From eabd001d3e8ea50b87c717111f728fec917d75c4 Mon Sep 17 00:00:00 2001
From: David Dworken <david@daviddworken.com>
Date: Sun, 2 Feb 2025 11:47:02 -0800
Subject: [PATCH] Add additional fail-safe validation to SLSA validator for
 better error messages

---
 scripts/actions-validate.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/scripts/actions-validate.py b/scripts/actions-validate.py
index e1f8265..cf93d57 100644
--- a/scripts/actions-validate.py
+++ b/scripts/actions-validate.py
@@ -8,6 +8,7 @@ ALL_FILES = ['hishtory-linux-amd64', 'hishtory-linux-arm64', 'hishtory-darwin-am
 
 def validate_slsa(hishtory_binary: str) -> None:
     assert os.path.exists(hishtory_binary)
+    assertPresentAndNotAscii(hishtory_binary)
     subprocess.check_output(['chmod', "+x", hishtory_binary])
     for filename in ALL_FILES:
         try:
@@ -63,6 +64,13 @@ def validate_hishtory_status(filename: str, deep_validation: bool) -> None:
     else:
         assert "hiSHtory: " in status, status
 
+def assertPresentAndNotAscii(fn):
+    if not os.path.exists(fn):
+        raise Exception(f"{fn=} does not exist, did it fail to download?")
+    out = subprocess.check_output(["file", fn]).decode('utf-8')
+    if "ASCII text" in out:
+        raise Exception(f"{fn=} is of type {out}")
+
 def main() -> None:
     print("Starting validation of MacOS signatures")
     for filename in ALL_FILES: