search

MrMabulous / GitTrustedTimestamps

Trusted Timestamping for git repositories using RFC3161 and RFC5816 token
https://matthias-buehlmann.medium.com/git-as-cryptographically-tamperproof-file-archive-using-chained-rfc3161-timestamps-ad15836b883?source=friends_link&sk=fb180a11ab53a2c2d9b31bcf0febf2fc
GNU Affero General Public License v3.0
34 stars 6 forks source link

Issue initializing repository #1

Open efferto opened 3 years ago

efferto commented 3 years ago

Hello,

I'm trying to use your project, I like it a lot, to initialize a new git repository. I cannot use the object format to sha256 because I have git version 2.17. Anyway, I have initialized the repository and followed your step up to step 2. At step 3 I get the following error when I run your script:

.git/hooks/trust.sh https://freetsa.org/tsr
dgst: Unrecognized flag -show-object-format
dgst: Use -help for summary.
Assertion failed: Precondition: digest 573541ac9702dd3969c9bc859d2b91ec1f7e6e56 must have length 0.
Backtrace:
  [1]: .git/hooks/timestamping : request_token line 355
  [2]: .git/hooks/trust.sh : main line 62

Could it be an issue with the git version?

Thanks

MrMabulous commented 3 years ago

I don't know which the lowest git version is that would fully support these git hooks, but I developed this software for git 2.30 and newer.

if this is the only incompatibility with 2.17 (which I'm not sure whether that's the case), then you can get it to work by simply replacing line 133 in timestamping

declare -r ALGO=$(git rev-parse --show-object-format)

with

declare -r ALGO='sha1'

efferto commented 3 years ago

Thanks this solve partially the issue, now I get the following:

$.git/hooks/trust.sh https://freetsa.org/tsr

.git/hooks/timestamping: line 256: local: -n: invalid option
local: usage: local name[=value] ...
.git/hooks/timestamping: line 277: local: -n: invalid option
local: usage: local name[=value] ...
awk: syntax error at source line 2
 context is
        { print > tmpdir >>>  i <<<  ".extracted.pem.cer" }
awk: illegal statement at source line 2
ls: /var/folders/qp/8pf49wp94_d3wq03ts0qlw140000gn/T/tmp.z9LBig0Q/*.extracted.pem.cer: No such file or directory
dgst: Unrecognized flag <NULL>
dgst: Use -help for summary.
Can't open  for reading, No such file or directory
140736280494976:error:02001002:system library:fopen:No such file or directory:crypto/bio/bss_file.c:72:fopen('','r')
140736280494976:error:2006D080:BIO routines:BIO_new_file:no such file:crypto/bio/bss_file.c:79:
unable to load certificate
.git/hooks/timestamping: line 449: ${SIGNING_CERT_ID,,}: bad substitution
awk: syntax error at source line 2
 context is
             cat:    /var/folders/qp/8pf49wp94_d3wq03ts0qlw140000gn/T/tmp.z9LBig0Q/certificates.pem{ : prNo such file or directory
int > tmpdir >>>  i <<<  ".extracted.pem.cer" } END {print i}
awk: illegal statement at source line 2
Verifying that /var/folders/qp/8pf49wp94_d3wq03ts0qlw140000gn/T/tmp.z9LBig0Q/.extracted.pem.cer is self signed
Error: could not find root certificate for https://freetsa.org/tsr
MrMabulous commented 3 years ago

local -n requires bash-4.3 or newer

efferto commented 3 years ago

I see thanks!

efferto commented 3 years ago

Hi, I have updated the bash version to 5.1 but I get the same error:

$.git/hooks/trust.sh https://freetsa.org/tsr

.git/hooks/timestamping: line 256: local: -n: invalid option
local: usage: local name[=value] ...
.git/hooks/timestamping: line 277: local: -n: invalid option
local: usage: local name[=value] ...
awk: syntax error at source line 2
 context is
        { print > tmpdir >>>  i <<<  ".extracted.pem.cer" }
awk: illegal statement at source line 2
ls: /var/folders/qp/8pf49wp94_d3wq03ts0qlw140000gn/T/tmp.rDsS2WLC/*.extracted.pem.cer: No such file or directory
dgst: Unrecognized flag <NULL>
dgst: Use -help for summary.
Can't open  for reading, No such file or directory
140736280494976:error:02001002:system library:fopen:No such file or directory:crypto/bio/bss_file.c:72:fopen('','r')
140736280494976:error:2006D080:BIO routines:BIO_new_file:no such file:crypto/bio/bss_file.c:79:
unable to load certificate
.git/hooks/timestamping: line 449: ${SIGNING_CERT_ID,,}: bad substitution
cat: /var/folders/qp/8pf49wp94_d3wq03ts0qlw140000gn/T/tmp.rDsS2WLC/certificates.pem: No such file or directory
awk: syntax error at source line 2
 context is
                { print > tmpdir >>>  i <<<  ".extracted.pem.cer" } END {print i}
awk: illegal statement at source line 2
Verifying that /var/folders/qp/8pf49wp94_d3wq03ts0qlw140000gn/T/tmp.rDsS2WLC/.extracted.pem.cer is self signed
Error: could not find root certificate for https://freetsa.org/tsr
MrMabulous commented 3 years ago

That's weird. Are you sure it's executing in that shell? what system are you on?

efferto commented 3 years ago

The system is mac os 10.13.6, I have updated bash with homebrew and also git:

$ echo $BASH_VERSION
5.1.4(1)-release
$ git --version
git version 2.31.0
efferto commented 3 years ago

I have repeated all the steps with updated bash and git, initializing the repo with sha256 but I get exactly the same error posted above. AWK version is 20070501.

MrMabulous commented 3 years ago

That is strange. Name references (the -n argument for declare and local) were introduced with bash-4.3, so my best bet currently is that when you commit, git for some reason doesn't actually use your installed bash version. I haven't tested on mac so far, but I'll try to look at it on the weekend

ragavpr commented 3 months ago

What's happening is $HASH_LENGTH is set as 0 instead of 40 (sha1) or 64 (sha256)

Error is printed from this line https://github.com/MrMabulous/GitTrustedTimestamps/blob/062e222c4d3f0b2d4db740728a6c34e972696938/hooks/timestamping#L355

$HASH_LENGTH is set in this line by involving 3 commands openssl, xxd, awk https://github.com/MrMabulous/GitTrustedTimestamps/blob/062e222c4d3f0b2d4db740728a6c34e972696938/hooks/timestamping#L135

I was missing xxd, installing it fixed this for me.