Skip to content

Commit

Permalink
update print statements for clearer device logs
Browse files Browse the repository at this point in the history
  • Loading branch information
@bryanoltman
bryanoltman committed May 23, 2024
1 parent 2f161a8 commit ca4d6db
Showing 1 changed file with 9 additions and 7 deletions.
16 changes: 9 additions & 7 deletions library/src/cache/signing.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ use ring::signature;
use std::path::Path;
// https://stackoverflow.com/questions/67087597/is-it-possible-to-use-rusts-log-info-for-tests
#[cfg(test)]
use std::println as info; // Workaround to use println! for logs.
use std::{println as info, println as debug}; // Workaround to use println! for logs.

/// Reads the file at `path` and returns the SHA-256 hash of its contents as a String.
pub fn hash_file<P: AsRef<Path>>(path: P) -> Result<String> {
Expand All @@ -25,32 +25,34 @@ pub fn hash_file<P: AsRef<Path>>(path: P) -> Result<String> {
/// -outform DER \
/// -out public_key.der
pub fn check_signature(message: &str, signature: &str, public_key: &str) -> Result<()> {
// public.pem
debug!("Message is {}", message);
debug!("Public key is {:?}", public_key);
debug!("Signature is {}", signature);

// public.der
let public_key_bytes = base64::prelude::BASE64_STANDARD
.decode(public_key)
.with_context(|| format!("Failed to decode public_key: {}", public_key))?;

let public_key =
signature::UnparsedPublicKey::new(&signature::RSA_PKCS1_2048_8192_SHA256, public_key_bytes);
info!("Public key is {:?}", public_key);
info!("Signature is {}", signature);
let decoded_sig = match base64::prelude::BASE64_STANDARD.decode(signature) {
Ok(sig) => sig,
Err(e) => {
bail!("Failed to decode signature: {:?}", e);
}
};

info!("Verifying signature...");
info!("Verifying patch signature...");
match public_key.verify(message.as_bytes(), &decoded_sig) {
Ok(_) => {
info!("Signature is valid");
info!("Patch signature is valid");
Ok(())
}
Err(_) => {
// The error provided by `verify` is (by design) not helpful, so we ignore it.
// See https://docs.rs/ring/latest/ring/error/struct.Unspecified.html
bail!("Signature is invalid")
bail!("Patch signature is invalid")
}
}
}
Expand Down

0 comments on commit ca4d6db

Please sign in to comment.