Add error logging for command verification and update comment for public key usage

dido18 · dido18 · commit 07117501a11c · 2025-03-26T10:25:22.000+01:00
diff --git a/conn.go b/conn.go
@@ -115,6 +115,7 @@ func uploadHandler(pubKey *rsa.PublicKey) func(*gin.Context) {
 			err := utilities.VerifyInput(data.Commandline, data.Signature, pubKey)
 
 			if err != nil {
+				log.WithField("err", err).Error("Error verifying the command")
 				c.String(http.StatusBadRequest, "signature is invalid")
 				return
 			}
diff --git a/v2/pkgs/tools.go b/v2/pkgs/tools.go
@@ -65,7 +65,7 @@ type Tools struct {
 	installed map[string]string
 	mutex     sync.RWMutex
 
-	verifySignaturePubKey *rsa.PublicKey // public key used to verify the signature when a tools is installed
+	verifySignaturePubKey *rsa.PublicKey // public key used to verify the signature of a command sent to the boards
 }
 
 // New will return a Tool object, allowing the caller to execute operations on it.
@@ -170,7 +170,7 @@ func (t *Tools) Install(ctx context.Context, payload *tools.ToolPayload) (*tools
 
 	//if URL is defined and is signed we verify the signature and override the name, payload, version parameters
 	if payload.URL != nil && payload.Signature != nil && payload.Checksum != nil {
-		err := utilities.VerifyInput(*payload.URL, *payload.Signature, t.verifySignaturePubKey) // TODO pass the public key
+		err := utilities.VerifyInput(*payload.URL, *payload.Signature, t.verifySignaturePubKey)
 		if err != nil {
 			return nil, err
 		}

Original file line number	Diff line number	Diff line change
`@@ -115,6 +115,7 @@ func uploadHandler(pubKey rsa.PublicKey) func(gin.Context) {`
`115`	`115`	`err := utilities.VerifyInput(data.Commandline, data.Signature, pubKey)`
`116`	`116`
`117`	`117`	`if err != nil {`
	`118`	`+ log.WithField("err", err).Error("Error verifying the command")`
`118`	`119`	`c.String(http.StatusBadRequest, "signature is invalid")`
`119`	`120`	`return`
`120`	`121`	`}`
Original file line number	Diff line number	Diff line change
`@@ -65,7 +65,7 @@ type Tools struct {`
`65`	`65`	`installed map[string]string`
`66`	`66`	`mutex sync.RWMutex`
`67`	`67`
`68`		`- verifySignaturePubKey *rsa.PublicKey // public key used to verify the signature when a tools is installed`
	`68`	`+ verifySignaturePubKey *rsa.PublicKey // public key used to verify the signature of a command sent to the boards`
`69`	`69`	`}`
`70`	`70`
`71`	`71`	`// New will return a Tool object, allowing the caller to execute operations on it.`
`@@ -170,7 +170,7 @@ func (t Tools) Install(ctx context.Context, payload tools.ToolPayload) (*tools`
`170`	`170`
`171`	`171`	`//if URL is defined and is signed we verify the signature and override the name, payload, version parameters`
`172`	`172`	`if payload.URL != nil && payload.Signature != nil && payload.Checksum != nil {`
`173`		`- err := utilities.VerifyInput(payload.URL, payload.Signature, t.verifySignaturePubKey) // TODO pass the public key`
	`173`	`+ err := utilities.VerifyInput(payload.URL, payload.Signature, t.verifySignaturePubKey)`
`174`	`174`	`if err != nil {`
`175`	`175`	`return nil, err`
`176`	`176`	`}`