github.com/nats-io/nsc@v0.0.0-20221206222106-35db9400b257/cmd/signingkeyseditor.go (about) 1 /* 2 * 3 * * Copyright 2018-2019 The NATS Authors 4 * * Licensed under the Apache License, Version 2.0 (the "License"); 5 * * you may not use this file except in compliance with the License. 6 * * You may obtain a copy of the License at 7 * * 8 * * http://www.apache.org/licenses/LICENSE-2.0 9 * * 10 * * Unless required by applicable law or agreed to in writing, software 11 * * distributed under the License is distributed on an "AS IS" BASIS, 12 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * * See the License for the specific language governing permissions and 14 * * limitations under the License. 15 * 16 */ 17 18 package cmd 19 20 import ( 21 "fmt" 22 23 cli "github.com/nats-io/cliprompts/v2" 24 "github.com/nats-io/nkeys" 25 "github.com/nats-io/nsc/cmd/store" 26 "github.com/spf13/cobra" 27 ) 28 29 type SigningKeysParams struct { 30 flagName string 31 paths []string 32 kind nkeys.PrefixByte 33 } 34 35 func (e *SigningKeysParams) BindFlags(flagName string, shorthand string, kind nkeys.PrefixByte, cmd *cobra.Command) { 36 e.flagName = flagName 37 e.kind = kind 38 cmd.Flags().StringSliceVarP(&e.paths, flagName, shorthand, nil, `signing key or keypath or the value "generate"" to generate a key pair on the fly - comma separated list or option can be specified multiple times`) 39 } 40 41 func (e *SigningKeysParams) valid(s string) error { 42 if s == "generate" { 43 return nil 44 } 45 _, err := e.resolve(s) 46 return err 47 } 48 49 func (e *SigningKeysParams) resolve(s string) (nkeys.KeyPair, error) { 50 if s == "" { 51 return nil, fmt.Errorf("signing key cannot be empty") 52 } 53 if s == "generate" { 54 if kp, err := nkeys.CreatePair(e.kind); err != nil { 55 return nil, err 56 } else if s, err = kp.PublicKey(); err != nil { 57 return nil, err 58 } else if _, err = store.StoreKey(kp); err != nil { 59 return nil, err 60 } 61 } 62 kp, err := store.ResolveKey(s) 63 if err != nil { 64 return nil, err 65 } 66 if kp == nil { 67 return nil, fmt.Errorf("a signing key is required") 68 } 69 if !store.KeyPairTypeOk(e.kind, kp) { 70 return nil, fmt.Errorf("invalid %s signing key %q", e.kind.String(), s) 71 } 72 73 return kp, nil 74 } 75 76 func (e *SigningKeysParams) Valid() error { 77 for _, v := range e.paths { 78 if err := e.valid(v); err != nil { 79 return err 80 } 81 } 82 return nil 83 } 84 85 func (e *SigningKeysParams) PublicKeys() ([]string, error) { 86 var keys []string 87 for _, v := range e.paths { 88 kp, err := e.resolve(v) 89 if err != nil { 90 return nil, err 91 } 92 pk, err := kp.PublicKey() 93 if err != nil { 94 return nil, err 95 } 96 keys = append(keys, pk) 97 } 98 return keys, nil 99 } 100 101 func (e *SigningKeysParams) Edit() error { 102 // verify any keys that were added via flags 103 for i, v := range e.paths { 104 sv, err := cli.Prompt(fmt.Sprintf("path to %s nkey or nkey", e.flagName), v, cli.Val(e.valid)) 105 if err != nil { 106 return err 107 } 108 e.paths[i] = sv 109 } 110 first := true 111 for { 112 m := "add a signing key" 113 if !first || len(e.paths) > 0 { 114 m = "add another signing key" 115 } 116 first = false 117 118 ok, err := cli.Confirm(m, false) 119 if err != nil { 120 return err 121 } 122 if !ok { 123 break 124 } 125 sv, err := cli.Prompt(fmt.Sprintf("path to %s nkey or nkey", e.flagName), "", cli.Val(e.valid)) 126 if err != nil { 127 return err 128 } 129 e.paths = append(e.paths, sv) 130 } 131 return nil 132 }