ospkg

package
v0.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 30, 2023 License: BSD-3-Clause Imports: 16 Imported by: 1

Documentation

Index

Constants

View Source
const (
	ErrOpDescFromFile  sterror.Op = "DescriptorFromFile"
	ErrOpDescFromBytes sterror.Op = "DescriptorFomBytes"
	ErrOpDescBytes     sterror.Op = "Descriptor.Bytes"
	ErrOpDValidate     sterror.Op = "Descriptor.Validate"
)

Operations used for raising Errors of this package.

View Source
const (
	DescriptorVersion int = 1
	// DescriptorExt is the file extension of OS package descriptor file.
	DescriptorExt string = ".json"
)
View Source
const (
	ErrOpOSMFromBytes sterror.Op = "OSManifestFromBytes"
	ErrOpOSMWrite     sterror.Op = "OSManifest.Write"
	ErrOpOSMBytes     sterror.Op = "OSManifest.Bytes"
	ErrOpOSMValidate  sterror.Op = "OSManifest.Validate"
)

Operations used for raising Errors of this package.

View Source
const (
	ManifestVersion int = 1
	// ManifestName is the name of OS packages' internal configuration file.
	ManifestName string = "manifest.json"
)
View Source
const (
	ErrScope                  sterror.Scope = "OS package"
	ErrOpCreateOSPkg          sterror.Op    = "CreateOSPackage"
	ErrOpNewOSPkg             sterror.Op    = "NewOSPackage"
	ErrOpOSPkgArchiveBytes    sterror.Op    = "OSPackage.ArchiveBytes"
	ErrOpOSPkgDescriptorBytes sterror.Op    = "OSPackage.DescriptorBytes"
	ErrOpOSPkgSign            sterror.Op    = "OSPackage.Sign"
	ErrOpOSPkgVerify          sterror.Op    = "OSPackage.Verify"
	ErrOpOSPkgvalidate        sterror.Op    = "OSPackage.validate"
	ErrOpOSPkgzip             sterror.Op    = "OSPackage.zip"
	ErrOpOSPkgunzip           sterror.Op    = "OSPackage.unzip"
	ErrOpOSPkgparseCert       sterror.Op    = "OSPackage.parseCert"
	ErrOpcalculateHash        sterror.Op    = "calculateHash"
	ErrOpOSImage              sterror.Op    = "OSImage"
)

Scope and operations used for raising Errors of this package.

View Source
const (
	ErrInfoFailedToReadFrom = "failed to read from %v"
	ErrInfoInvalidPath      = "missing %v path"
	ErrInfoInvalidVer       = "invalid version: %d, expected %d"
	ErrInfoMissingScheme    = "missing scheme"
	ErrInfoLengthOfZero     = "data %v has length of zero"
)

Additional information which might get included into Errors.

View Source
const (
	// DefaultOSPackageName is the file name of the archive, which is expected to contain
	// the stboot configuration file along with the corresponding files.
	DefaultOSPackageName string = "ospkg.zip"
	// OSPackageExt is the file extension of OS packages.
	OSPackageExt string = ".zip"
)
View Source
const (
	ErrOpunzip = "unzipFile"
)

Variables

View Source
var (
	ErrVrfy          = errors.New("signature verification failed")
	ErrParse         = errors.New("failed to parse")
	ErrSerialize     = errors.New("failed to serialize")
	ErrValidate      = errors.New("failed to validate")
	ErrSign          = errors.New("failed to sign")
	ErrWriteToFile   = errors.New("failed to write to file")
	ErrFailedToUnzip = errors.New("failed to unzip archive")
	ErrFailedToZip   = errors.New("failed to zip")
	ErrNotHashable   = errors.New("data not hashable")
	ErrGenerateData  = errors.New("failed to generate data")
	ErrMissingData   = errors.New("missing data")
	ErrOverwriteData = errors.New("failed to overwrite data")
)

Errors which may be raised and wrapped in this package.

Functions

This section is empty.

Types

type Descriptor

type Descriptor struct {
	Version int    `json:"version"`
	PkgURL  string `json:"os_pkg_url"`

	Certificates [][]byte `json:"certificates"`
	Signatures   [][]byte `json:"signatures"`
}

Descriptor represents the descriptor JSON file of an OS package.

func DescriptorFromBytes

func DescriptorFromBytes(data []byte) (*Descriptor, error)

DescriptorFromBytes parses a manifest from a byte slice.

func DescriptorFromFile

func DescriptorFromFile(src string) (*Descriptor, error)

DescriptorFromFile parses a manifest from a json file.

func (*Descriptor) Bytes

func (d *Descriptor) Bytes() ([]byte, error)

Bytes serializes a manifest stuct into a byte slice.

func (*Descriptor) Validate

func (d *Descriptor) Validate() error

Validate returns true if d has valid content.

type OSManifest

type OSManifest struct {
	Version int    `json:"version"`
	Label   string `json:"label"`

	KernelPath    string `json:"kernel"`
	InitramfsPath string `json:"initramfs"`
	Cmdline       string `json:"cmdline"`
}

OSManifest describes the content and configuration of an OS package loaded by stboot.

func NewOSManifest

func NewOSManifest(label, kernelPath, initramfsPath, cmdline string) *OSManifest

func OSManifestFromBytes

func OSManifestFromBytes(data []byte) (*OSManifest, error)

OSManifestFromBytes parses a manifest from a byte slice.

func (*OSManifest) Bytes

func (m *OSManifest) Bytes() ([]byte, error)

Bytes serializes a manifest stuct into a byte slice.

func (*OSManifest) Validate

func (m *OSManifest) Validate() error

Validate returns no.

func (*OSManifest) Write

func (m *OSManifest) Write(dir string) error

Write saves m to file named by stboot.ManifestName at a path named by dir.

type OSPackage

type OSPackage struct {
	// contains filtered or unexported fields
}

OSPackage represents an OS package ZIP archive and related data.

func CreateOSPackage

func CreateOSPackage(label, pkgURL, kernel, initramfs, cmdline string) (*OSPackage, error)

CreateOSPackage constructs a OSPackage from the passed files.

func NewOSPackage

func NewOSPackage(archiveZIP, descriptorJSON []byte) (*OSPackage, error)

NewOSPackage constructs a new OSPackage initialized with raw bytes and valid internal state.

func (*OSPackage) ArchiveBytes

func (osp *OSPackage) ArchiveBytes() ([]byte, error)

ArchiveBytes return the zip compressed archive part of osp.

func (*OSPackage) DescriptorBytes

func (osp *OSPackage) DescriptorBytes() ([]byte, error)

DescriptorBytes return the zip compressed archive part of osp.

func (*OSPackage) LinuxImage

func (osp *OSPackage) LinuxImage() (boot.LinuxImage, error)

OSImage returns a LinuxImage from osp. LinuxImage implements boot.

func (*OSPackage) Sign

func (osp *OSPackage) Sign(keyBlock, certBlock *pem.Block) error

Sign signes osp.HashValue using osp.Signer. Both, the signature and the certificate are stored into the OSPackage.

func (*OSPackage) Verify

func (osp *OSPackage) Verify(rootCert *x509.Certificate) (found, valid uint, err error)

Verify first verifies the certificates stored together with the signatures in the os package descriptor against the provided root certificates and then verifies the signatures. The number of found signatures and the number of valid signatures are returned. A signature is valid if: * Its certificate was signed by the root certificate * It passed verification * Its certificate is not a duplicate of a previous one The validity bounds of all in volved certificates are ignored.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL