options.go

Documentation: github.com/sassoftware/relic/signers

     1  //
     2  // Copyright (c) SAS Institute Inc.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  //
    16  
    17  package signers
    18  
    19  import (
    20  	"context"
    21  	"crypto"
    22  	"crypto/x509"
    23  	"fmt"
    24  	"net/url"
    25  	"strconv"
    26  	"time"
    27  
    28  	"github.com/sassoftware/relic/lib/audit"
    29  	"github.com/sassoftware/relic/lib/binpatch"
    30  	"github.com/sassoftware/relic/lib/magic"
    31  	"github.com/sassoftware/relic/lib/pkcs7"
    32  	"github.com/sassoftware/relic/lib/pkcs9"
    33  	"github.com/spf13/pflag"
    34  	"golang.org/x/crypto/openpgp"
    35  )
    36  
    37  type SignOpts struct {
    38  	Path  string
    39  	Hash  crypto.Hash
    40  	Time  time.Time
    41  	Flags *FlagValues
    42  	Audit *audit.Info
    43  	ctx   context.Context
    44  }
    45  
    46  // Convenience method to return a binary patch
    47  func (o SignOpts) SetBinPatch(p *binpatch.PatchSet) ([]byte, error) {
    48  	o.Audit.SetMimeType(binpatch.MimeType)
    49  	return p.Dump(), nil
    50  }
    51  
    52  // Convenience method to return a PKCS#7 blob
    53  func (o SignOpts) SetPkcs7(ts *pkcs9.TimestampedSignature) ([]byte, error) {
    54  	o.Audit.SetCounterSignature(ts.CounterSignature)
    55  	o.Audit.SetMimeType(pkcs7.MimeType)
    56  	return ts.Raw, nil
    57  }
    58  
    59  // WithContext attaches a context to the signature operation, and can be used to cancel long-running operations.
    60  func (o SignOpts) WithContext(ctx context.Context) SignOpts {
    61  	o.ctx = ctx
    62  	return o
    63  }
    64  
    65  // Context returns the context attached to the signature operation.
    66  //
    67  // The returned context is always non-nil; it defaults to the background context.
    68  func (o SignOpts) Context() context.Context {
    69  	if o.ctx != nil {
    70  		return o.ctx
    71  	}
    72  	return context.Background()
    73  }
    74  
    75  type VerifyOpts struct {
    76  	FileName    string
    77  	TrustedX509 []*x509.Certificate
    78  	TrustedPgp  openpgp.EntityList
    79  	TrustedPool *x509.CertPool
    80  	NoDigests   bool
    81  	NoChain     bool
    82  	Content     string
    83  	Compression magic.CompressionType
    84  }
    85  
    86  type FlagValues struct {
    87  	Defs   *pflag.FlagSet
    88  	Values map[string]string
    89  }
    90  
    91  // FlagsFromCmdline creates a FlagValues from the (merged) command-line options of a command
    92  func (s *Signer) FlagsFromCmdline(fs *pflag.FlagSet) (*FlagValues, error) {
    93  	for flag, users := range flagMap {
    94  		if !fs.Changed(flag) {
    95  			continue
    96  		}
    97  		allowed := false
    98  		for _, name := range users {
    99  			if name == s.Name {
   100  				allowed = true
   101  				break
   102  			}
   103  		}
   104  		if !allowed {
   105  			return nil, fmt.Errorf("flag \"%s\" is not allowed for signature type \"%s\"", flag, s.Name)
   106  		}
   107  	}
   108  	if s.flags == nil {
   109  		return nil, nil
   110  	}
   111  	values := &FlagValues{
   112  		Defs:   s.flags,
   113  		Values: make(map[string]string),
   114  	}
   115  	s.flags.VisitAll(func(flag *pflag.Flag) {
   116  		if fs.Changed(flag.Name) {
   117  			values.Values[flag.Name] = fs.Lookup(flag.Name).Value.String()
   118  		}
   119  	})
   120  	return values, nil
   121  }
   122  
   123  // FlagsFromQuery creates a FlagValues from URL query parameters
   124  func (s *Signer) FlagsFromQuery(q url.Values) (*FlagValues, error) {
   125  	if s.flags == nil {
   126  		return nil, nil
   127  	}
   128  	values := &FlagValues{
   129  		Defs:   s.flags,
   130  		Values: make(map[string]string),
   131  	}
   132  	s.flags.VisitAll(func(flag *pflag.Flag) {
   133  		if value := q.Get(flag.Name); value != "" {
   134  			values.Values[flag.Name] = value
   135  		}
   136  	})
   137  	return values, nil
   138  }
   139  
   140  // ToQuery appends query parameters to a URL for each option in the flag set
   141  func (values *FlagValues) ToQuery(q url.Values) error {
   142  	if values == nil {
   143  		return nil
   144  	}
   145  	for key, value := range values.Values {
   146  		q.Set(key, value)
   147  	}
   148  	return nil
   149  }
   150  
   151  // GetString returns the flag's value as a string
   152  func (values *FlagValues) GetString(name string) string {
   153  	if values == nil {
   154  		panic("flag " + name + " not defined for signer module")
   155  	}
   156  	flag := values.Defs.Lookup(name)
   157  	if flag == nil {
   158  		panic("flag " + name + " not defined for signer module")
   159  	}
   160  	if v, ok := values.Values[name]; ok {
   161  		return v
   162  	}
   163  	return flag.DefValue
   164  }
   165  
   166  // GetBool returns the flag's value as a bool
   167  func (values *FlagValues) GetBool(name string) bool {
   168  	str := values.GetString(name)
   169  	b, _ := strconv.ParseBool(str)
   170  	return b
   171  }
   172
View as plain text