...

Source file src/github.com/theupdateframework/go-tuf/cmd/tuf/add_key.go

Documentation: github.com/theupdateframework/go-tuf/cmd/tuf

     1  package main
     2  
     3  import (
     4  	"fmt"
     5  	"os"
     6  	"time"
     7  
     8  	"github.com/flynn/go-docopt"
     9  	"github.com/theupdateframework/go-tuf"
    10  	"github.com/theupdateframework/go-tuf/data"
    11  )
    12  
    13  func init() {
    14  	register("add-key", cmdAddKey, `
    15  usage: tuf add-key [--scheme=<scheme>] [--expires=<days>] [--public-key=<path>] <role>
    16  
    17  Adds a new signing key for the given role.
    18  
    19  The root metadata file will be staged
    20  with the addition of the key's ID to the role's list of key IDs.
    21  
    22  Options:
    23    --public-key=<path>    The Path to the file containing value of the public key. If absent, will be read from stdin.
    24    --expires=<days>    Set the metadata file to expire <days> days from now.
    25    --scheme=<scheme>      Set the key scheme to use [default: ed25519].
    26  `)
    27  }
    28  
    29  func cmdAddKey(args *docopt.Args, repo *tuf.Repo) error {
    30  	role := args.String["<role>"]
    31  	var keyids []string
    32  
    33  	var keyScheme data.KeyScheme
    34  	switch t := args.String["--scheme"]; t {
    35  	case string(data.KeySchemeEd25519),
    36  		string(data.KeySchemeECDSA_SHA2_P256),
    37  		string(data.KeySchemeRSASSA_PSS_SHA256):
    38  		keyScheme = data.KeyScheme(t)
    39  	default:
    40  		fmt.Fprintf(os.Stderr, "tuf: key schema %s not recognised\n", t)
    41  		return nil
    42  	}
    43  	f := args.String["--public-key"]
    44  	var publicValue string
    45  	if f != "" {
    46  		bytes, err := os.ReadFile(f)
    47  		if err != nil {
    48  			return err
    49  		}
    50  		publicValue = string(bytes)
    51  	} else {
    52  		var input string
    53  		_, err := fmt.Scan(&input)
    54  		if err != nil {
    55  			return err
    56  		}
    57  		publicValue = input
    58  	}
    59  	var err error
    60  	var expires time.Time
    61  	if arg := args.String["--expires"]; arg != "" {
    62  		expires, err = parseExpires(arg)
    63  		if err != nil {
    64  			return err
    65  		}
    66  	} else {
    67  		expires = data.DefaultExpires(role)
    68  	}
    69  	keyids, err = repo.AddKeyWithSchemeAndExpires(role, expires, keyScheme, publicValue)
    70  	if err != nil {
    71  		return err
    72  	}
    73  	for _, id := range keyids {
    74  		fmt.Fprintf(os.Stdout, "Add key with ID %s\n", id)
    75  	}
    76  	return nil
    77  }
    78  

View as plain text