Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
Tilo15
/
Binman
1
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Strom: 1a3e3d185b
Branche Tagy
Binman
/
src
/
lib
/
Manifest.vala

Manifest.vala 6.6 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156 
  1. using Invercargill;
    2. 

  2. using InvercargillJson;
    3. 

  3. 

  4. namespace Binman {
    5. 

  5. 

  6.     public errordomain ManifestError {
    7. 

  7.         KEY_MISMATCH,
    8. 

  8.         INVALID_SIGNATURE
    9. 

  9.     }
    10. 

  10. 

  11.     public class ManifestFile {
    12. 

  12.         public File file { get; private set; }
    13. 

  13.         
    14. 

  14.         public ManifestHeader read_header() throws Error {
    15. 

  15.             return new JsonlInputStream(get_stream())
    16. 

  16.                 .as_property_groups()
    17. 

  17.                 .try_map_with<ManifestHeader>(ManifestHeader.get_mapper())
    18. 

  18.                 .first()
    19. 

  19.                 .unwrap();
    20. 

  20.         }
    21. 

  21. 

  22.         public Attempts<ManifestEntry> get_entries() throws Error {
    23. 

  23.             return new JsonlInputStream(get_stream())
    24. 

  24.                 .as_property_groups()
    25. 

  25.                 .skip(1)
    26. 

  26.                 .until(o => o.has("signature"))
    27. 

  27.                 .try_map_with<ManifestEntry>(ManifestEntry.get_mapper());
    28. 

  28.         }
    29. 

  29. 

  30.         public bool verify_signature() throws Error {
    31. 

  31.             var stream = new DataInputStream(get_stream());
    32. 

  32.             var checksum = new Checksum(ChecksumType.SHA512);
    33. 

  33.             ManifestSignature signature;
    34. 

  34.             ManifestHeader header = null;
    35. 

  35. 

  36.             while (true) {
    37. 

  37.                 var line = stream.read_line();
    38. 

  38.                 var obj = new JsonElement.from_string(line).as<JsonObject>();
    39. 

  39. 

  40.                 // Don't include signature object in checksum
    41. 

  41.                 if(obj.has("signature")) {
    42. 

  42.                     signature = ManifestSignature.get_mapper().materialise(obj);
    43. 

  43.                     break;
    44. 

  44.                 }
    45. 

  45. 

  46.                 checksum.update(line.data, line.data.length);
    47. 

  47. 

  48.                 if(header == null) {
    49. 

  49.                     header = ManifestHeader.get_mapper().materialise(obj);
    50. 

  50.                 }
    51. 

  51.             }
    52. 

  52. 

  53.             // Calculate checksum
    54. 

  54.             var checksum_bytes = new uint8[ChecksumType.SHA512.get_length()];
    55. 

  55.             size_t size = checksum_bytes.length;
    56. 

  56.             checksum.get_digest(checksum_bytes, ref size);
    57. 

  57. 

  58.             // Verify signature
    59. 

  59.             var signed_checksum = Sodium.Asymmetric.Signing.verify(signature.signature.to_array(), header.key.to_array());
    60. 

  60.             return new BinaryData.from_byte_array(signed_checksum).equals(new BinaryData.from_byte_array(checksum_bytes));
    61. 

  61.         }
    62. 

  62. 

  63.         private InputStream get_stream() throws Error {
    64. 

  64.             var decompressor = new ZlibDecompressor(ZlibCompressorFormat.GZIP);
    65. 

  65.             return new ConverterInputStream(file.read(), decompressor);
    66. 

  66.         }
    67. 

  67. 

  68.         public ManifestFile(File file) {
    69. 

  69.             this.file = file;
    70. 

  70.         }
    71. 

  71. 

  72.         public ManifestFile.from_name(string name, ApplicationType type, BinaryData? key = null) throws Error {
    73. 

  73.             this.file = File.new_build_filename("/var/binman", name, ApplicationType.get_mapper().map_from(type));
    74. 

  74.             if(!this.file.query_exists()) {
    75. 

  75.                 throw new FileError.NOENT("Could not find the specified manifest");
    76. 

  76.             }
    77. 

  77. 

  78.             if(key != null && !read_header().key.equals(key)) {
    79. 

  79.                 throw new ManifestError.KEY_MISMATCH("The key in the manifest file does not match the key expected");
    80. 

  80.             }
    81. 

  81.         }
    82. 

  82. 

  83.     }
    84. 

  84. 

  85.     public class ManifestHeader {
    86. 

  86.         public string name { get; set; }
    87. 

  87.         public string description { get; set; }
    88. 

  88.         public int serial { get; set; }
    89. 

  89.         public string post_exec { get; set; }
    90. 

  90.         public BinaryData key { get; set; }
    91. 

  91.         public Vector<string> remotes { get; set; }
    92. 

  92. 

  93.         public static PropertyMapper<ManifestHeader> get_mapper() {
    94. 

  94.             return PropertyMapper.build_for<ManifestHeader>(cfg => {
    95. 

  95.                 cfg.map<string>("name", o => o.name, (o, v) => o.name = v);
    96. 

  96.                 cfg.map<string>("desc", o => o.description, (o, v) => o.description = v);
    97. 

  97.                 cfg.map<int>("serial", o => o.serial, (o, v) => o.serial = v);
    98. 

  98.                 cfg.map<string>("post-exec", o => o.post_exec, (o, v) => o.post_exec = v);
    99. 

  99.                 cfg.map<string>("key", o => o.key.to_base64(), (o, v) => o.key = new BinaryData.from_base64(v));
    100. 

  100.                 cfg.map_many<string>("remotes", o => o.remotes, (o, v) => o.remotes = v.to_vector());
    101. 

  101.                 cfg.set_constructor(() => new ManifestHeader());
    102. 

  102.             });
    103. 

  103.         }
    104. 

  104.     }
    105. 

  105. 

  106.     public class ManifestEntry {
    107. 

  107.         public string path { get; set; }
    108. 

  108.         public int user { get; set; }
    109. 

  109.         public int group { get; set; }
    110. 

  110.         public Posix.mode_t mode { get; set; }
    111. 

  111.         public string? target { get; set; }
    112. 

  112.         public string? licence { get; set; }
    113. 

  113.         public ManifestFileDescriptor? binary { get; set; }
    114. 

  114.         public ManifestFileDescriptor? source { get; set; }
    115. 

  115. 

  116.         public static PropertyMapper<ManifestEntry> get_mapper() {
    117. 

  117.             return PropertyMapper.build_for<ManifestEntry>(cfg => cfg
    118. 

  118.                 .map<string>("path", o => o.path, (o, v) => o.path = v)
    119. 

  119.                 .map<int>("uid", o => o.user, (o, v) => o.user = v)
    120. 

  120.                 .map<int>("gid", o => o.group, (o, v) => o.group = v)
    121. 

  121.                 .map<int>("mod", o => (int)o.mode, (o, v) => o.mode = v)
    122. 

  122.                 .map<string?>("target", o => o.target, (o, v) => o.target = v, false)
    123. 

  123.                 .map<string?>("licence", o => o.licence, (o, v) => o.licence = v, false)
    124. 

  124.                 .map_properties_with<ManifestFileDescriptor?>("bin", o => o.binary, (o, v) => o.binary = v, ManifestFileDescriptor.get_mapper(), false)
    125. 

  125.                 .map_properties_with<ManifestFileDescriptor?>("ccs", o => o.source, (o, v) => o.source = v, ManifestFileDescriptor.get_mapper(), false)
    126. 

  126.                 .set_constructor(() => new ManifestEntry())
    127. 

  127.             );
    128. 

  128.         }
    129. 

  129.     }
    130. 

  130. 

  131.     public class ManifestFileDescriptor {
    132. 

  132.         public BinaryData checksum { get; set; }
    133. 

  133.         public uint64 size { get; set; }
    134. 

  134.         public string remote_path { get; set; }
    135. 

  135. 

  136.         public static PropertyMapper<ManifestFileDescriptor> get_mapper() {
    137. 

  137.             return PropertyMapper.build_for<ManifestFileDescriptor>(cfg => cfg
    138. 

  138.                 .map<string>("checksum", o => o.checksum.to_base64(), (o, v) => o.checksum = new BinaryData.from_base64(v))
    139. 

  139.                 .map<uint64?>("size", o => o.size, (o, v) => o.size = v)
    140. 

  140.                 .map<string>("path", o => o.remote_path, (o, v) => o.remote_path = v)
    141. 

  141.                 .set_constructor(() => new ManifestFileDescriptor())
    142. 

  142.             );
    143. 

  143.         }
    144. 

  144.     }
    145. 

  145. 

  146.     public class ManifestSignature {
    147. 

  147.         public BinaryData signature { get; set; }
    148. 

  148. 

  149.         public static PropertyMapper<ManifestSignature> get_mapper() {
    150. 

  150.             return PropertyMapper.build_for<ManifestSignature>(cfg => cfg
    151. 

  151.                 .map<string>("signature", o => o.signature.to_base64(), (o, v) => o.signature = new BinaryData.from_base64(v))
    152. 

  152.                 .set_constructor(() => new ManifestSignature())
    153. 

  153.             );
    154. 

  154.         }
    155. 

  155.     }
    156. 

  156. }
    157.