aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus@mullvad.net>2022-04-13 16:54:25 +0200
committerRasmus Dahlberg <rasmus@mullvad.net>2022-04-13 16:54:25 +0200
commit123c444ffd7a2ad2af58b62caad3ec7ae451256e (patch)
treeb01d0a849de9045defc9a9505bfb7b0110a34a8d
parentb1bcc5d12fc57f0d39f3dadc0d159f4c71ae37d7 (diff)
clean-up sigsum tool structure
-rw-r--r--cmd/sigsum/bundle/bundle.go (renamed from cmd/sigsum/cmd.go)76
-rw-r--r--cmd/sigsum/format/format.go27
-rw-r--r--cmd/sigsum/main.go65
-rw-r--r--cmd/sigsum/namespace/namespace.go16
-rwxr-xr-xcmd/sigsum/signify_test.sh (renamed from cmd/sigsum/test/signify.sh)6
-rwxr-xr-xcmd/sigsum/ssh_test.sh (renamed from cmd/sigsum/test/ssh.sh)6
-rw-r--r--cmd/sigsum/testonly/signify.pub (renamed from cmd/sigsum/test/keys/signify.pub)0
-rw-r--r--cmd/sigsum/testonly/signify.sec (renamed from cmd/sigsum/test/keys/signify.sec)0
-rw-r--r--cmd/sigsum/testonly/ssh (renamed from cmd/sigsum/test/keys/ssh)0
-rw-r--r--cmd/sigsum/testonly/ssh.pub (renamed from cmd/sigsum/test/keys/ssh.pub)0
-rw-r--r--cmd/sigsum/verify/verify.go11
11 files changed, 107 insertions, 100 deletions
diff --git a/cmd/sigsum/cmd.go b/cmd/sigsum/bundle/bundle.go
index 7b9450a..d0ce207 100644
--- a/cmd/sigsum/cmd.go
+++ b/cmd/sigsum/bundle/bundle.go
@@ -1,4 +1,4 @@
-package main
+package bundle
import (
"bytes"
@@ -9,6 +9,7 @@ import (
"git.sigsum.org/sigsum-go/pkg/requests"
"git.sigsum.org/sigsum-go/pkg/types"
+ "git.sigsum.org/sigsum-tools-go/internal/util"
"git.sigsum.org/sigsum-tools-go/pkg/client"
"git.sigsum.org/sigsum-tools-go/pkg/policy"
"git.sigsum.org/sigsum-tools-go/pkg/signatures"
@@ -17,30 +18,17 @@ import (
"git.sigsum.org/sigsum-tools-go/pkg/signatures/ssh"
)
-func cmdVerify(args []string, policy policy.Policy, optVerifyType, optVerifyKey string) error {
- return fmt.Errorf("TODO")
-}
-
-func cmdBundle(args []string, policy policy.Policy, optBundleType, optBundleKey, optBundleDomainHint string) error {
+func Main(args []string, policy policy.Policy, optType, optKey, optDomainHint string) error {
if len(args) == 0 {
- return fmt.Errorf("bundle: need at least one file")
+ return fmt.Errorf("bundle: need at least one input file")
}
-
- var parser signatures.Parser
- switch optBundleType {
- case "signify":
- parser = &signify.Parser{}
- case "minisign":
- parser = &minisign.Parser{}
- case "ssh":
- parser = &ssh.Parser{}
- default:
- return fmt.Errorf("bundle: invalid key type %q", optBundleType)
+ b, err := ioutil.ReadFile(optKey)
+ if err != nil {
+ return fmt.Errorf("bundle: read key %q: %v", optKey, err)
}
-
- b, err := ioutil.ReadFile(optBundleKey)
+ parser, err := signatureParser(optType)
if err != nil {
- return fmt.Errorf("bundle: failed reading file %q: %v", optBundleKey, err)
+ return fmt.Errorf("bundle: %v", err)
}
pub, err := parser.PublicKey(bytes.NewBuffer(b))
if err != nil {
@@ -50,7 +38,7 @@ func cmdBundle(args []string, policy policy.Policy, optBundleType, optBundleKey,
var reqs []requests.Leaf
for _, path := range args {
- preimage, err := fileHash(path)
+ preimage, err := util.FileHash(path)
if err != nil {
return fmt.Errorf("bundle: %v", err)
}
@@ -70,7 +58,7 @@ func cmdBundle(args []string, policy policy.Policy, optBundleType, optBundleKey,
Preimage: *preimage,
Signature: *sig,
VerificationKey: *pub,
- DomainHint: optBundleDomainHint,
+ DomainHint: optDomainHint,
}
sd := types.Statement{
@@ -97,38 +85,14 @@ func cmdBundle(args []string, policy policy.Policy, optBundleType, optBundleKey,
return nil
}
-func cmdFormat(args []string, policy policy.Policy) error {
- if len(args) != 1 {
- return fmt.Errorf("format: need exactly one file")
- }
-
- preimage, err := fileHash(args[0])
- if err != nil {
- return fmt.Errorf("format: %v", err)
- }
- sd := types.Statement{
- ShardHint: policy.ShardHint(),
- Checksum: *types.HashFn(preimage[:]),
- }
-
- fmt.Printf("%s", sd.ToBinary())
- return nil
-}
-
-func cmdNamespace(args []string, policy policy.Policy) error {
- if len(args) != 0 {
- return fmt.Errorf("namespace: got trailing arguments")
- }
-
- fmt.Printf("tree_leaf:v0:%d@sigsum.org", policy.ShardHint())
- return nil
-}
-
-// TODO: don't read full file into memory at once
-func fileHash(path string) (*types.Hash, error) {
- b, err := ioutil.ReadFile(path)
- if err != nil {
- return nil, fmt.Errorf("failed reading file %q", path)
+func signatureParser(optType string) (signatures.Parser, error) {
+ switch optType {
+ case "signify":
+ return &signify.Parser{}, nil
+ case "minisign":
+ return &minisign.Parser{}, nil
+ case "ssh":
+ return &ssh.Parser{}, nil
}
- return types.HashFn(b), nil
+ return nil, fmt.Errorf("invalid key type %q", optType)
}
diff --git a/cmd/sigsum/format/format.go b/cmd/sigsum/format/format.go
new file mode 100644
index 0000000..eff7b3e
--- /dev/null
+++ b/cmd/sigsum/format/format.go
@@ -0,0 +1,27 @@
+package format
+
+import (
+ "fmt"
+
+ "git.sigsum.org/sigsum-go/pkg/types"
+ "git.sigsum.org/sigsum-tools-go/internal/util"
+ "git.sigsum.org/sigsum-tools-go/pkg/policy"
+)
+
+func Main(args []string, policy policy.Policy) error {
+ if len(args) != 1 {
+ return fmt.Errorf("format: must have one input file")
+ }
+
+ preimage, err := util.FileHash(args[0])
+ if err != nil {
+ return fmt.Errorf("format: preparing checksum: %v", err)
+ }
+ stm := types.Statement{
+ ShardHint: policy.ShardHint(),
+ Checksum: *types.HashFn(preimage[:]),
+ }
+
+ fmt.Printf("%s", stm.ToBinary())
+ return nil
+}
diff --git a/cmd/sigsum/main.go b/cmd/sigsum/main.go
index 146dadb..5c39f51 100644
--- a/cmd/sigsum/main.go
+++ b/cmd/sigsum/main.go
@@ -1,12 +1,13 @@
-// package main provides a tool named `sigsum`.
+// package main provides a tool named sigsum.
//
// Build as follows:
//
// $ go build -ldflags="-X 'main.someVersion=git commit $(git rev-list -1 HEAD)'"
+// $ mv sigsum $GOPATH/bin/
//
-// Install as follows:
+// Usage:
//
-// $ go install -ldflags="-X 'main.someVersion=git commit $(git rev-list -1 HEAD)'"
+// $ sigsum help
//
package main
@@ -16,6 +17,12 @@ import (
"log"
"os"
+ "git.sigsum.org/sigsum-tools-go/cmd/sigsum/bundle"
+ "git.sigsum.org/sigsum-tools-go/cmd/sigsum/format"
+ "git.sigsum.org/sigsum-tools-go/cmd/sigsum/namespace"
+ "git.sigsum.org/sigsum-tools-go/cmd/sigsum/verify"
+
+ "git.sigsum.org/sigsum-tools-go/internal/options"
"git.sigsum.org/sigsum-tools-go/pkg/policy"
)
@@ -48,10 +55,11 @@ Signatures must be located at $FILE.{sig,minisig}, depending on -t TYPE.
`
var (
- optBundleType, optBundleKey, optBundleDomainHint string
- optVerifyType, optVerifyKey string
+ optType string
+ optDomainHint string
+ optPublicKey string
- someVersion = "unknown"
+ someVersion = "devel"
)
func main() {
@@ -59,17 +67,17 @@ func main() {
var err error
var defaultPolicy policy.DefaultPolicy
- switch cmd := parseCommand(); cmd.Name() {
+ switch cmd := options.Parse(printUsage, setOptions); cmd.Name() {
case "help":
cmd.Usage()
case "verify":
- err = cmdVerify(cmd.Args(), &defaultPolicy, optVerifyType, optVerifyKey)
+ err = verify.Main(cmd.Args(), &defaultPolicy, optType, optPublicKey)
case "bundle":
- err = cmdBundle(cmd.Args(), &defaultPolicy, optBundleType, optBundleKey, optBundleDomainHint)
+ err = bundle.Main(cmd.Args(), &defaultPolicy, optType, optPublicKey, optDomainHint)
case "format":
- err = cmdFormat(cmd.Args(), &defaultPolicy)
+ err = format.Main(cmd.Args(), &defaultPolicy)
case "namespace":
- err = cmdNamespace(cmd.Args(), &defaultPolicy)
+ err = namespace.Main(cmd.Args(), &defaultPolicy)
default:
err = fmt.Errorf("invalid command %q, try %q", cmd.Name(), "sigsum help")
}
@@ -80,37 +88,18 @@ func main() {
}
}
-func parseCommand() (fs *flag.FlagSet) {
- args := os.Args
- if len(args) < 2 {
- args = append(args, "")
- }
- defer func() {
- registerOptions(fs)
- fs.Usage = func() {
- log.Printf(usage, someVersion)
- }
- fs.Parse(args)
- }()
-
- fs = flag.NewFlagSet(args[1], flag.ExitOnError)
- args = args[2:]
- return
+func printUsage() {
+ log.Printf(usage, someVersion)
}
-func registerOptions(fs *flag.FlagSet) {
+func setOptions(fs *flag.FlagSet) {
switch cmd := fs.Name(); cmd {
case "verify":
- registerStringOption(fs, &optVerifyType, "t", "type", "")
- registerStringOption(fs, &optVerifyKey, "k", "key", "")
+ options.AddString(fs, &optType, "t", "type", "")
+ options.AddString(fs, &optPublicKey, "k", "key", "")
case "bundle":
- registerStringOption(fs, &optBundleType, "t", "type", "")
- registerStringOption(fs, &optBundleKey, "k", "key", "")
- registerStringOption(fs, &optBundleDomainHint, "d", "domain-hint", "")
+ options.AddString(fs, &optType, "t", "type", "")
+ options.AddString(fs, &optPublicKey, "k", "key", "")
+ options.AddString(fs, &optDomainHint, "d", "domain-hint", "")
}
}
-
-func registerStringOption(fs *flag.FlagSet, opt *string, short, long, value string) {
- fs.StringVar(opt, short, value, "")
- fs.StringVar(opt, long, value, "")
-}
diff --git a/cmd/sigsum/namespace/namespace.go b/cmd/sigsum/namespace/namespace.go
new file mode 100644
index 0000000..3fbaf14
--- /dev/null
+++ b/cmd/sigsum/namespace/namespace.go
@@ -0,0 +1,16 @@
+package namespace
+
+import (
+ "fmt"
+
+ "git.sigsum.org/sigsum-tools-go/pkg/policy"
+)
+
+func Main(args []string, policy policy.Policy) error {
+ if len(args) != 0 {
+ return fmt.Errorf("namespace: trailing arguments")
+ }
+
+ fmt.Printf("tree_leaf:v0:%d@sigsum.org", policy.ShardHint())
+ return nil
+}
diff --git a/cmd/sigsum/test/signify.sh b/cmd/sigsum/signify_test.sh
index 8e86e8d..7ff26ec 100755
--- a/cmd/sigsum/test/signify.sh
+++ b/cmd/sigsum/signify_test.sh
@@ -4,8 +4,8 @@ set -e
trap cleanup EXIT
pass=1234
-priv=keys/signify.sec
-pub=keys/signify.pub
+priv=testonly/signify.sec
+pub=testonly/signify.pub
domain_hint=_sigsum_v0.test-only.rgdd.se
msg=msg-$(date +%s)
num_msg=3
@@ -21,7 +21,7 @@ function cleanup() {
exit
}
-go build ../
+go build .
files=""
for i in $(seq 1 $num_msg); do
diff --git a/cmd/sigsum/test/ssh.sh b/cmd/sigsum/ssh_test.sh
index 56cae70..224d20c 100755
--- a/cmd/sigsum/test/ssh.sh
+++ b/cmd/sigsum/ssh_test.sh
@@ -3,8 +3,8 @@
set -eu
trap cleanup EXIT
-priv=keys/ssh
-pub=keys/ssh.pub
+priv=testonly/ssh
+pub=testonly/ssh.pub
domain_hint=_sigsum_v0.ssh.test.sigsum.org
msg=msg-$(date +%s)
num_msg=3
@@ -20,7 +20,7 @@ function cleanup() {
exit
}
-go build ../
+go build .
files=""
for i in $(seq 1 $num_msg); do
diff --git a/cmd/sigsum/test/keys/signify.pub b/cmd/sigsum/testonly/signify.pub
index 742a66a..742a66a 100644
--- a/cmd/sigsum/test/keys/signify.pub
+++ b/cmd/sigsum/testonly/signify.pub
diff --git a/cmd/sigsum/test/keys/signify.sec b/cmd/sigsum/testonly/signify.sec
index 57cdf84..57cdf84 100644
--- a/cmd/sigsum/test/keys/signify.sec
+++ b/cmd/sigsum/testonly/signify.sec
diff --git a/cmd/sigsum/test/keys/ssh b/cmd/sigsum/testonly/ssh
index 2bbd974..2bbd974 100644
--- a/cmd/sigsum/test/keys/ssh
+++ b/cmd/sigsum/testonly/ssh
diff --git a/cmd/sigsum/test/keys/ssh.pub b/cmd/sigsum/testonly/ssh.pub
index 14588ac..14588ac 100644
--- a/cmd/sigsum/test/keys/ssh.pub
+++ b/cmd/sigsum/testonly/ssh.pub
diff --git a/cmd/sigsum/verify/verify.go b/cmd/sigsum/verify/verify.go
new file mode 100644
index 0000000..619ddcd
--- /dev/null
+++ b/cmd/sigsum/verify/verify.go
@@ -0,0 +1,11 @@
+package verify
+
+import (
+ "fmt"
+
+ "git.sigsum.org/sigsum-tools-go/pkg/policy"
+)
+
+func Main(_ []string, policy policy.Policy, optType, optKey string) error {
+ return fmt.Errorf("TODO")
+}