aboutsummaryrefslogtreecommitdiff
path: root/cmd/sigsum-debug/head
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus@mullvad.net>2022-04-23 18:19:25 +0200
committerRasmus Dahlberg <rasmus@mullvad.net>2022-04-23 18:29:31 +0200
commit047500ae23a12469ce3e458c6a58a642716041b7 (patch)
treedd8ab39910e623ff756532bd892fb2f8d2e5fef6 /cmd/sigsum-debug/head
parent4fc0ff2ec2f48519ee245d6d7edee1921cb3b8bc (diff)
add drafty tool named sigsum-debug
Meant to be used for debugging and tests only. Replaces cmd/tmp/* in log-go, expect for the DNS command which is redundant. Use `dig -t txt $domain_hint` to debug domain hints.
Diffstat (limited to 'cmd/sigsum-debug/head')
-rw-r--r--cmd/sigsum-debug/head/consistency/consistency.go9
-rw-r--r--cmd/sigsum-debug/head/head.go103
-rw-r--r--cmd/sigsum-debug/head/sign/sign.go41
-rw-r--r--cmd/sigsum-debug/head/verify/verify.go9
4 files changed, 162 insertions, 0 deletions
diff --git a/cmd/sigsum-debug/head/consistency/consistency.go b/cmd/sigsum-debug/head/consistency/consistency.go
new file mode 100644
index 0000000..18fbdd6
--- /dev/null
+++ b/cmd/sigsum-debug/head/consistency/consistency.go
@@ -0,0 +1,9 @@
+package consistency
+
+import (
+ "fmt"
+)
+
+func Main(args []string, oldSize, newSize uint64, oldRoot, newRoot string) error {
+ return fmt.Errorf("TODO")
+}
diff --git a/cmd/sigsum-debug/head/head.go b/cmd/sigsum-debug/head/head.go
new file mode 100644
index 0000000..b1b3044
--- /dev/null
+++ b/cmd/sigsum-debug/head/head.go
@@ -0,0 +1,103 @@
+package head
+
+import (
+ "flag"
+ "fmt"
+ "log"
+
+ "git.sigsum.org/sigsum-go/cmd/sigsum-debug/head/consistency"
+ "git.sigsum.org/sigsum-go/cmd/sigsum-debug/head/sign"
+ "git.sigsum.org/sigsum-go/cmd/sigsum-debug/head/verify"
+ "git.sigsum.org/sigsum-go/internal/options"
+)
+
+const usage = `
+sigsum-debug head signs and verifies tree heads.
+
+Usage:
+
+ sigsum-debug head help
+ Outputs a usage message
+
+ sigsum-debug head sign -k PRIVATE_KEY -h KEY_HASH
+ Reads an ascii signed tree head from stdin and outputs a new signature
+
+ sigsum-debug head verify -k PUBLIC_KEY
+ Reads an ascii signed tree head from stdin and verifies it
+
+ sigsum-debug head consistency -n OLD_SIZE -N NEW_SIZE -r OLD_ROOT -R NEW_ROOT
+ Reads an ascii consistency proof from stdin and verifies it
+
+`
+
+var (
+ optPrivateKey, optPublicKey, optKeyHash, optOldRoot, optNewRoot string
+ optOldSize, optNewSize uint64
+)
+
+func Main(args []string) error {
+ var err error
+
+ opt := options.New(args, func() { log.Printf(usage[1:]) }, setOptions)
+ err = checkOptions(opt.Name())
+ if err == nil {
+ switch opt.Name() {
+ case "help":
+ opt.Usage()
+ case "sign":
+ err = sign.Main(opt.Args(), optPrivateKey, optKeyHash)
+ case "verify":
+ err = verify.Main(opt.Args(), optPublicKey)
+ case "consistency":
+ err = consistency.Main(opt.Args(), optOldSize, optNewSize, optOldRoot, optNewRoot)
+ default:
+ err = fmt.Errorf("invalid command %q, try \"help\"", opt.Name())
+ }
+ }
+ if err != nil {
+ format := " %s: %w"
+ if len(opt.Name()) == 0 {
+ format = "%s: %w"
+ }
+ err = fmt.Errorf(format, opt.Name(), err)
+ }
+
+ return err
+}
+
+func setOptions(fs *flag.FlagSet) {
+ switch cmd := fs.Name(); cmd {
+ case "help":
+ case "sign":
+ options.AddString(fs, &optPrivateKey, "k", "private-key", options.DefaultString)
+ options.AddString(fs, &optKeyHash, "h", "key-hash", options.DefaultString)
+ case "verify":
+ options.AddString(fs, &optPublicKey, "k", "public-key", options.DefaultString)
+ case "consistency":
+ options.AddUint64(fs, &optOldSize, "n", "old-size", options.DefaultUint64)
+ options.AddUint64(fs, &optNewSize, "N", "new-size", options.DefaultUint64)
+ options.AddString(fs, &optOldRoot, "r", "old-root", options.DefaultString)
+ options.AddString(fs, &optNewRoot, "R", "new-root", options.DefaultString)
+ }
+}
+
+// checkOptions checks that options with required arguments were set
+func checkOptions(cmd string) error {
+ var err error
+
+ switch cmd {
+ case "help":
+ case "sign":
+ err = options.CheckString("private key", optPrivateKey, err)
+ err = options.CheckString("key hash", optKeyHash, err)
+ case "verify":
+ err = options.CheckString("public key", optPublicKey, err)
+ case "consistency":
+ err = options.CheckUint64("old size", optOldSize, err)
+ err = options.CheckUint64("new size", optNewSize, err)
+ err = options.CheckString("old root", optOldRoot, err)
+ err = options.CheckString("new root", optNewRoot, err)
+ }
+
+ return err
+}
diff --git a/cmd/sigsum-debug/head/sign/sign.go b/cmd/sigsum-debug/head/sign/sign.go
new file mode 100644
index 0000000..572af9a
--- /dev/null
+++ b/cmd/sigsum-debug/head/sign/sign.go
@@ -0,0 +1,41 @@
+package sign
+
+import (
+ "bytes"
+ "fmt"
+ "strings"
+
+ "git.sigsum.org/sigsum-go/internal/fmtio"
+ "git.sigsum.org/sigsum-go/pkg/hex"
+ "git.sigsum.org/sigsum-go/pkg/types"
+)
+
+func Main(args []string, optPrivateKey, optKeyHash string) error {
+ if len(args) != 0 {
+ return fmt.Errorf("trailing arguments: %s", strings.Join(args, ", "))
+ }
+ b, err := fmtio.BytesFromStdin()
+ if err != nil {
+ return fmt.Errorf("read stdin: %w", err)
+ }
+ priv, err := fmtio.SignerFromHex(optPrivateKey)
+ if err != nil {
+ return fmt.Errorf("parse private key: %v", err)
+ }
+ keyHash, err := fmtio.KeyHashFromHex(optKeyHash)
+ if err != nil {
+ return fmt.Errorf("parse key hash: %v", err)
+ }
+
+ var input types.SignedTreeHead
+ if err := input.FromASCII(bytes.NewBuffer(b)); err != nil {
+ return fmt.Errorf("parse signed tree head: %v", err)
+ }
+ output, err := input.TreeHead.Sign(priv, &keyHash)
+ if err != nil {
+ return fmt.Errorf("sign tree head: %v", err)
+ }
+
+ fmt.Printf("%s\n", hex.Serialize(output.Signature[:]))
+ return nil
+}
diff --git a/cmd/sigsum-debug/head/verify/verify.go b/cmd/sigsum-debug/head/verify/verify.go
new file mode 100644
index 0000000..69b20aa
--- /dev/null
+++ b/cmd/sigsum-debug/head/verify/verify.go
@@ -0,0 +1,9 @@
+package verify
+
+import (
+ "fmt"
+)
+
+func Main(args []string, optPublicKey string) error {
+ return fmt.Errorf("TODO")
+}