libresign icon indicating copy to clipboard operation
libresign copied to clipboard
verified publisher icon LibreSign

Invalid Hash of binaries files.

Open GauthierCrp opened this issue 1 year ago • 8 comments

Hello,

First, many thanks for your job, it's a great tool to use !

On Nexcloud Hub 8, the installation goes wrong. The different binaries, are well downloading, but impossible de pass de check verification.

image

I installed Libresign from the Nextcloud's store. If used the occ command to download every binaries without any error. But the check status, is still to error.

image

image

If someone can help me to get the installation working !

Thank you, very much in advance :)

Best Regards

GauthierCrp avatar Jun 26 '24 08:06 GauthierCrp

Thanks by your report, I will check what's happening. This is a new feature.

vitormattos avatar Jun 26 '24 12:06 vitormattos

I identified the problem. This version need to have json files signing the dependencies but looking at tar.gz file, haven't the necessary files.

Current scenario Need to have these files
Screenshot_20240626_094958 Screenshot_20240626_095205

I will check how to solve. The problem is when LibreSign is packed to publish at Nextcloud app store.

vitormattos avatar Jun 26 '24 12:06 vitormattos

@GauthierCrp could you test the newest release?

vitormattos avatar Jun 27 '24 03:06 vitormattos

Hello Vitor,

The bug seems to be resolved ! Many Thanks !

image

Have a good day. Best Reagrd

GauthierCrp avatar Jun 27 '24 06:06 GauthierCrp

@vitormattos Fixed the invalid hashes on my instance as well.

That said, I can't seem to find how to add a signature to a pdf. The option "Open in LibreSign" opens the file info menu onto the LibreSign tab, but it is empty with no actions available.

Image

AceDicer avatar Jun 27 '24 07:06 AceDicer

@AceDicer This isn't about this issue. Could you open a specific issue to this?

vitormattos avatar Jun 27 '24 13:06 vitormattos

@vitormattos hey, i have a trouble with this error, even after upgrading to 9.1.2.

If i remove these lines:

//                      if (count($this->verify('java'))) {
//                              return [
//                                      (new ConfigureCheckHelper())
//                                              ->setErrorMessage(
//                                                      'Invalid hash of binaries files.'
//                                              )
//                                              ->setResource('java')
//                                              ->setTip('Run occ libresign:install --all'),
//                              ];
//                      }

The things goes in right way!

I guess the java file check doesn't works.

rodsmar avatar Jul 03 '24 13:07 rodsmar

Hi @rodsmar I think that I identified another problem at build and fixed here:

  • https://github.com/LibreSign/libresign/pull/3250

I already merged this but I'm working now to generate a new build.

vitormattos avatar Jul 03 '24 15:07 vitormattos

Could you check again at the newest release of LibreSign?

Closing this issue as solved.

If this issue persists, don't hesitate to open a new issue making reference to this.

[!NOTE]

If you like this app, don't hesitate to help us

Ways to help this project:

  • Creating a very nice review of this project at:
    • social networks like LinkedIn, Instagram, etc and putting the @LibreSign and @LibreCodeCoop
    • AlternativeTo https://alternativeto.net/software/libresign/
    • Nextcloud apps store: https://apps.nextcloud.com/apps/libresign
  • Sponsoring the development by GitHub sponsor https://github.com/sponsors/LibreSign
  • helping the translations on Transifex
  • contacting us to have Enterprise support: https://libresign.coop

vitormattos avatar Jul 08 '24 18:07 vitormattos

I am using the latest version 9.1.3 and still having issue with Invalid hash of binaries files.

image

jameswlane avatar Jul 11 '24 16:07 jameswlane

@jameswlane I'm starting to create a new release with points that will touch at this.

Is your environment with debug mode on?

vitormattos avatar Jul 11 '24 16:07 vitormattos

@vitormattos It is a production instance. I have yet to enable any additional logging except what is enabled by default.

jameswlane avatar Jul 11 '24 17:07 jameswlane

I created a new release now, could you check with the newest release?

vitormattos avatar Jul 11 '24 17:07 vitormattos

@vitormattos It seems to be stuck in a loop of download and validate

Screencast from 2024-07-11 12-53-01.webm

jameswlane avatar Jul 11 '24 17:07 jameswlane

@vitormattos, would you happen to know what I can try to fix the loop?

jameswlane avatar Jul 12 '24 17:07 jameswlane

Are you using Alpine Linux?

vitormattos avatar Jul 12 '24 18:07 vitormattos

I created a new release with some fixes at setup flow, could you check with the newest release?

vitormattos avatar Jul 12 '24 18:07 vitormattos

@vitormattos I am using Ubuntu 22.04 LTS. I will update it and see what I get.

jameswlane avatar Jul 12 '24 18:07 jameswlane

@vitormattos Same thing. I ssh in and grabbed the logs its throwing the following error:

file_get_contents(): Read of 12288 bytes failed with errno=21 Is a directory at /var/www/html/lib/private/IntegrityCheck/Helpers/FileAccessHelper.php#44

jameswlane avatar Jul 12 '24 19:07 jameswlane

After upgrading to 9.2.2 i can confirm: Java's hash validation works flawless!

But...

To check requirements i had to enable Nextcloud's debug mode:

config:system:set debug --value true --type boolean

rodsmar avatar Jul 17 '24 01:07 rodsmar

@rodsmar the signature process is to ensure that the downloaded files are certified to works with LibreSign and wasn't changed.

At development mode is necessary to enable the debug mode because a developer can't sign the downloaded, only the LibreSign author that have the certificate can sign the downloaded files. At development mode is used a self generated certificate to sign and validate the downloaded files.

The signatures of downloaded files are stored at folder appinfo inside LibreSign folder. Are a lot of *.json files. These fiels are generated during the build process of LibreSign to validate the signatuer by the same way of Nextcloud validate the apps that are signed by developer certificate.

I think that have anything different at your environment. Could you check at Administratin Settings if all checks of Nextcloud are ok? Isn't the check of LibreSign, is about the checks of Nextcloud. I think that when you defined debug=true and validated your LibreSign setup, changed the json files inside appinfo folder.

vitormattos avatar Jul 17 '24 19:07 vitormattos

Closing this as solved after newest release.

Please, test again to check if all is working fine.

vitormattos avatar Sep 10 '24 16:09 vitormattos

this seems to be back on nextcloud 30.0.6

Image

Fuseteam avatar Mar 13 '25 13:03 Fuseteam

@Fuseteam check if your java version is up to date.

I will think to implement a way to update the dependencies or notify the admin about an outdated dependency.

vitormattos avatar Mar 14 '25 20:03 vitormattos

@Fuseteam check if your java version is up to date.

I just ran occ libresign:install --all last week so i believe it should be up to date

Image

Fuseteam avatar Mar 17 '25 12:03 Fuseteam

I have nextcloud hub 10 (31.0.0) and same error as this. Is there a solution to this problem?

@Fuseteam check if your java version is up to date.

I just ran occ libresign:install --all last week so i believe it should be up to date

Image

wardragon avatar May 27 '25 10:05 wardragon

nextcloud running in Truenascale apps

Ran php occ libresign:install -all but jsignpdf still not valid hash. Any asistance for fix !!

Image

ayubwaheed avatar May 27 '25 22:05 ayubwaheed

there is now an fix for this issue: https://github.com/LibreSign/libresign/issues/4810#issuecomment-2989422713

It turns out that the downloaded binaries in /var/html/data/appdata_*/libresign/x86_64/jsignpdf are corrupted, removing those binaries manually and then re-running libresign:install --all fixes the error

Fuseteam avatar Jun 23 '25 14:06 Fuseteam