extern/hishtory
1
0
Fork 0
mirror of https://github.com/ddworken/hishtory.git synced 2025-08-14 09:08:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Patch vendored slsa verifier and fix updates

Browse Source
This commit is contained in:
David Dworken
2022-06-04 21:31:16 -07:00
parent e638b9795b
commit de15305fb5
4 changed files with 16 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
client/lib/lib.go
View File

@ -537,7 +537,7 @@ func Update() error {
if runtime.GOOS == "darwin" {
err = verifyBinaryMac("/tmp/hishtory-client", downloadData)
} else {
err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl", downloadData.Version+"-"+runtime.GOOS+"-"+runtime.GOARCH)
err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl", downloadData.Version)
}
if err != nil {
return fmt.Errorf("failed to verify SLSA provenance of the updated binary, aborting update: %v", err)
@ -618,7 +618,7 @@ func verifyBinaryMac(binaryPath string, downloadData shared.UpdateInfo) error {
}
// Step 4: Use SLSA to verify the unsigned binary
return verifyBinary(unsignedBinaryPath, "/tmp/hishtory-client.intoto.jsonl", downloadData.Version+"-"+runtime.GOOS+"-"+runtime.GOARCH)
return verifyBinary(unsignedBinaryPath, "/tmp/hishtory-client.intoto.jsonl", downloadData.Version)
}
func assertIdenticalBinaries(bin1Path, bin2Path string) error {