User can use toml config for cert details

README.md

@@ -45,7 +45,23 @@ cfssl gencert -initca ca.json | cfssljson -bare ca
 cfssl serve --ca ca.pem --ca-key ca-key.pem
 ```
 
-## sign something
+## Set up your signing cert parameters
+
+```
+cat > ~/.signer/profiles.toml <<EOF
+rsa_bits = 2048
+email = "johndoe@example.com"
+common_name = "example.com"
+country = "UK"
+province = "Wiltshire"
+locality = "Chippeham"
+organization = "Acme Inc"
+organizational_unit = "Widgets"
+EOF
+```
+
+## sign
 ```
 go run cmd/cli/main.go sign
-```
+```
+

cmd/cli/app/sign.go

@@ -23,7 +23,10 @@ import (
 	"log"
 	"net/http"
 	"os"
+	"path/filepath"
 
+	homedir "github.com/mitchellh/go-homedir"
+	"github.com/projectrekor/signer/config"
 	"github.com/projectrekor/signer/pkg/x509pkg"
 	"github.com/spf13/cobra"
 )
@@ -54,14 +57,18 @@ type CSRRequest struct {
 	Messages []responseMessage      `json:"messages"`
 }
 
-func checkError(err error) {
+func userCFG() (string, error) {
+	home, err := homedir.Dir()
 	if err != nil {
-		fmt.Println("Fatal error ", err.Error())
-		os.Exit(1)
+		return "", err
 	}
+	userProfile := filepath.Join(home, ".signer")
+	if _, err := os.Stat(userProfile); os.IsNotExist(err) {
+		return userProfile, err
+	}
+	return userProfile, nil
 }
 
-
 var signCmd = &cobra.Command{
 	Use:   "sign",
 	Short: "Generate Key Pair, CSR, sign and submit to sig t-log",
@@ -70,14 +77,24 @@ var signCmd = &cobra.Command{
 	Run: func(cmd *cobra.Command, args []string) {
 		log.Println("Generating key pair and cert signing request.")
 
+		cfgDir, err := userCFG()
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		config, err := config.LoadConfig(cfgDir)
+		if err != nil {
+			log.Fatal(err)
+		}
+
 		// Generate the private key
 		privateKey, err := x509pkg.GenPrivKeyPEM()
 		if err != nil {
 			log.Fatal(err)
 		}
 
 		// Generate a CSR from our new key
-		certPEM, err := x509pkg.GenerateCsr(privateKey)
+		certPEM, err := x509pkg.GenerateCsr(config, privateKey)
 		if err != nil {
 			log.Fatal(err)
 		}

config/config.go

@@ -0,0 +1,30 @@
+package config
+
+import "github.com/spf13/viper"
+
+type Config struct {
+    RSABits            int `mapstructure:"rsa_bits"`
+    Email              string `mapstructure:"email"`
+    CommonName         string `mapstructure:"common_name"`
+	Country            string `mapstructure:"country"`
+	Province           string `mapstructure:"province"`
+	Locality           string `mapstructure:"locality"`
+	Organization       string `mapstructure:"organization"`
+	OrganizationalUnit string `mapstructure:"organizationalunit"`
+}
+
+
+func LoadConfig(path string) (config Config, err error) {
+	viper.AddConfigPath(path)
+	viper.SetConfigName("profiles")
+	viper.SetConfigType("toml")
+    viper.AutomaticEnv()
+
+    err = viper.ReadInConfig()
+    if err != nil {
+        return
+    }
+
+    err = viper.Unmarshal(&config)
+    return
+}

pkg/x509pkg/x509pkg.go

@@ -7,6 +7,8 @@ import (
 	"crypto/x509/pkix"
 	"encoding/asn1"
 	"encoding/pem"
+
+	"github.com/projectrekor/signer/config"
 )
 
 var oidEmailAddress = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 1}
@@ -23,15 +25,15 @@ func GenPrivKeyPEM() (*rsa.PrivateKey, error) {
 
 // TODO: The followinfg subj values should be gathered from
 // a developers profile (likely something in ~/.config)
-func GenerateCsr(keyBytes interface{}) ([]byte, error) {
-	emailAddress := "johnsmith@example.com"
+func GenerateCsr(config config.Config, keyBytes interface{}) ([]byte, error) {
+	emailAddress := config.Email
     subj := pkix.Name{
-        CommonName:         "example.com",
-        Country:            []string{"UK"},
-        Province:           []string{"Wiltshire"},
-        Locality:           []string{"Chippeham"},
-        Organization:       []string{"Acme Inc"},
-        OrganizationalUnit: []string{"OCTO"},
+        CommonName:          config.CommonName,
+        Country:            []string{config.Country},
+        Province:           []string{config.Province},
+        Locality:           []string{config.Locality},
+        Organization:       []string{config.Organization},
+        OrganizationalUnit: []string{config.OrganizationalUnit},
         ExtraNames: []pkix.AttributeTypeAndValue{
             {
                 Type:  oidEmailAddress,
@@ -52,59 +54,3 @@ func GenerateCsr(keyBytes interface{}) ([]byte, error) {
 	return pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE REQUEST", Bytes: csrBytes}), nil
 
 }
-
-
-// placeholder in case we need to dump to file (PEM)
-// func savePEMKey(fileName string, key *rsa.PrivateKey) {
-// 	outFile, err := os.Create(fileName)
-// 	checkError(err)
-// 	defer outFile.Close()
-
-// 	var privateKey = &pem.Block{
-// 		Type:  "PRIVATE KEY",
-// 		Bytes: x509.MarshalPKCS1PrivateKey(key),
-// 	}
-
-// 	err = pem.Encode(outFile, privateKey)
-// 	checkError(err)
-// }
-
-
-//placeholder in case we need to dump to file
-// func savePublicPEMKey(fileName string, pubkey rsa.PublicKey) {
-// 	asn1Bytes, err := x509.MarshalPKIXPublicKey(&pubkey)
-// 	checkError(err)
-
-// 	var pemkey = &pem.Block{
-// 		Type:  "PUBLIC KEY",
-// 		Bytes: asn1Bytes,
-// 	}
-
-// 	pemfile, err := os.Create(fileName)
-// 	checkError(err)
-// 	defer pemfile.Close()
-
-// 	err = pem.Encode(pemfile, pemkey)
-// 	checkError(err)
-// }
-
-// func genPrivKeyPEM(key *rsa.PrivateKey) (*pem.Block, error) {
-// 	var privateKey = &pem.Block{
-// 		Type:  "PRIVATE KEY",
-// 		Bytes: x509.MarshalPKCS1PrivateKey(key),
-// 	}
-// 	return privateKey, nil
-// }
-
-
-// placeholder in case we need to dump to file
-// func saveGobKey(fileName string, key interface{}) {
-// 	outFile, err := os.Create(fileName)
-// 	checkError(err)
-// 	defer outFile.Close()
-
-// 	encoder := gob.NewEncoder(outFile)
-// 	err = encoder.Encode(key)
-// 	checkError(err)
-// }
-