-
Notifications
You must be signed in to change notification settings - Fork 9
/
identities.go
124 lines (100 loc) · 2.72 KB
/
identities.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
// Copyright 2022 Namespace Labs Inc; All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
package keys
import (
"bytes"
"context"
"fmt"
"io/fs"
"os"
"path/filepath"
"filippo.io/age"
"namespacelabs.dev/foundation/internal/bytestream"
"namespacelabs.dev/foundation/internal/fnerrors"
"namespacelabs.dev/foundation/internal/fnfs"
"namespacelabs.dev/foundation/internal/fnfs/memfs"
"namespacelabs.dev/foundation/internal/workspace/dirs"
)
func Visit(ctx context.Context, keysDir fs.FS, callback func(*age.X25519Identity) error) error {
return fnfs.VisitFiles(ctx, keysDir, func(path string, blob bytestream.ByteStream, dirent fs.DirEntry) error {
if filepath.Ext(path) != ".txt" {
return nil
}
contents, err := bytestream.ReadAll(blob)
if err != nil {
return err
}
xid, err := validateKey(age.ParseIdentities(bytes.NewReader(contents)))
if err != nil {
return fnerrors.BadInputError("%s: %w", path, err)
}
if err := callback(xid); err != nil {
return err
}
return nil
})
}
func validateKey(xids []age.Identity, err error) (*age.X25519Identity, error) {
if len(xids) != 1 {
return nil, fnerrors.BadInputError("expected one identify, saw %d", len(xids))
}
id := xids[0]
if xid, ok := id.(*age.X25519Identity); ok {
return xid, nil
} else {
return nil, fnerrors.BadInputError("expected x25519 identify")
}
}
func Key(key string) (*age.X25519Identity, error) {
keyDir, err := KeysDir()
if err != nil {
return nil, err
}
f, err := keyDir.Open(key + ".txt")
if err != nil {
if os.IsNotExist(err) {
return nil, fnerrors.BadInputError("%s: no such key", key)
}
return nil, err
}
defer f.Close()
xid, err := validateKey(age.ParseIdentities(f))
if err != nil {
return nil, fnerrors.BadInputError("%s: %w", key, err)
}
return xid, nil
}
func Select(ctx context.Context, key string) (*age.X25519Identity, error) {
if key != "" {
return Key(key)
}
keyDir, err := KeysDir()
if err != nil {
return nil, err
}
var selected *age.X25519Identity
if err := Visit(ctx, keyDir, func(xi *age.X25519Identity) error {
selected = xi
return nil
}); err != nil {
return nil, err
}
return selected, nil
}
func Collect(ctx context.Context) (*memfs.FS, error) {
cfg, err := dirs.Config()
if err != nil {
return nil, err
}
var inmem memfs.FS
keysDir := filepath.Join(cfg, "keys")
if _, err := os.Stat(keysDir); os.IsNotExist(err) {
return &inmem, nil
}
fsys := fnfs.Local(keysDir)
err = Visit(ctx, fsys, func(xid *age.X25519Identity) error {
return fnfs.WriteFile(ctx, &inmem, fmt.Sprintf("%s.txt", xid.Recipient()), []byte(xid.String()), 0600)
})
return &inmem, err
}