github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap/cmd_export_key.go

github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap/cmd_export_key.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2016 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package main
    21  
    22  import (
    23  	"fmt"
    24  	"time"
    25  
    26  	"github.com/jessevdk/go-flags"
    27  
    28  	"github.com/snapcore/snapd/asserts"
    29  	"github.com/snapcore/snapd/i18n"
    30  )
    31  
    32  type cmdExportKey struct {
    33  	Account    string `long:"account"`
    34  	Positional struct {
    35  		KeyName keyName
    36  	} `positional-args:"true"`
    37  }
    38  
    39  func init() {
    40  	cmd := addCommand("export-key",
    41  		i18n.G("Export cryptographic public key"),
    42  		i18n.G(`
    43  The export-key command exports a public key assertion body that may be
    44  imported by other systems.
    45  `),
    46  		func() flags.Commander {
    47  			return &cmdExportKey{}
    48  		}, map[string]string{
    49  			"account": i18n.G("Format public key material as a request for an account-key for this account-id"),
    50  		}, []argDesc{{
    51  			// TRANSLATORS: This needs to begin with < and end with >
    52  			name: i18n.G("<key-name>"),
    53  			// TRANSLATORS: This should not start with a lowercase letter.
    54  			desc: i18n.G("Name of key to export"),
    55  		}})
    56  	cmd.hidden = true
    57  }
    58  
    59  func (x *cmdExportKey) Execute(args []string) error {
    60  	if len(args) > 0 {
    61  		return ErrExtraArgs
    62  	}
    63  
    64  	keyName := string(x.Positional.KeyName)
    65  	if keyName == "" {
    66  		keyName = "default"
    67  	}
    68  
    69  	manager := asserts.NewGPGKeypairManager()
    70  	if x.Account != "" {
    71  		privKey, err := manager.GetByName(keyName)
    72  		if err != nil {
    73  			return err
    74  		}
    75  		pubKey := privKey.PublicKey()
    76  		headers := map[string]interface{}{
    77  			"account-id":          x.Account,
    78  			"name":                keyName,
    79  			"public-key-sha3-384": pubKey.ID(),
    80  			"since":               time.Now().UTC().Format(time.RFC3339),
    81  			// XXX: To support revocation, we need to check for matching known assertions and set a suitable revision if we find one.
    82  		}
    83  		body, err := asserts.EncodePublicKey(pubKey)
    84  		if err != nil {
    85  			return err
    86  		}
    87  		assertion, err := asserts.SignWithoutAuthority(asserts.AccountKeyRequestType, headers, body, privKey)
    88  		if err != nil {
    89  			return err
    90  		}
    91  		fmt.Fprint(Stdout, string(asserts.Encode(assertion)))
    92  	} else {
    93  		encoded, err := manager.Export(keyName)
    94  		if err != nil {
    95  			return err
    96  		}
    97  		fmt.Fprintf(Stdout, "%s\n", encoded)
    98  	}
    99  	return nil
   100  }