changed admin encoding type to bs58

dtrfs_api/Cargo.lock

@@ -1,6 +1,6 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
-version = 3
+version = 4
 
 [[package]]
 name = "actix-codec"
@@ -409,6 +409,15 @@ dependencies = [
  "alloc-stdlib",
 ]
 
+[[package]]
+name = "bs58"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bf88ba1141d185c399bee5288d850d63b8369520c1eafc32a0430b5b6c287bf4"
+dependencies = [
+ "tinyvec",
+]
+
 [[package]]
 name = "byteorder"
 version = "1.5.0"
@@ -670,6 +679,7 @@ dependencies = [
  "anyhow",
  "base64",
  "bincode",
+ "bs58",
  "ed25519-dalek",
  "lazy_static",
  "regex",
@@ -2081,6 +2091,21 @@ dependencies = [
  "zerovec",
 ]
 
+[[package]]
+name = "tinyvec"
+version = "1.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "022db8904dfa342efe721985167e9fcd16c29b226db4397ed752a761cfce81e8"
+dependencies = [
+ "tinyvec_macros",
+]
+
+[[package]]
+name = "tinyvec_macros"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
+
 [[package]]
 name = "tls_codec"
 version = "0.4.1"

dtrfs_api/Cargo.toml

@@ -4,12 +4,13 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
+bs58 = "0.5.1"
 anyhow = "1.0.93"
 base64 = "0.22.1"
 bincode = "1.3.3"
 regex = "1.11.1"
 sev = { version = "4.0", default-features = false, features = ['crypto_nossl','snp'] }
-ed25519-dalek = { version = "2.1.1", features = ["pem", "pkcs8"] }
+ed25519-dalek = { version = "2.1.1", features = ["pkcs8"] }
 lazy_static = "1.5.0"
 actix-web = { version = "4.9.0", features = ["rustls-0_23"] }
 sha3 = "0.10.8"

dtrfs_api/src/main.rs

@@ -45,13 +45,16 @@ fn get_cert_hash() -> [u8; 64] {
 }
 
 fn verifying_key() -> Result<VerifyingKey, Box<dyn std::error::Error>> {
-    let re = Regex::new(r"detee_admin=([A-Za-z0-9+/=]+)").unwrap();
+    let re = Regex::new(r"detee_admin=([A-Za-z0-9]+)").unwrap();
     let key_str = re.find(&CMDLINE).map(|m| m.as_str()).unwrap_or("");
-    let key_pem = format!(
-        "-----BEGIN PUBLIC KEY-----\n{}\n-----END PUBLIC KEY-----\n",
-        key_str.strip_prefix("detee_admin=").ok_or("Could not get admin key from cmdline")?
-    );
-    Ok(VerifyingKey::from_public_key_pem(&key_pem)?)
+    let key_str =
+        key_str.strip_prefix("detee_admin=").ok_or("Could not get admin key from cmdline")?;
+    Ok(VerifyingKey::from_bytes(
+        &bs58::decode(key_str)
+            .into_vec()?
+            .try_into()
+            .map_err(|_| bs58::decode::Error::BufferTooSmall)?,
+    )?)
 }
 
 fn verify(req: &HttpRequest) -> Result<(), Box<dyn std::error::Error>> {

fedora.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+
+dnf install fsarchiver
+
+mkdir -p /mnt/proc /mnt/sys /mnt/dev /mnt/dev/pts /mnt/run
+mount --bind /proc /mnt/proc
+mount --bind /sys /mnt/sys
+mount --bind /dev /mnt/dev
+mount --bind /dev/pts /mnt/dev/pts
+mount --bind /run /mnt/run
+dnf install -y --installroot=/mnt --releasever=41 --use-host-config @core
+dnf install -y --installroot=/mnt --releasever=41 --use-host-config libselinux
+dnf remove -y --installroot=/mnt --releasever=41 --use-host-config zram-generator-defaults
+umount /mnt/proc
+sleep 2
+umount /mnt/sys
+sleep 2
+umount /mnt/dev/pts
+sleep 2
+umount /mnt/dev
+sleep 2
+umount /mnt/run
+sleep 2
+rm -rf /mnt/var/cache/libdnf5
+fsarchiver savedir /tmp/os_template.fsa /mnt