feat(security): signature verification

This commit is contained in:
Erica Marigold 2022-11-26 17:21:52 +05:30
parent b375fdc43a
commit a3905bd21e
No known key found for this signature in database
GPG key ID: 23CD97ABBBCC5ED2
2 changed files with 13 additions and 11 deletions

View file

@ -39,20 +39,22 @@ func VerifySignature(mirrorUrl string) {
} }
unixWd := fmt.Sprintf("/mnt/c/%s", strings.ReplaceAll(strings.Split(userHomeDir, `C:\`)[1], `\`, "/")) + strings.ReplaceAll(strings.Split(cwd, userHomeDir)[1], `\`, "/") unixWd := fmt.Sprintf("/mnt/c/%s", strings.ReplaceAll(strings.Split(userHomeDir, `C:\`)[1], `\`, "/")) + strings.ReplaceAll(strings.Split(cwd, userHomeDir)[1], `\`, "/")
logger.Info(fmt.Sprintf("Looking for verification signature in Unix Directory %s", unixWd))
// does not work? cmd := exec.Command("wsl.exe", `bash`, `-c`, `gpg --keyserver-options auto-key-retrieve --verify archlinux-bootstrap-2022.11.01-x86_64.tar.gz.sig`)
getAuthenticity, authenticityErr := cmd.CombinedOutput()
getAuthenticity, authenticityErr := exec.Command("powershell.exe", fmt.Sprintf(`wsl bash -c "cd %s && gpg --keyserver-options auto-key-retrieve --verify archlinux-bootstrap-2022.11.01-x86_64.tar.gz.sig"`, unixWd)).Output()
if authenticityErr != nil { if authenticityErr != nil {
bar.Stop()
logger.Error("Failed to verify authenticity of RootFS. Refusing to continue.") logger.Error("Failed to verify authenticity of RootFS. Refusing to continue.")
os.Exit(1)
} }
if strings.Contains(strings.Trim(string(getAuthenticity), "\n\r"), "Good signature") {
logger.Info("Matching signature: 4AA4 767B BC9C 4B1D 18AE 28B7 7F2D 434B 9741 E8AC")
logger.Info("Successfully matched checksums and verified authenticity!") logger.Info("Successfully matched checksums and verified authenticity!")
bar.Stop() bar.Stop()
} else {
bar.Stop()
logger.Error("Failed to verify authenticity of RootFS. Refusing to continue.")
}
fmt.Println(strings.Trim(string(getAuthenticity), "\n\r"))
} }
func pullSig(url string) (isSuccessful bool, error error) { func pullSig(url string) (isSuccessful bool, error error) {

View file

@ -18,7 +18,7 @@ import (
func main() { func main() {
if runtime.GOOS == "windows" { if runtime.GOOS == "windows" {
checks() // checks()
core.Build() core.Build()
} else { } else {
fmt.Println("WSL is reserved for windows users only.") fmt.Println("WSL is reserved for windows users only.")