From 245a41f1fa992fefb396fc4591a2bbdd6858e525 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Fri, 4 Aug 2017 23:41:08 +0200 Subject: Split names --- b64file/file.go | 9 ++----- b64file/names.go | 72 --------------------------------------------------- b64file/names_test.go | 65 ---------------------------------------------- generate.go | 6 ++--- names.go | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++ names_test.go | 65 ++++++++++++++++++++++++++++++++++++++++++++++ perm.go | 9 +++++++ sign.go | 10 +++---- verify.go | 4 +-- 9 files changed, 158 insertions(+), 154 deletions(-) delete mode 100644 b64file/names.go delete mode 100644 b64file/names_test.go create mode 100644 names.go create mode 100644 names_test.go create mode 100644 perm.go diff --git a/b64file/file.go b/b64file/file.go index ebca8fe..9254303 100644 --- a/b64file/file.go +++ b/b64file/file.go @@ -1,4 +1,4 @@ -// Package file implements signify file format +// Package b64file implements signify file format package b64file import ( @@ -14,12 +14,7 @@ import ( "strings" ) -const ( - ModeSec os.FileMode = 0600 - ModePub os.FileMode = 0644 - ModeSig os.FileMode = 0644 - untrusted = "untrusted comment: " -) +const untrusted = "untrusted comment: " // Original Error: "invalid comment in %s; must start with 'untrusted comment: '" var ErrUntrusted = errors.New("comment must start with 'untrusted comment: '") diff --git a/b64file/names.go b/b64file/names.go deleted file mode 100644 index 83d73d2..0000000 --- a/b64file/names.go +++ /dev/null @@ -1,72 +0,0 @@ -package b64file - -import ( - "errors" - "os" - "path" - "path/filepath" - "strings" -) - -var ErrNames = errors.New("please use naming scheme of keyname.pub and keyname.sec") - -const ( - extPub = ".pub" - extSec = ".sec" - extSig = ".sig" - verifyWith = "verify with " -) - -func splitNameExt(fname string) (string, string) { - _, file := path.Split(fname) - ext := filepath.Ext(file) - return file[:len(file)-len(ext)], ext -} - -func ValidateNames(pubFile, secFile string) error { - pubName, pubExt := splitNameExt(pubFile) - secName, secExt := splitNameExt(secFile) - if pubExt != extPub || secExt != extSec || pubName != secName { - return ErrNames - } - return nil -} - -func PubName(secFile string) string { - ext := filepath.Ext(secFile) - return filepath.Base(secFile[:len(ext)-1] + extPub) -} - -func SigName(msgFile string) string { - return msgFile + extSig -} - -func PubFile(comment string) string { - if strings.HasPrefix(comment, verifyWith) { - file := comment[len(verifyWith):] - if strings.HasSuffix(file, extPub) { - return FindFile(file) - } - } - return "" -} - -func VerifyWith(secFile string) string { - return verifyWith + PubName(secFile) -} - -var safePath = []string{ - "/etc/signify", - "$HOME/.signify", -} - -// FindFile locates keys in safe path. Falls back to current dir. -func FindFile(fname string) string { - for _, v := range safePath { - p := path.Join(os.Expand(v, os.Getenv), fname) - if _, err := os.Stat(p); err == nil { - return p - } - } - return fname -} diff --git a/b64file/names_test.go b/b64file/names_test.go deleted file mode 100644 index 0acabed..0000000 --- a/b64file/names_test.go +++ /dev/null @@ -1,65 +0,0 @@ -package b64file - -import "testing" - -func TestCheckNames(t *testing.T) { - testCases := []struct { - pub, sec string - err error - }{ - {"key.pub", "key.sec", nil}, - {"testdata/key.pub", "key.sec", nil}, - {"key.pub", "testdata/key.sec", nil}, - {"foo.pub", "bar.sec", ErrNames}, - {"key.foo", "key.bar", ErrNames}, - } - for _, tc := range testCases { - t.Run(tc.pub+"+"+tc.sec, func(t *testing.T) { - err := ValidateNames(tc.pub, tc.sec) - if err != tc.err { - t.Errorf("got %v, want %v", err, tc.err) - } - }) - } -} - -func TestVerify(t *testing.T) { - testCases := []struct { - comment string - file string - }{ - {"verify with key.pub", "key.pub"}, - {"verify with s p a c e s.pub", "s p a c e s.pub"}, - {"verify with key.sec", ""}, - {"whatever", ""}, - } - for _, tc := range testCases { - t.Run(tc.comment, func(t *testing.T) { - file := PubFile(tc.comment) - if file != tc.file { - t.Errorf("got %v, want %v", file, tc.file) - } - }) - } -} - -func TestSplit(t *testing.T) { - testCases := []struct { - fname, name, ext string - }{ - {"testkey.pub", "testkey", ".pub"}, - {"testkey", "testkey", ""}, - {".pub", "", ".pub"}, - {".testkey.pub", ".testkey", ".pub"}, - {"", "", ""}, - {"path/key.pub", "key", ".pub"}, - } - for _, tc := range testCases { - t.Run(tc.fname, func(t *testing.T) { - name, ext := splitNameExt(tc.fname) - if name != tc.name || ext != tc.ext { - t.Errorf("got %q %q, want %q %q", name, tc.name, ext, tc.ext) - } - }) - } -} diff --git a/generate.go b/generate.go index 607b566..f067b8b 100644 --- a/generate.go +++ b/generate.go @@ -23,7 +23,7 @@ func generate(args []string) error { opts.Usage() return nil } - if err := b64file.ValidateNames(*pubFile, *secFile); err != nil { + if err := ValidateNames(*pubFile, *secFile); err != nil { return err } @@ -37,10 +37,10 @@ func generate(args []string) error { return err } - if err := b64file.EncodeFile(*secFile, b64file.ModeSec, secKey, *comment+" secret key", nil); err != nil { + if err := b64file.EncodeFile(*secFile, ModeSec, secKey, *comment+" secret key", nil); err != nil { return err } - if err := b64file.EncodeFile(*pubFile, b64file.ModePub, pubKey, *comment+" public key", nil); err != nil { + if err := b64file.EncodeFile(*pubFile, ModePub, pubKey, *comment+" public key", nil); err != nil { return err } return nil diff --git a/names.go b/names.go new file mode 100644 index 0000000..278f54e --- /dev/null +++ b/names.go @@ -0,0 +1,72 @@ +package main + +import ( + "errors" + "os" + "path" + "path/filepath" + "strings" +) + +var ErrNames = errors.New("please use naming scheme of keyname.pub and keyname.sec") + +const ( + extPub = ".pub" + extSec = ".sec" + extSig = ".sig" + verifyWith = "verify with " +) + +func splitNameExt(fname string) (string, string) { + _, file := path.Split(fname) + ext := filepath.Ext(file) + return file[:len(file)-len(ext)], ext +} + +func ValidateNames(pubFile, secFile string) error { + pubName, pubExt := splitNameExt(pubFile) + secName, secExt := splitNameExt(secFile) + if pubExt != extPub || secExt != extSec || pubName != secName { + return ErrNames + } + return nil +} + +func PubName(secFile string) string { + ext := filepath.Ext(secFile) + return filepath.Base(secFile[:len(ext)-1] + extPub) +} + +func SigName(msgFile string) string { + return msgFile + extSig +} + +func CommentPubFile(comment string) string { + if strings.HasPrefix(comment, verifyWith) { + file := comment[len(verifyWith):] + if strings.HasSuffix(file, extPub) { + return FindFile(file) + } + } + return "" +} + +func VerifyWith(secFile string) string { + return verifyWith + PubName(secFile) +} + +var safePath = []string{ + "/etc/signify", + "$HOME/.signify", +} + +// FindFile locates keys in safe path. Falls back to current dir. +func FindFile(fname string) string { + for _, v := range safePath { + p := path.Join(os.Expand(v, os.Getenv), fname) + if _, err := os.Stat(p); err == nil { + return p + } + } + return fname +} diff --git a/names_test.go b/names_test.go new file mode 100644 index 0000000..3fee0d0 --- /dev/null +++ b/names_test.go @@ -0,0 +1,65 @@ +package main + +import "testing" + +func TestCheckNames(t *testing.T) { + testCases := []struct { + pub, sec string + err error + }{ + {"key.pub", "key.sec", nil}, + {"testdata/key.pub", "key.sec", nil}, + {"key.pub", "testdata/key.sec", nil}, + {"foo.pub", "bar.sec", ErrNames}, + {"key.foo", "key.bar", ErrNames}, + } + for _, tc := range testCases { + t.Run(tc.pub+"+"+tc.sec, func(t *testing.T) { + err := ValidateNames(tc.pub, tc.sec) + if err != tc.err { + t.Errorf("got %v, want %v", err, tc.err) + } + }) + } +} + +func TestVerify(t *testing.T) { + testCases := []struct { + comment string + file string + }{ + {"verify with key.pub", "key.pub"}, + {"verify with s p a c e s.pub", "s p a c e s.pub"}, + {"verify with key.sec", ""}, + {"whatever", ""}, + } + for _, tc := range testCases { + t.Run(tc.comment, func(t *testing.T) { + file := CommentPubFile(tc.comment) + if file != tc.file { + t.Errorf("got %v, want %v", file, tc.file) + } + }) + } +} + +func TestSplit(t *testing.T) { + testCases := []struct { + fname, name, ext string + }{ + {"testkey.pub", "testkey", ".pub"}, + {"testkey", "testkey", ""}, + {".pub", "", ".pub"}, + {".testkey.pub", ".testkey", ".pub"}, + {"", "", ""}, + {"path/key.pub", "key", ".pub"}, + } + for _, tc := range testCases { + t.Run(tc.fname, func(t *testing.T) { + name, ext := splitNameExt(tc.fname) + if name != tc.name || ext != tc.ext { + t.Errorf("got %q %q, want %q %q", name, tc.name, ext, tc.ext) + } + }) + } +} diff --git a/perm.go b/perm.go new file mode 100644 index 0000000..9e11888 --- /dev/null +++ b/perm.go @@ -0,0 +1,9 @@ +package main + +import "os" + +const ( + ModeSec os.FileMode = 0600 + ModePub os.FileMode = 0644 + ModeSig os.FileMode = 0644 +) diff --git a/sign.go b/sign.go index 1a9fec7..ccdd643 100644 --- a/sign.go +++ b/sign.go @@ -29,7 +29,7 @@ func sign(args []string) error { return nil } if *sigFile == "" { - *sigFile = b64file.SigName(*msgFile) + *sigFile = SigName(*msgFile) } switch { @@ -62,8 +62,8 @@ func signPlain(secFile, msgFile, sigFile string) error { return err } sig := sec.Sign(msg) - comment := b64file.VerifyWith(secFile) - return b64file.EncodeFile(sigFile, b64file.ModeSig, sig, comment, nil) + comment := VerifyWith(secFile) + return b64file.EncodeFile(sigFile, ModeSig, sig, comment, nil) } func signEmbedded(secFile, msgFile, sigFile string) error { @@ -76,8 +76,8 @@ func signEmbedded(secFile, msgFile, sigFile string) error { return err } sig := sec.Sign(msg) - comment := b64file.VerifyWith(secFile) - return b64file.EncodeFile(sigFile, b64file.ModeSig, sig, comment, msg) + comment := VerifyWith(secFile) + return b64file.EncodeFile(sigFile, ModeSig, sig, comment, msg) } // TODO diff --git a/verify.go b/verify.go index 25615a1..5a04d50 100644 --- a/verify.go +++ b/verify.go @@ -30,7 +30,7 @@ func verify(args []string) error { return nil } if *sigFile == "" { - *sigFile = b64file.SigName(*msgFile) + *sigFile = SigName(*msgFile) } _ = keyType // TODO @@ -147,6 +147,6 @@ func openSig(fname string) (*key.Sig, []byte, string, error) { if err := sig.Validate(); err != nil { return nil, nil, "", err } - pubKey := b64file.PubFile(comment) + pubKey := CommentPubFile(comment) return sig, msg, pubKey, nil } -- cgit v1.2.3