
c.Assert(err, IsNil)
snapDecl, err := s.storeSigning.Sign(asserts.SnapDeclarationType, map[string]interface{}{
"series": "16",
"snap-id": "snapidsnapid",
"publisher-id": "developerid",
"snap-name": "foo",
"timestamp": time.Now().UTC().Format(time.RFC3339),
}, nil, "")
c.Assert(err, IsNil)
declFn := filepath.Join(dirs.SnapSeedDir, "assertions", "foo.snap-declaration")
err = ioutil.WriteFile(declFn, asserts.Encode(snapDecl), 0644)
c.Assert(err, IsNil)
sha3_384, size, err := asserts.SnapFileSHA3_384(targetSnapFile)
c.Assert(err, IsNil)
snapRev, err := s.storeSigning.Sign(asserts.SnapRevisionType, map[string]interface{}{
"snap-sha3-384": sha3_384,
"snap-size": fmt.Sprintf("%d", size),
"snap-id": "snapidsnapid",
"developer-id": "developerid",
"snap-revision": "128",
"timestamp": time.Now().UTC().Format(time.RFC3339),
}, nil, "")
c.Assert(err, IsNil)
revFn := filepath.Join(dirs.SnapSeedDir, "assertions", "foo.snap-revision")
err = ioutil.WriteFile(revFn, asserts.Encode(snapRev), 0644)
c.Assert(err, IsNil)
// add a model assertion and its chain
assertsChain := s.makeModelAssertionChain(c)
for i, as := range assertsChain {
fn := filepath.Join(dirs.SnapSeedDir, "assertions", strconv.Itoa(i))
err := ioutil.WriteFile(fn, asserts.Encode(as), 0644)
c.Assert(err, IsNil)
}
// create a seed.yaml
content := []byte(fmt.Sprintf(`
snaps:
- name: foo
file: %s
devmode: true
- name: local
unasserted: true
file: %s
`, filepath.Base(targetSnapFile), filepath.Base(targetSnapFile2)))
err = ioutil.WriteFile(filepath.Join(dirs.SnapSeedDir, "seed.yaml"), content, 0644)
c.Assert(err, IsNil)
// run the firstboot stuff
st := s.overlord.State()
st.Lock()
defer st.Unlock()
tsAll, err := devicestate.PopulateStateFromSeedImpl(st)
c.Assert(err, IsNil)
// the last task of the last taskset must be mark-seeded
markSeededTask := tsAll[len(tsAll)-1].Tasks()[0]
c.Check(markSeededTask.Kind(), Equals, "mark-seeded")
// and the markSeededTask must wait for the other tasks
prevTasks := tsAll[len(tsAll)-2].Tasks()
otherTask := prevTasks[len(prevTasks)-1]
c.Check(markSeededTask.WaitTasks(), testutil.Contains, otherTask)
// now run the change and check the result
chg := st.NewChange("run-it", "run the populate from seed changes")
for _, ts := range tsAll {
chg.AddAll(ts)
}
c.Assert(st.Changes(), HasLen, 1)
st.Unlock()
s.overlord.Settle()
st.Lock()
c.Assert(chg.Err(), IsNil)
//.........这里部分代码省略.........