diff options
Diffstat (limited to 'cmd/sigsum_log_go')
-rw-r--r-- | cmd/sigsum_log_go/main.go | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/cmd/sigsum_log_go/main.go b/cmd/sigsum_log_go/main.go index 4ab9c2a..b64da1a 100644 --- a/cmd/sigsum_log_go/main.go +++ b/cmd/sigsum_log_go/main.go @@ -8,6 +8,7 @@ import ( "encoding/hex" "flag" "fmt" + "io/ioutil" "net/http" "os" "os/signal" @@ -34,7 +35,7 @@ var ( prefix = flag.String("prefix", "", "a prefix that proceeds /sigsum/v0/<endpoint>") trillianID = flag.Int64("trillian_id", 0, "log identifier in the Trillian database") deadline = flag.Duration("deadline", time.Second*10, "deadline for backend requests") - key = flag.String("key", "", "hex-encoded Ed25519 signing key") + key = flag.String("key", "", "path to file with hex-encoded Ed25519 private key") witnesses = flag.String("witnesses", "", "comma-separated list of trusted witness public keys in hex") maxRange = flag.Int64("max_range", 10, "maximum number of entries that can be retrived in a single request") interval = flag.Duration("interval", time.Second*30, "interval used to rotate the log's cosigned STH") @@ -176,9 +177,12 @@ func setupInstanceFromFlags() (*instance.Instance, error) { return &i, nil } -func newLogIdentity(key string) (crypto.Signer, string, error) { - buf, err := hex.DecodeString(key) +func newLogIdentity(keyFile string) (crypto.Signer, string, error) { + buf, err := ioutil.ReadFile(keyFile) if err != nil { + return nil, "", err + } + if buf, err = hex.DecodeString(strings.TrimSpace(string(buf))); err != nil { return nil, "", fmt.Errorf("DecodeString: %v", err) } sk := crypto.Signer(ed25519.PrivateKey(buf)) |