...

Source file src/github.com/theupdateframework/go-tuf/cmd/tuf/gen_key.go

Documentation: github.com/theupdateframework/go-tuf/cmd/tuf

     1  package main
     2  
     3  import (
     4  	"fmt"
     5  	"os"
     6  	"time"
     7  
     8  	"github.com/flynn/go-docopt"
     9  	"github.com/theupdateframework/go-tuf"
    10  	"github.com/theupdateframework/go-tuf/data"
    11  )
    12  
    13  func init() {
    14  	register("gen-key", cmdGenKey, `
    15  usage: tuf gen-key [--expires=<days>] [--scheme=<scheme>] <role>
    16  
    17  Generate a new signing key for the given role.
    18  
    19  The key will be serialized to JSON and written to the "keys" directory with
    20  filename pattern "ROLE-KEYID.json". The root metadata file will also be staged
    21  with the addition of the key's ID to the role's list of key IDs.
    22  
    23  Alternatively, passphrases can be set via environment variables in the
    24  form of TUF_{{ROLE}}_PASSPHRASE
    25  
    26  Options:
    27    --expires=<days>   Set the root metadata file to expire <days> days from now.
    28    --scheme=<scheme>      Set the key scheme to use [default: ed25519].
    29  `)
    30  }
    31  
    32  func cmdGenKey(args *docopt.Args, repo *tuf.Repo) error {
    33  	role := args.String["<role>"]
    34  	var keyids []string
    35  
    36  	keyScheme := data.KeySchemeEd25519
    37  	switch t := args.String["--scheme"]; t {
    38  	case string(data.KeySchemeEd25519),
    39  		string(data.KeySchemeECDSA_SHA2_P256),
    40  		string(data.KeySchemeRSASSA_PSS_SHA256):
    41  		keyScheme = data.KeyScheme(t)
    42  	default:
    43  		fmt.Fprint(os.Stderr, "Using default key scheme", keyScheme)
    44  	}
    45  
    46  	var err error
    47  	var expires time.Time
    48  	if arg := args.String["--expires"]; arg != "" {
    49  		expires, err = parseExpires(arg)
    50  		if err != nil {
    51  			return err
    52  		}
    53  	} else {
    54  		expires = data.DefaultExpires(role)
    55  	}
    56  	keyids, err = repo.GenKeyWithSchemeAndExpires(role, expires, keyScheme)
    57  	if err != nil {
    58  		return err
    59  	}
    60  	for _, id := range keyids {
    61  		fmt.Fprintf(os.Stdout, "Generated %s %s key with ID %s", role, keyScheme, id)
    62  	}
    63  	return nil
    64  }
    65  

View as plain text