Windows Compatibility #75
Comments
|
Hmm, first I wanted to share this admittedly not great repo to help you set up a dev machine in windows. I'm pretty sure I've used py-in-toto to generate metadata on windows and consume it on linux and vice versa.
I thought I had explained this on slack, but I think this has to do to the fact that windows defaults to utf-16, so you may be hashing a bunch of additional zeros. Have you printed the buffers themselves before they are being passed to the hashing function? (i.e., dump the whole memory of the hashable buffer and then compare them) |
|
Hi @SantiagoTorres Another Problem I have spotted is this one here: // Read key bytes
pemBytes, err := ioutil.ReadAll(pemFile)
if err != nil {
return err
}
key, err := decodeAndParse(pemBytes)
if err != nil {
return err
}
// Use type switch to identify the key format
switch key.(type) {
case *rsa.PublicKey:
if err := k.setKeyComponents(pemBytes, []byte{}, rsaKeyType, scheme, keyIdHashAlgorithms); err != nil {
return err
}As shown in the snippet above, we are reading the pemBytes and using them as input for setKeyComponents. This means, that we are operating on the bytes from the file, hence it works as long as the line separator is the same (LF-LF). But when we try to import a CLRF formatted file, we will end up with a different checksum, because we will load the file bytes directly as public key string in our key object. |
|
Update: I wonder if would make sense for the whole project, although I think that fixing the problem above in the source code, might fix the problem in general. I will need to have a look on the other test output. |
Judging from the Appveyor build log it does look like it: You could use rdp and see what's going on on the appveyor workers |
Has appveyor some different git settings? Maybe autocrlf = false? It definitely does not work in my Windows VM with CRLF files. |
|
I have build a patch for the issue, I have explained here: #75 (comment) and indeed, this patch fixes our Windows compatibility problems, that I have introduced in my in-toto run PR. This works now (please ignore, the send coverage error). You can find the patch here: #76 |
|
@lukpueh This can be closed now :) |
|
@lukpueh Ok, I think we are not done here.. I played around with the github actions branch I have and it looks like it only worked, because I have accidentally pushed a gitattributes file to it. The bugs around key loading are fixed through the PR we have merged, but we still have issues: This time it's the |
|
The problem seems to be the RecordArtifact function: We are reading the raw input of a file path here. It's only failing for demo.layout.template, because foo.tar.gz is a binary archive (so no line separators) and the test file I don't know how we are going to fix this now. For the Github Actions PR I plan to ship the attributes file for now, this fixes this temporary, but we really need to think about reading layout files and link files and everything file related. What we need is a function, that normalizes line separators. @trishankatdatadog pointed me to a securesystemslib function, that does this. |
|
Note. I fixed the issue in RecordArtifact in this commit here: 04b13d5 |
Description of issue or feature request:
I had a a deep-dive into Windows today via installing a Windows10 Vagrant box, starting Jetbrains GoLand in it and executing the tests for master and for my branches.
I have bad news.
Did we ever execute tests via appveyor on Windows, besides go fmt?
If so, then I am interested in what appveyor is actually doing, because the tests on Windows definitely fail.
There are several issues. First I thought it's the Github Runner, that is behaving odd, but in reality it's our code.
Somehow generateKeyID calculates a different checksum on Windows. I have no explanation for this.
Here is what I did:
First I compared file sizes of our test data files, these were differently. Later I read at StackOverflow, that these are just different metrics: https://askubuntu.com/questions/573586/files-sizes-differs-from-windows-to-linux#:~:text=The%20different%20file%20structure%20which,sizes%20in%20different%20operating%20systems.
So I decided to calculate the checksum on Linux via
md5sumandsha256sumand on Windows viaCertUtil -hashfile <input file> sha256. Well.. and all of our test data files, had a different check sum. Do you have any explanation for this?I tried setting
.gitattributesandeol=lfand such stuff, but it didn't help.What is even more odd is, that we use
pem.Decode(), so actually the file format is irrelevant. But still we are ending up with a different keyID. I expect an issue inEncodeCanonicalData, but I can't really explain what is going on there.Current behavior:
Right now we are not Windows compatible and I doubt that we ever were windows compatible.
Expected behavior:
We should be compatible with windows.
PS:
Do we have checks for Windows/Linux compatibility with in-toto-py and/or TUF?
CC: @SantiagoTorres @trishankatdatadog maybe you have an explanation for this.
The text was updated successfully, but these errors were encountered: