Fix fsverify signature verification

3 files changed, 85 insertions, 15 deletions

diff --git a/verifysetup/cmd/setup.go b/verifysetup/cmd/setup.go
index 9db095e..940c4cd 100644
--- a/verifysetup/cmd/setup.go
+++ b/verifysetup/cmd/setup.go
@@ -1,17 +1,20 @@
 package cmd
 
 import (
+	"aead.dev/minisign"
 	"bytes"
+	"crypto/ed25519"
+	"encoding/base64"
+	"encoding/binary"
 	"fmt"
-	"math"
-	"os"
-	"strconv"
-	"sync"
-
 	verify "github.com/axtloss/fsverify/core"
 	"github.com/axtloss/fsverify/verifysetup/core"
 	"github.com/spf13/cobra"
 	bolt "go.etcd.io/bbolt"
+	"math"
+	"os"
+	"strconv"
+	"sync"
 )
 
 func NewSetupCommand() *cobra.Command {
@@ -42,7 +45,7 @@ func checksumBlock(blockStart int, blockEnd int, bundleSize int, diskBytes []byt
 		}
 		node, err = core.CreateNode(i*2000, (i*2000)+2000, block, &node, strconv.Itoa(n))
 		if err != nil {
-			fmt.Printf("%d:: 2 Error %s\n", blockStart, err)
+			fmt.Printf("%d:: Attempted creating node for range %d - %d. Error %s\n", blockStart, i*2000, (i*2000)+2000, err)
 			return
 		}
 		nodeChannel <- node
@@ -59,8 +62,14 @@ func checksumBlock(blockStart int, blockEnd int, bundleSize int, diskBytes []byt
 }
 
 func SetupCommand(_ *cobra.Command, args []string) error {
-	if len(args) != 2 {
-		return fmt.Errorf("Usage: verifysetup setup [partition] [procCount]")
+	if len(args) != 3 {
+		return fmt.Errorf("Usage: verifysetup setup [partition] [procCount] [fsverify partition output] <minisign directory>")
+	}
+	var minisignDir string
+	if len(args) != 4 {
+		minisignDir = "./minisign/"
+	} else {
+		minisignDir = args[3]
 	}
 	procCount, err := strconv.Atoi(args[1])
 	if err != nil {
@@ -89,6 +98,7 @@ func SetupCommand(_ *cobra.Command, args []string) error {
 	if err != nil {
 		return err
 	}
+
 	reader := bytes.NewReader(diskBytes)
 	var waitGroup sync.WaitGroup
 	nodeChannels := make([]chan verify.Node, procCount+1)
@@ -125,13 +135,56 @@ func SetupCommand(_ *cobra.Command, args []string) error {
 		}
 	}
 
-	signature, err := core.SignDatabase("./fsverify.db", "./minisign/")
+	signature, err := core.SignDatabase("./fsverify.db", minisignDir)
 	if err != nil {
 		return err
 	}
 	fmt.Println(string(signature))
 
-	//header, err := core.
+	sig := minisign.Signature{}
+	err = sig.UnmarshalText(signature)
+	if err != nil {
+		return err
+	}
+
+	var UntrustedSignature [2 + 8 + ed25519.SignatureSize]byte
+	binary.LittleEndian.PutUint16(UntrustedSignature[:2], sig.Algorithm)
+	binary.LittleEndian.PutUint64(UntrustedSignature[2:10], sig.KeyID)
+	copy(UntrustedSignature[10:], sig.Signature[:])
+	unsignedHash := base64.StdEncoding.EncodeToString(UntrustedSignature[:])
+	signedHash := base64.StdEncoding.EncodeToString(sig.CommentSignature[:])
 
-	return nil
+	fsverifydb, err := os.Open("./fsverify.db")
+	if err != nil {
+		return err
+	}
+	defer db.Close()
+	fmt.Println("Reading from disk")
+	dbInfo, err := fsverifydb.Stat()
+	if err != nil {
+		return err
+	}
+	dbSize := dbInfo.Size()
+
+	verifyPart := make([]byte, 200+dbSize)
+	header, err := core.CreateHeader(unsignedHash, signedHash, int(diskSize), int(dbSize))
+
+	fmt.Printf("%x\n", header)
+
+	database := make([]byte, dbSize)
+	_, err = fsverifydb.Read(database)
+	if err != nil {
+		return err
+	}
+
+	copy(verifyPart, header)
+	copy(verifyPart[200:], database)
+
+	verifyfs, err := os.Create(args[2])
+	if err != nil {
+		return err
+	}
+	defer verifyfs.Close()
+	_, err = verifyfs.Write(verifyPart)
+	return err
 }
diff --git a/verifysetup/core/crypt.go b/verifysetup/core/crypt.go
index 4658641..4b448c5 100644
--- a/verifysetup/core/crypt.go
+++ b/verifysetup/core/crypt.go
@@ -37,5 +37,6 @@ func SignDatabase(database string, minisignKeys string) ([]byte, error) {
 		return nil, err
 	}
 	signature := minisign.SignWithComments(privateKey, data, "fsverify", "fsverify")
+	fmt.Printf("SIGNATURE: %x\n", signature)
 	return signature, err
 }
diff --git a/verifysetup/core/storage.go b/verifysetup/core/storage.go
index ddc70b3..e7ded32 100644
--- a/verifysetup/core/storage.go
+++ b/verifysetup/core/storage.go
@@ -2,8 +2,10 @@ package core
 
 import (
 	"bytes"
+	"encoding/binary"
 	"encoding/json"
 	"fmt"
+
 	verify "github.com/axtloss/fsverify/core"
 	bolt "go.etcd.io/bbolt"
 )
@@ -12,9 +14,9 @@ var TotalReadBlocks = 0
 
 func ReadBlock(start int, end int, device *bytes.Reader) ([]byte, error) {
 	if end-start < 0 {
-		return []byte{}, fmt.Errorf("ERROR: tried creating byte slice with negative length. %d to %d total %d\n", start, end, end-start)
+		return []byte{}, fmt.Errorf("tried creating byte slice with negative length. %d to %d total %d\n", start, end, end-start)
 	} else if end-start > 2000 {
-		return []byte{}, fmt.Errorf("ERROR: tried creating byte slice with length over 2000. %d to %d total %d\n", start, end, end-start)
+		return []byte{}, fmt.Errorf("tried creating byte slice with length over 2000. %d to %d total %d\n", start, end, end-start)
 	}
 	block := make([]byte, end-start)
 	_, err := device.Seek(int64(start), 0)
@@ -63,8 +65,22 @@ func AddNode(node verify.Node, tx *bolt.Tx) error {
 	}
 	return nil
 }
-/*
+
 func CreateHeader(unsignedHash string, signedHash string, diskSize int, tableSize int) ([]byte, error) {
 	header := make([]byte, 200)
+	header[0] = 0xAC
+	header[1] = 0xAB
+	copy(header[2:], []byte(unsignedHash))
+	copy(header[102:], []byte(signedHash))
+
+	disk := make([]byte, 4)
+	binary.BigEndian.PutUint32(disk, uint32(diskSize))
+	copy(header[190:], disk)
 
-}*/
+	fmt.Println(tableSize)
+	db := make([]byte, 4)
+	binary.BigEndian.PutUint32(db, uint32(tableSize))
+	copy(header[195:], db)
+
+	return header, nil
+}