diff options
author | Rasmus Dahlberg <rasmus@mullvad.net> | 2022-04-13 16:54:25 +0200 |
---|---|---|
committer | Rasmus Dahlberg <rasmus@mullvad.net> | 2022-04-13 16:54:25 +0200 |
commit | 123c444ffd7a2ad2af58b62caad3ec7ae451256e (patch) | |
tree | b01d0a849de9045defc9a9505bfb7b0110a34a8d | |
parent | b1bcc5d12fc57f0d39f3dadc0d159f4c71ae37d7 (diff) |
clean-up sigsum tool structure
-rw-r--r-- | cmd/sigsum/bundle/bundle.go (renamed from cmd/sigsum/cmd.go) | 76 | ||||
-rw-r--r-- | cmd/sigsum/format/format.go | 27 | ||||
-rw-r--r-- | cmd/sigsum/main.go | 65 | ||||
-rw-r--r-- | cmd/sigsum/namespace/namespace.go | 16 | ||||
-rwxr-xr-x | cmd/sigsum/signify_test.sh (renamed from cmd/sigsum/test/signify.sh) | 6 | ||||
-rwxr-xr-x | cmd/sigsum/ssh_test.sh (renamed from cmd/sigsum/test/ssh.sh) | 6 | ||||
-rw-r--r-- | cmd/sigsum/testonly/signify.pub (renamed from cmd/sigsum/test/keys/signify.pub) | 0 | ||||
-rw-r--r-- | cmd/sigsum/testonly/signify.sec (renamed from cmd/sigsum/test/keys/signify.sec) | 0 | ||||
-rw-r--r-- | cmd/sigsum/testonly/ssh (renamed from cmd/sigsum/test/keys/ssh) | 0 | ||||
-rw-r--r-- | cmd/sigsum/testonly/ssh.pub (renamed from cmd/sigsum/test/keys/ssh.pub) | 0 | ||||
-rw-r--r-- | cmd/sigsum/verify/verify.go | 11 |
11 files changed, 107 insertions, 100 deletions
diff --git a/cmd/sigsum/cmd.go b/cmd/sigsum/bundle/bundle.go index 7b9450a..d0ce207 100644 --- a/cmd/sigsum/cmd.go +++ b/cmd/sigsum/bundle/bundle.go @@ -1,4 +1,4 @@ -package main +package bundle import ( "bytes" @@ -9,6 +9,7 @@ import ( "git.sigsum.org/sigsum-go/pkg/requests" "git.sigsum.org/sigsum-go/pkg/types" + "git.sigsum.org/sigsum-tools-go/internal/util" "git.sigsum.org/sigsum-tools-go/pkg/client" "git.sigsum.org/sigsum-tools-go/pkg/policy" "git.sigsum.org/sigsum-tools-go/pkg/signatures" @@ -17,30 +18,17 @@ import ( "git.sigsum.org/sigsum-tools-go/pkg/signatures/ssh" ) -func cmdVerify(args []string, policy policy.Policy, optVerifyType, optVerifyKey string) error { - return fmt.Errorf("TODO") -} - -func cmdBundle(args []string, policy policy.Policy, optBundleType, optBundleKey, optBundleDomainHint string) error { +func Main(args []string, policy policy.Policy, optType, optKey, optDomainHint string) error { if len(args) == 0 { - return fmt.Errorf("bundle: need at least one file") + return fmt.Errorf("bundle: need at least one input file") } - - var parser signatures.Parser - switch optBundleType { - case "signify": - parser = &signify.Parser{} - case "minisign": - parser = &minisign.Parser{} - case "ssh": - parser = &ssh.Parser{} - default: - return fmt.Errorf("bundle: invalid key type %q", optBundleType) + b, err := ioutil.ReadFile(optKey) + if err != nil { + return fmt.Errorf("bundle: read key %q: %v", optKey, err) } - - b, err := ioutil.ReadFile(optBundleKey) + parser, err := signatureParser(optType) if err != nil { - return fmt.Errorf("bundle: failed reading file %q: %v", optBundleKey, err) + return fmt.Errorf("bundle: %v", err) } pub, err := parser.PublicKey(bytes.NewBuffer(b)) if err != nil { @@ -50,7 +38,7 @@ func cmdBundle(args []string, policy policy.Policy, optBundleType, optBundleKey, var reqs []requests.Leaf for _, path := range args { - preimage, err := fileHash(path) + preimage, err := util.FileHash(path) if err != nil { return fmt.Errorf("bundle: %v", err) } @@ -70,7 +58,7 @@ func cmdBundle(args []string, policy policy.Policy, optBundleType, optBundleKey, Preimage: *preimage, Signature: *sig, VerificationKey: *pub, - DomainHint: optBundleDomainHint, + DomainHint: optDomainHint, } sd := types.Statement{ @@ -97,38 +85,14 @@ func cmdBundle(args []string, policy policy.Policy, optBundleType, optBundleKey, return nil } -func cmdFormat(args []string, policy policy.Policy) error { - if len(args) != 1 { - return fmt.Errorf("format: need exactly one file") - } - - preimage, err := fileHash(args[0]) - if err != nil { - return fmt.Errorf("format: %v", err) - } - sd := types.Statement{ - ShardHint: policy.ShardHint(), - Checksum: *types.HashFn(preimage[:]), - } - - fmt.Printf("%s", sd.ToBinary()) - return nil -} - -func cmdNamespace(args []string, policy policy.Policy) error { - if len(args) != 0 { - return fmt.Errorf("namespace: got trailing arguments") - } - - fmt.Printf("tree_leaf:v0:%d@sigsum.org", policy.ShardHint()) - return nil -} - -// TODO: don't read full file into memory at once -func fileHash(path string) (*types.Hash, error) { - b, err := ioutil.ReadFile(path) - if err != nil { - return nil, fmt.Errorf("failed reading file %q", path) +func signatureParser(optType string) (signatures.Parser, error) { + switch optType { + case "signify": + return &signify.Parser{}, nil + case "minisign": + return &minisign.Parser{}, nil + case "ssh": + return &ssh.Parser{}, nil } - return types.HashFn(b), nil + return nil, fmt.Errorf("invalid key type %q", optType) } diff --git a/cmd/sigsum/format/format.go b/cmd/sigsum/format/format.go new file mode 100644 index 0000000..eff7b3e --- /dev/null +++ b/cmd/sigsum/format/format.go @@ -0,0 +1,27 @@ +package format + +import ( + "fmt" + + "git.sigsum.org/sigsum-go/pkg/types" + "git.sigsum.org/sigsum-tools-go/internal/util" + "git.sigsum.org/sigsum-tools-go/pkg/policy" +) + +func Main(args []string, policy policy.Policy) error { + if len(args) != 1 { + return fmt.Errorf("format: must have one input file") + } + + preimage, err := util.FileHash(args[0]) + if err != nil { + return fmt.Errorf("format: preparing checksum: %v", err) + } + stm := types.Statement{ + ShardHint: policy.ShardHint(), + Checksum: *types.HashFn(preimage[:]), + } + + fmt.Printf("%s", stm.ToBinary()) + return nil +} diff --git a/cmd/sigsum/main.go b/cmd/sigsum/main.go index 146dadb..5c39f51 100644 --- a/cmd/sigsum/main.go +++ b/cmd/sigsum/main.go @@ -1,12 +1,13 @@ -// package main provides a tool named `sigsum`. +// package main provides a tool named sigsum. // // Build as follows: // // $ go build -ldflags="-X 'main.someVersion=git commit $(git rev-list -1 HEAD)'" +// $ mv sigsum $GOPATH/bin/ // -// Install as follows: +// Usage: // -// $ go install -ldflags="-X 'main.someVersion=git commit $(git rev-list -1 HEAD)'" +// $ sigsum help // package main @@ -16,6 +17,12 @@ import ( "log" "os" + "git.sigsum.org/sigsum-tools-go/cmd/sigsum/bundle" + "git.sigsum.org/sigsum-tools-go/cmd/sigsum/format" + "git.sigsum.org/sigsum-tools-go/cmd/sigsum/namespace" + "git.sigsum.org/sigsum-tools-go/cmd/sigsum/verify" + + "git.sigsum.org/sigsum-tools-go/internal/options" "git.sigsum.org/sigsum-tools-go/pkg/policy" ) @@ -48,10 +55,11 @@ Signatures must be located at $FILE.{sig,minisig}, depending on -t TYPE. ` var ( - optBundleType, optBundleKey, optBundleDomainHint string - optVerifyType, optVerifyKey string + optType string + optDomainHint string + optPublicKey string - someVersion = "unknown" + someVersion = "devel" ) func main() { @@ -59,17 +67,17 @@ func main() { var err error var defaultPolicy policy.DefaultPolicy - switch cmd := parseCommand(); cmd.Name() { + switch cmd := options.Parse(printUsage, setOptions); cmd.Name() { case "help": cmd.Usage() case "verify": - err = cmdVerify(cmd.Args(), &defaultPolicy, optVerifyType, optVerifyKey) + err = verify.Main(cmd.Args(), &defaultPolicy, optType, optPublicKey) case "bundle": - err = cmdBundle(cmd.Args(), &defaultPolicy, optBundleType, optBundleKey, optBundleDomainHint) + err = bundle.Main(cmd.Args(), &defaultPolicy, optType, optPublicKey, optDomainHint) case "format": - err = cmdFormat(cmd.Args(), &defaultPolicy) + err = format.Main(cmd.Args(), &defaultPolicy) case "namespace": - err = cmdNamespace(cmd.Args(), &defaultPolicy) + err = namespace.Main(cmd.Args(), &defaultPolicy) default: err = fmt.Errorf("invalid command %q, try %q", cmd.Name(), "sigsum help") } @@ -80,37 +88,18 @@ func main() { } } -func parseCommand() (fs *flag.FlagSet) { - args := os.Args - if len(args) < 2 { - args = append(args, "") - } - defer func() { - registerOptions(fs) - fs.Usage = func() { - log.Printf(usage, someVersion) - } - fs.Parse(args) - }() - - fs = flag.NewFlagSet(args[1], flag.ExitOnError) - args = args[2:] - return +func printUsage() { + log.Printf(usage, someVersion) } -func registerOptions(fs *flag.FlagSet) { +func setOptions(fs *flag.FlagSet) { switch cmd := fs.Name(); cmd { case "verify": - registerStringOption(fs, &optVerifyType, "t", "type", "") - registerStringOption(fs, &optVerifyKey, "k", "key", "") + options.AddString(fs, &optType, "t", "type", "") + options.AddString(fs, &optPublicKey, "k", "key", "") case "bundle": - registerStringOption(fs, &optBundleType, "t", "type", "") - registerStringOption(fs, &optBundleKey, "k", "key", "") - registerStringOption(fs, &optBundleDomainHint, "d", "domain-hint", "") + options.AddString(fs, &optType, "t", "type", "") + options.AddString(fs, &optPublicKey, "k", "key", "") + options.AddString(fs, &optDomainHint, "d", "domain-hint", "") } } - -func registerStringOption(fs *flag.FlagSet, opt *string, short, long, value string) { - fs.StringVar(opt, short, value, "") - fs.StringVar(opt, long, value, "") -} diff --git a/cmd/sigsum/namespace/namespace.go b/cmd/sigsum/namespace/namespace.go new file mode 100644 index 0000000..3fbaf14 --- /dev/null +++ b/cmd/sigsum/namespace/namespace.go @@ -0,0 +1,16 @@ +package namespace + +import ( + "fmt" + + "git.sigsum.org/sigsum-tools-go/pkg/policy" +) + +func Main(args []string, policy policy.Policy) error { + if len(args) != 0 { + return fmt.Errorf("namespace: trailing arguments") + } + + fmt.Printf("tree_leaf:v0:%d@sigsum.org", policy.ShardHint()) + return nil +} diff --git a/cmd/sigsum/test/signify.sh b/cmd/sigsum/signify_test.sh index 8e86e8d..7ff26ec 100755 --- a/cmd/sigsum/test/signify.sh +++ b/cmd/sigsum/signify_test.sh @@ -4,8 +4,8 @@ set -e trap cleanup EXIT pass=1234 -priv=keys/signify.sec -pub=keys/signify.pub +priv=testonly/signify.sec +pub=testonly/signify.pub domain_hint=_sigsum_v0.test-only.rgdd.se msg=msg-$(date +%s) num_msg=3 @@ -21,7 +21,7 @@ function cleanup() { exit } -go build ../ +go build . files="" for i in $(seq 1 $num_msg); do diff --git a/cmd/sigsum/test/ssh.sh b/cmd/sigsum/ssh_test.sh index 56cae70..224d20c 100755 --- a/cmd/sigsum/test/ssh.sh +++ b/cmd/sigsum/ssh_test.sh @@ -3,8 +3,8 @@ set -eu trap cleanup EXIT -priv=keys/ssh -pub=keys/ssh.pub +priv=testonly/ssh +pub=testonly/ssh.pub domain_hint=_sigsum_v0.ssh.test.sigsum.org msg=msg-$(date +%s) num_msg=3 @@ -20,7 +20,7 @@ function cleanup() { exit } -go build ../ +go build . files="" for i in $(seq 1 $num_msg); do diff --git a/cmd/sigsum/test/keys/signify.pub b/cmd/sigsum/testonly/signify.pub index 742a66a..742a66a 100644 --- a/cmd/sigsum/test/keys/signify.pub +++ b/cmd/sigsum/testonly/signify.pub diff --git a/cmd/sigsum/test/keys/signify.sec b/cmd/sigsum/testonly/signify.sec index 57cdf84..57cdf84 100644 --- a/cmd/sigsum/test/keys/signify.sec +++ b/cmd/sigsum/testonly/signify.sec diff --git a/cmd/sigsum/test/keys/ssh b/cmd/sigsum/testonly/ssh index 2bbd974..2bbd974 100644 --- a/cmd/sigsum/test/keys/ssh +++ b/cmd/sigsum/testonly/ssh diff --git a/cmd/sigsum/test/keys/ssh.pub b/cmd/sigsum/testonly/ssh.pub index 14588ac..14588ac 100644 --- a/cmd/sigsum/test/keys/ssh.pub +++ b/cmd/sigsum/testonly/ssh.pub diff --git a/cmd/sigsum/verify/verify.go b/cmd/sigsum/verify/verify.go new file mode 100644 index 0000000..619ddcd --- /dev/null +++ b/cmd/sigsum/verify/verify.go @@ -0,0 +1,11 @@ +package verify + +import ( + "fmt" + + "git.sigsum.org/sigsum-tools-go/pkg/policy" +) + +func Main(_ []string, policy policy.Policy, optType, optKey string) error { + return fmt.Errorf("TODO") +} |