Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Mender-artifact validate passes unsigned artifact when key specified

Description

If i have an unsigned mender artifact and I tell mender-artifact to validate it and specify the key it still passes.
Is this a bug or normal behaviour?
it seems counter-intuitive to me, as by specifying the key, one is expecting the artifact to be signed and expect a validation failure.

Affects versions

Environment

None

Checklist

Activity

Show:

Don CrossSeptember 26, 2018 at 1:07 AM

@Drew Moseley, I realize I never responded to your question about the documentation change. Using the "validate" command still succeeded in the case Dell Green mentioned, when it should have failed. Your documentation change is good because "read" still returns 0 in several failure cases, but "validate" is correct in every case I tested, after applying my PR 141. Hope that helps.

Don CrossSeptember 25, 2018 at 10:42 PM

I fixed problems with pull request #140 and now I have this one ready for review:

https://github.com/mendersoftware/mender-artifact/pull/141

Don CrossSeptember 25, 2018 at 7:54 PM

I have a pull request ready:
https://github.com/mendersoftware/mender-artifact/pull/140

I decided to focus in on this one specific issue for now. I see other issues with the "read" command, but I think those should be addressed as separate tickets and pull requests. I will follow up later.

Drew MoseleySeptember 25, 2018 at 7:53 PM

, I added https://github.com/mendersoftware/mender-docs/pull/515 to fix the documentation side of this.  Please let me know if that looks like a complete solution there.

Dell GreenSeptember 24, 2018 at 7:34 PM

@Don Cross, I'm happy for you to take this one Don, my golang is not far along enough yet to contribute code.

Fixed

Details

Assignee

Reporter

Labels

Priority

Fix versions

Zendesk Support

Checklist

Created September 24, 2018 at 11:14 AM
Updated September 30, 2019 at 7:21 AM
Resolved October 3, 2018 at 8:23 AM