raboof/liminix
1
0
Fork 0
forked from dan/liminix
Code Pull Requests Activity

tangc handle non-zero exit from jwe dec

Browse Source 
Sometimes it exits non-zero but decrypts the file *anyway*. It only
does this on the device and I haven't been able to reproduce on build,
so this is a workaround until we find the root cause
This commit is contained in:
Daniel Barlow 2024-09-01 09:57:38 +01:00
parent e590c0ad3f
commit 034d6aacc4
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pkgs/tangc/tangc.fnl
View File

@ -75,8 +75,15 @@
(.. (json.encode clt) " " (json.encode eph))))
(fn jwe-dec [jwk ph undigested]
(josep! ["jwe" "dec" "-k-" "-i-"]
(.. (json.encode jwk) ph "." undigested)))
;; sometimes jose jwe dec decrypts the file and exits
;; non-zero anyway. FIXME find out why
(let [inputstr (.. (json.encode jwk) ph "." undigested)
(exitcode out) (jose ["jwe" "dec" "-k-" "-i-"] inputstr)]
(if (> exitcode 0)
(: io.stderr :write (%% "jose jwe dec exited %d\n" exitcode)))
(if (not (= out ""))
out
(error (%% "jose jwe dec produced no output, exited %d" exitcode)))))
(fn parse-jwe [jwe]
(assert (= jwe.clevis.pin "tang") "invalid clevis.pin")