MozillaWiki

User:Catlee/AutomatedSigning: Difference between revisions

User page Discussion

User:Catlee/AutomatedSigning (view source)

Revision as of 16:26, 28 November 2010

1,019 bytes added ,  28 November 2010
no edit summary
No edit summary
No edit summary
Line 1: Line 1:
=Prototype=
Current implementation is at http://hg.mozilla.org/users/catlee_mozilla.com/tools/file/signing-server/release/signing
==Server==
The server can currently be run without arguments:
  python signing-server.py
It expects a bunch of files and directories to be available locally (http://hg.mozilla.org/users/catlee_mozilla.com/tools/file/fb470aacc74d/release/signing/signing-server.py#l207):
* signscript.sh - the script that does the actual signing.  It gets called with 4 arguments: outputdir, hash, inputfile, orig_filename.
* host.pem - SSL private key and certificate to use for the web server
* signed-files / unsigned-file - directories for unsigned, signed files
* secrets - a list of acceptable secret values, one per line
==Client==
The client takes a bunch of arguments:
  python signing-client.py -H localhost -p 8080 -c host.cert -s ~/.ssh/ffxbld_dsa -o foo-signed foo
Will sign 'foo' and save it as 'foo-signed'
==Dependencies==
* paste - for threaded HTTPS server
* IPy - for IP address calculation and validation on the server
* poster - for multipart/form-encode uploads on the client
=Protocol=
Run a web app on keymaster that has a basic API:
Run a web app on keymaster that has a basic API:


   POST /sign
   POST /sign
     filedata=...
     filedata=...
     sha512=...
     sha1=...
     filename=...
     filename=...
     hmac=...
     secret=...
   returns a signing id
   returns a signing id


   HEAD /sign/<id>
   HEAD /sign/<filehash>[.out|.status]
     indicates if signing job is done
     indicates if file is available


   GET /sign/<id>
   GET /sign/<filehash>[.out|.status]
     returns signed file(s), file hashes, hmac, ...
     returns file


hmac could be some token generated from a combination of date and per-release secret.  The secret could be given to both the keymaster and builds to generate checksums so the keymaster knows that requests to sign files are valid for this release in a certain time period.
secret is a pre-arranged secret valueOne example would be the sha1sum of ~/.ssh/ffxbld_dsa.  The server has a list of acceptable secret values.


=Notes=
* Connection between slave and keymaster must be encrypted (https)
* Connection between slave and keymaster must be encrypted (https)


Catlee
Confirmed users
2,456

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/270327"