1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
// package main provides a tool named sigsum.
//
// Build as follows:
//
// $ go build -ldflags="-X 'main.someVersion=git commit $(git rev-list -1 HEAD)'"
// $ mv sigsum $GOPATH/bin/
//
// Usage:
//
// $ sigsum help
//
package main
import (
"flag"
"fmt"
"log"
"os"
"git.sigsum.org/sigsum-tools-go/cmd/sigsum/bundle"
"git.sigsum.org/sigsum-tools-go/cmd/sigsum/format"
"git.sigsum.org/sigsum-tools-go/cmd/sigsum/namespace"
"git.sigsum.org/sigsum-tools-go/cmd/sigsum/verify"
"git.sigsum.org/sigsum-tools-go/internal/options"
"git.sigsum.org/sigsum-tools-go/pkg/policy"
)
const usage = `sigsum version %s
Usage:
sigsum help
Output usage message.
sigsum verify -t TYPE -k PUBLIC_KEY FILE
Verify that a file's signed checksum is public and valid.
-t, --type Signature format (Available options: signify, minisign, ssh)
-k, --key Path to a public key.
sigsum bundle -t TYPE -k PUBLIC_KEY -d DOMAIN_HINT FILE...
Perform logging request(s) and write inclusion proof bundle(s).
-t, --type Signature format (Available options: signify, minisign, ssh)
-k, --key Path to a public key.
-d, --domain-hint Domain name that is aware of the public key.
sigsum format FILE
Output bytes to be Ed25519-signed.
sigsum namespace
Output namespace to be used in SSH signing context.
Transparency log proofs and signatures must be located at $FILE.sigsum.v0.
Signatures must be located at $FILE.{sig,minisig}, depending on -t TYPE.
`
var (
optType string
optDomainHint string
optPublicKey string
someVersion = "devel"
)
func main() {
log.SetFlags(0)
var err error
var defaultPolicy policy.DefaultPolicy
switch cmd := options.Parse(printUsage, setOptions); cmd.Name() {
case "help":
cmd.Usage()
case "verify":
err = verify.Main(cmd.Args(), &defaultPolicy, optType, optPublicKey)
case "bundle":
err = bundle.Main(cmd.Args(), &defaultPolicy, optType, optPublicKey, optDomainHint)
case "format":
err = format.Main(cmd.Args(), &defaultPolicy)
case "namespace":
err = namespace.Main(cmd.Args(), &defaultPolicy)
default:
err = fmt.Errorf("invalid command %q, try %q", cmd.Name(), "sigsum help")
}
if err != nil {
log.Printf("%s", err)
os.Exit(1)
}
}
func printUsage() {
log.Printf(usage, someVersion)
}
func setOptions(fs *flag.FlagSet) {
switch cmd := fs.Name(); cmd {
case "verify":
options.AddString(fs, &optType, "t", "type", "")
options.AddString(fs, &optPublicKey, "k", "key", "")
case "bundle":
options.AddString(fs, &optType, "t", "type", "")
options.AddString(fs, &optPublicKey, "k", "key", "")
options.AddString(fs, &optDomainHint, "d", "domain-hint", "")
}
}
|
