github.com/rigado/snapd@v2.42.5-go-mod+incompatible/cmd/snap/cmd_sign.go

github.com/rigado/snapd@v2.42.5-go-mod+incompatible/cmd/snap/cmd_sign.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2014-2015 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package main
    21  
    22  import (
    23  	"fmt"
    24  	"io/ioutil"
    25  
    26  	"github.com/jessevdk/go-flags"
    27  
    28  	"github.com/snapcore/snapd/asserts"
    29  	"github.com/snapcore/snapd/asserts/signtool"
    30  	"github.com/snapcore/snapd/i18n"
    31  )
    32  
    33  var shortSignHelp = i18n.G("Sign an assertion")
    34  var longSignHelp = i18n.G(`
    35  The sign command signs an assertion using the specified key, using the
    36  input for headers from a JSON mapping provided through stdin. The body
    37  of the assertion can be specified through a "body" pseudo-header.
    38  `)
    39  
    40  type cmdSign struct {
    41  	KeyName keyName `short:"k" default:"default"`
    42  }
    43  
    44  func init() {
    45  	cmd := addCommand("sign", shortSignHelp, longSignHelp, func() flags.Commander {
    46  		return &cmdSign{}
    47  	}, map[string]string{
    48  		// TRANSLATORS: This should not start with a lowercase letter.
    49  		"k": i18n.G("Name of the key to use, otherwise use the default key"),
    50  	}, nil)
    51  	cmd.hidden = true
    52  }
    53  
    54  func (x *cmdSign) Execute(args []string) error {
    55  	if len(args) > 0 {
    56  		return ErrExtraArgs
    57  	}
    58  
    59  	statement, err := ioutil.ReadAll(Stdin)
    60  	if err != nil {
    61  		return fmt.Errorf(i18n.G("cannot read assertion input: %v"), err)
    62  	}
    63  
    64  	keypairMgr := asserts.NewGPGKeypairManager()
    65  	privKey, err := keypairMgr.GetByName(string(x.KeyName))
    66  	if err != nil {
    67  		return err
    68  	}
    69  
    70  	signOpts := signtool.Options{
    71  		KeyID:     privKey.PublicKey().ID(),
    72  		Statement: statement,
    73  	}
    74  
    75  	encodedAssert, err := signtool.Sign(&signOpts, keypairMgr)
    76  	if err != nil {
    77  		return err
    78  	}
    79  
    80  	_, err = Stdout.Write(encodedAssert)
    81  	if err != nil {
    82  		return err
    83  	}
    84  	return nil
    85  }