Example #1
0
// runCreate is the code that implements the create command.
func runCreate(cmd *cobra.Command, args []string) {
	cmd.Printf("Creating User : Name[%s] Email[%s] Pass[%s]\n", create.name, create.email, create.pass)

	if create.name == "" && create.email == "" && create.pass == "" {
		cmd.Help()
		return
	}

	u, err := auth.NewUser(auth.NUser{
		Status:   auth.StatusActive,
		FullName: create.name,
		Email:    create.email,
		Password: create.pass,
	})
	if err != nil {
		cmd.Println("Creating User : ", err)
		return
	}

	if err := auth.CreateUser("", conn, u); err != nil {
		cmd.Println("Creating User : ", err)
		return
	}

	webTok, err := auth.CreateWebToken("", conn, u, 24*365*time.Hour)
	if err != nil {
		cmd.Println("Creating User : ", err)
		return
	}

	cmd.Printf("\nToken: %s\n\n", webTok)
}
Example #2
0
func commitContainer(ctx *cobra.Command, args []string) {
	if len(args) < 2 {
		ErrorExit(ctx, "Needs two arguments to commit <CONTAINER-NAME|ID> to <IMAGE-NAME[:TAG]>")
	}

	reg, name, tag, err := client.ParseRepositoryName(args[1])
	if err != nil {
		log.Fatal(err)
	}

	if reg != "" {
		name = reg + "/" + name
	}

	docker, err := client.NewDockerClient(configPath, hostName, ctx.Out())
	if err != nil {
		log.Fatal(err)
	}

	if _, err := docker.CommitContainer(args[0], name, tag, message, author, boolPause); err != nil {
		log.Fatal(err)
	}

	ctx.Printf("Committed %s as %s:%s\n", args[0], name, tag)
}
Example #3
0
func (t *tufCommander) tufAdd(cmd *cobra.Command, args []string) error {
	if len(args) < 3 {
		cmd.Usage()
		return fmt.Errorf("Must specify a GUN, target, and path to target data")
	}
	config, err := t.configGetter()
	if err != nil {
		return err
	}

	gun := args[0]
	targetName := args[1]
	targetPath := args[2]

	// no online operations are performed by add so the transport argument
	// should be nil
	nRepo, err := notaryclient.NewNotaryRepository(
		config.GetString("trust_dir"), gun, getRemoteTrustServer(config), nil, t.retriever)
	if err != nil {
		return err
	}

	target, err := notaryclient.NewTarget(targetName, targetPath)
	if err != nil {
		return err
	}
	// If roles is empty, we default to adding to targets
	if err = nRepo.AddTarget(target, t.roles...); err != nil {
		return err
	}
	cmd.Printf(
		"Addition of target \"%s\" to repository \"%s\" staged for next publish.\n",
		targetName, gun)
	return nil
}
Example #4
0
File: tuf.go Project: runcom/notary
func tufAdd(cmd *cobra.Command, args []string) {
	if len(args) < 3 {
		cmd.Usage()
		fatalf("Must specify a GUN, target, and path to target data")
	}
	parseConfig()

	gun := args[0]
	targetName := args[1]
	targetPath := args[2]

	// no online operations are performed by add so the transport argument
	// should be nil
	nRepo, err := notaryclient.NewNotaryRepository(mainViper.GetString("trust_dir"), gun, getRemoteTrustServer(), nil, retriever)
	if err != nil {
		fatalf(err.Error())
	}

	target, err := notaryclient.NewTarget(targetName, targetPath)
	if err != nil {
		fatalf(err.Error())
	}
	err = nRepo.AddTarget(target)
	if err != nil {
		fatalf(err.Error())
	}
	cmd.Printf(
		"Addition of target \"%s\" to repository \"%s\" staged for next publish.\n",
		targetName, gun)
}
Example #5
0
func publishAndPrintToCLI(cmd *cobra.Command, nRepo *notaryclient.NotaryRepository, gun string) error {
	if err := nRepo.Publish(); err != nil {
		return err
	}
	cmd.Printf("Successfully published changes for repository %s\n", gun)
	return nil
}
Example #6
0
// runIndex issues the command talking to the web service.
func runIndex(cmd *cobra.Command, args []string) error {
	cmd.Printf("Ensure Indexes : Name[%s]\n", index.name)

	set, err := runGetSet(cmd, index.name)
	if err != nil {
		return err
	}

	verb := "PUT"
	url := "/v1/index/" + index.name

	data, err := json.Marshal(set)
	if err != nil {
		return err
	}

	cmd.Printf("\n%s\n\n", string(data))

	if _, err := web.Request(cmd, verb, url, bytes.NewBuffer(data)); err != nil {
		return err
	}

	cmd.Println("\n", "Ensure Indexes : Ensured")
	return nil
}
Example #7
0
// runExecWeb issues the command talking to the web service.
func runExecWeb(cmd *cobra.Command, vars map[string]string) error {
	verb := "GET"
	url := "/v1/exec/" + exe.name

	if len(vars) > 0 {
		var i int
		for k, v := range vars {
			if i == 0 {
				url += "?"
			} else {
				url += "&"
			}
			i++

			url += k + "=" + v
		}
	}

	resp, err := web.Request(cmd, verb, url, nil)
	if err != nil {
		return err
	}

	cmd.Printf("\n%s\n\n", resp)
	return nil
}
Example #8
0
File: tuf.go Project: cyli/notary
func (t *tufCommander) tufRemove(cmd *cobra.Command, args []string) error {
	if len(args) < 2 {
		return fmt.Errorf("Must specify a GUN and target")
	}
	config, err := t.configGetter()
	if err != nil {
		return err
	}

	gun := args[0]
	targetName := args[1]

	trustPin, err := getTrustPinning(config)
	if err != nil {
		return err
	}

	// no online operation are performed by remove so the transport argument
	// should be nil.
	repo, err := notaryclient.NewNotaryRepository(
		config.GetString("trust_dir"), gun, getRemoteTrustServer(config), nil, t.retriever, trustPin)
	if err != nil {
		return err
	}
	// If roles is empty, we default to removing from targets
	if err = repo.RemoveTarget(targetName, t.roles...); err != nil {
		return err
	}

	cmd.Printf("Removal of %s from %s staged for next publish.\n", targetName, gun)
	return nil
}
Example #9
0
func logoutRegistry(ctx *cobra.Command, args []string) {
	reg := client.INDEX_SERVER
	if len(args) > 0 {
		reg = args[0]
	}

	config, err := client.LoadConfig(configPath)
	if err != nil {
		log.Fatal(err)
	}

	registry, notFound := config.GetRegistry(reg)
	if (notFound != nil) || (registry.Credentials == "") {
		log.Fatalf("Not logged in to a Docker registry at %s", reg)
	}

	config.LogoutRegistry(reg)

	if err := config.SaveConfig(configPath); err != nil {
		log.Fatal(err)
	}

	ctx.Printf("Removed login credentials for a Docker registry at %s\n\n", reg)

	listRegistries(ctx, args)
}
Example #10
0
// runStatus is the code that implements the status command.
func runStatus(cmd *cobra.Command, args []string) {
	cmd.Printf("Status User : Pid[%s] Email[%s] Active[%v]\n", status.pid, status.email, status.active)

	if status.pid == "" && status.email == "" {
		cmd.Help()
		return
	}

	db := db.NewMGO()
	defer db.CloseMGO()

	var publicID string
	if status.pid != "" {
		publicID = status.pid
	} else {
		u, err := auth.GetUserByEmail("", db, status.email, false)
		if err != nil {
			cmd.Println("Status User : ", err)
			return
		}
		publicID = u.PublicID
	}

	st := auth.StatusDisabled
	if status.active {
		st = auth.StatusActive
	}

	if err := auth.UpdateUserStatus("", db, publicID, st); err != nil {
		cmd.Println("Status User : ", err)
		return
	}

	cmd.Println("Status User : Updated")
}
Example #11
0
func tagImage(ctx *cobra.Command, args []string) {
	if len(args) < 2 {
		ErrorExit(ctx, "Needs two arguments <NAME[:TAG]|ID> <NEW-NAME[:TAG]>")
	}

	reg, name, tag, err := client.ParseRepositoryName(args[1])
	if err != nil {
		log.Fatal(err)
	}

	if reg != "" {
		name = reg + "/" + name
	}

	docker, err := client.NewDockerClient(configPath, hostName, ctx.Out())
	if err != nil {
		log.Fatal(err)
	}

	if err := docker.TagImage(args[0], name, tag, boolForce); err != nil {
		log.Fatal(err)
	}

	ctx.Printf("Tagged %s as %s:%s\n", args[0], name, tag)
}
Example #12
0
// runExecute is the code that implements the execute command.
func runExecute(cmd *cobra.Command, args []string) error {
	cmd.Printf("Executing View : Name[%s]\n", execute.viewName)

	// Validate the input parameters.
	if execute.viewName == "" || execute.itemKey == "" {
		return fmt.Errorf("view name and item key must be specified")
	}

	// Ready the view parameters.
	viewParams := wire.ViewParams{
		ViewName:          execute.viewName,
		ItemKey:           execute.itemKey,
		ResultsCollection: execute.resultsCollection,
		BufferLimit:       execute.bufferLimit,
	}

	// Execute the view.
	results, err := wire.Execute("", mgoDB, graphDB, &viewParams)
	if err != nil {
		return err
	}

	// Prepare the results for printing.
	data, err := json.MarshalIndent(results, "", "    ")
	if err != nil {
		return err
	}

	cmd.Printf("\n%s\n\n", string(data))
	cmd.Println("\n", "Executing View : Executed")
	return nil
}
Example #13
0
func getContainerChanges(ctx *cobra.Command, args []string) {
	if len(args) < 1 {
		ErrorExit(ctx, "Needs an argument <NAME|ID> to get changes")
	}

	docker, err := client.NewDockerClient(configPath, hostName, ctx.Out())
	if err != nil {
		log.Fatal(err)
	}

	changes, err := docker.GetContainerChanges(args[0])
	if err != nil {
		log.Fatal(err)
	}

	for _, change := range changes {
		var kind string
		switch change.Kind {
		case api.CHANGE_TYPE_MODIFY:
			kind = "C"
		case api.CHANGE_TYPE_ADD:
			kind = "A"
		case api.CHANGE_TYPE_DELETE:
			kind = "D"
		}
		ctx.Printf("%s %s\n", kind, change.Path)
	}
}
Example #14
0
func printCert(cmd *cobra.Command, cert *x509.Certificate) {
	timeDifference := cert.NotAfter.Sub(time.Now())
	certID, err := trustmanager.FingerprintCert(cert)
	if err != nil {
		fatalf("Could not fingerprint certificate: %v", err)
	}

	cmd.Printf("%s %s (expires in: %v days)\n", cert.Subject.CommonName, certID, math.Floor(timeDifference.Hours()/24))
}
Example #15
0
func (t *tufCommander) tufAddByHash(cmd *cobra.Command, args []string) error {
	if len(args) < 3 || t.sha256 == "" && t.sha512 == "" {
		cmd.Usage()
		return fmt.Errorf("Must specify a GUN, target, byte size of target data, and at least one hash")
	}
	config, err := t.configGetter()
	if err != nil {
		return err
	}

	gun := args[0]
	targetName := args[1]
	targetSize := args[2]

	targetInt64Len, err := strconv.ParseInt(targetSize, 0, 64)
	if err != nil {
		return err
	}

	trustPin, err := getTrustPinning(config)
	if err != nil {
		return err
	}

	// no online operations are performed by add so the transport argument
	// should be nil
	nRepo, err := notaryclient.NewFileCachedNotaryRepository(
		config.GetString("trust_dir"), gun, getRemoteTrustServer(config), nil, t.retriever, trustPin)
	if err != nil {
		return err
	}

	targetHashes, err := getTargetHashes(t)
	if err != nil {
		return err
	}

	// Manually construct the target with the given byte size and hashes
	target := &notaryclient.Target{Name: targetName, Hashes: targetHashes, Length: targetInt64Len}

	// If roles is empty, we default to adding to targets
	if err = nRepo.AddTarget(target, t.roles...); err != nil {
		return err
	}
	// Include the hash algorithms we're using for pretty printing
	hashesUsed := []string{}
	for hashName := range targetHashes {
		hashesUsed = append(hashesUsed, hashName)
	}
	cmd.Printf(
		"Addition of target \"%s\" by %s hash to repository \"%s\" staged for next publish.\n",
		targetName, strings.Join(hashesUsed, ", "), gun)

	return maybeAutoPublish(cmd, t.autoPublish, gun, config, t.retriever)
}
Example #16
0
// runGet issues the command talking to the web service.
func runGet(cmd *cobra.Command, args []string) error {
	verb := "GET"
	url := "/v1/query/" + get.name

	resp, err := web.Request(cmd, verb, url, nil)
	if err != nil {
		return err
	}

	cmd.Printf("\n%s\n\n", resp)
	return nil
}
Example #17
0
func (t *tufCommander) tufStatus(cmd *cobra.Command, args []string) error {
	if len(args) < 1 {
		cmd.Usage()
		return fmt.Errorf("Must specify a GUN")
	}

	config, err := t.configGetter()
	if err != nil {
		return err
	}
	gun := args[0]

	trustPin, err := getTrustPinning(config)
	if err != nil {
		return err
	}

	nRepo, err := notaryclient.NewFileCachedNotaryRepository(
		config.GetString("trust_dir"), gun, getRemoteTrustServer(config), nil, t.retriever, trustPin)
	if err != nil {
		return err
	}

	cl, err := nRepo.GetChangelist()
	if err != nil {
		return err
	}

	if len(cl.List()) == 0 {
		cmd.Printf("No unpublished changes for %s\n", gun)
		return nil
	}

	cmd.Printf("Unpublished changes for %s:\n\n", gun)
	tw := initTabWriter(
		[]string{"#", "ACTION", "SCOPE", "TYPE", "PATH"},
		cmd.Out(),
	)
	for i, ch := range cl.List() {
		fmt.Fprintf(
			tw,
			fiveItemRow,
			fmt.Sprintf("%d", i),
			ch.Action(),
			ch.Scope(),
			ch.Type(),
			ch.Path(),
		)
	}
	tw.Flush()
	return nil
}
Example #18
0
func (k *keyCommander) keysRotate(cmd *cobra.Command, args []string) error {
	if len(args) < 2 {
		cmd.Usage()
		return fmt.Errorf("Must specify a GUN and a key role to rotate")
	}

	config, err := k.configGetter()
	if err != nil {
		return err
	}

	gun := args[0]
	rotateKeyRole := args[1]

	rt, err := getTransport(config, gun, admin)
	if err != nil {
		return err
	}

	trustPin, err := getTrustPinning(config)
	if err != nil {
		return err
	}

	nRepo, err := notaryclient.NewFileCachedNotaryRepository(
		config.GetString("trust_dir"), gun, getRemoteTrustServer(config),
		rt, k.getRetriever(), trustPin)
	if err != nil {
		return err
	}

	if rotateKeyRole == data.CanonicalRootRole {
		cmd.Print("Warning: you are about to rotate your root key.\n\n" +
			"You must use your old key to sign this root rotation. We recommend that\n" +
			"you sign all your future root changes with this key as well, so that\n" +
			"clients can have a smoother update process. Please do not delete\n" +
			"this key after rotating.\n\n" +
			"Are you sure you want to proceed?  (yes/no)  ")

		if !askConfirm(k.input) {
			fmt.Fprintln(cmd.Out(), "\nAborting action.")
			return nil
		}
	}

	if err := nRepo.RotateKey(rotateKeyRole, k.rotateKeyServerManaged); err != nil {
		return err
	}
	cmd.Printf("Successfully rotated %s key for repository %s\n", rotateKeyRole, gun)
	return nil
}
Example #19
0
// keyPassphraseChange changes the passphrase for a root key's private key based on ID
func (k *keyCommander) keyPassphraseChange(cmd *cobra.Command, args []string) error {
	if len(args) < 1 {
		cmd.Usage()
		return fmt.Errorf("must specify the key ID of the key to change the passphrase of")
	}

	config, err := k.configGetter()
	if err != nil {
		return err
	}
	ks, err := k.getKeyStores(config, true)
	if err != nil {
		return err
	}

	keyID := args[0]

	// This is an invalid ID
	if len(keyID) != notary.Sha256HexSize {
		return fmt.Errorf("invalid key ID provided: %s", keyID)
	}

	// Find the key's GUN by ID, in case it is a non-root key
	var keyGUN string
	for _, store := range ks {
		for keypath := range store.ListKeys() {
			if filepath.Base(keypath) == keyID {
				keyGUN = filepath.Dir(keypath)
			}
		}
	}
	cs := cryptoservice.NewCryptoService(keyGUN, ks...)
	privKey, role, err := cs.GetPrivateKey(keyID)
	if err != nil {
		return fmt.Errorf("could not retrieve local key for key ID provided: %s", keyID)
	}

	// Must use a different passphrase retriever to avoid caching the
	// unlocking passphrase and reusing that.
	passChangeRetriever := k.getRetriever()
	keyStore, err := trustmanager.NewKeyFileStore(config.GetString("trust_dir"), passChangeRetriever)
	err = keyStore.AddKey(filepath.Join(keyGUN, keyID), role, privKey)
	if err != nil {
		return err
	}

	cmd.Println("")
	cmd.Printf("Successfully updated passphrase for key ID: %s", keyID)
	cmd.Println("")
	return nil
}
Example #20
0
File: tuf.go Project: cyli/notary
func (t *tufCommander) tufInit(cmd *cobra.Command, args []string) error {
	if len(args) < 1 {
		cmd.Usage()
		return fmt.Errorf("Must specify a GUN")
	}

	config, err := t.configGetter()
	if err != nil {
		return err
	}
	gun := args[0]

	rt, err := getTransport(config, gun, false)
	if err != nil {
		return err
	}

	trustPin, err := getTrustPinning(config)
	if err != nil {
		return err
	}

	nRepo, err := notaryclient.NewNotaryRepository(
		config.GetString("trust_dir"), gun, getRemoteTrustServer(config), rt, t.retriever, trustPin)
	if err != nil {
		return err
	}

	rootKeyList := nRepo.CryptoService.ListKeys(data.CanonicalRootRole)

	var rootKeyID string
	if len(rootKeyList) < 1 {
		cmd.Println("No root keys found. Generating a new root key...")
		rootPublicKey, err := nRepo.CryptoService.Create(data.CanonicalRootRole, "", data.ECDSAKey)
		rootKeyID = rootPublicKey.ID()
		if err != nil {
			return err
		}
	} else {
		// Choses the first root key available, which is initialization specific
		// but should return the HW one first.
		rootKeyID = rootKeyList[0]
		cmd.Printf("Root key found, using: %s\n", rootKeyID)
	}

	if err = nRepo.Initialize(rootKeyID); err != nil {
		return err
	}
	return nil
}
Example #21
0
File: tuf.go Project: runcom/notary
func tufStatus(cmd *cobra.Command, args []string) {
	if len(args) < 1 {
		cmd.Usage()
		fatalf("Must specify a GUN")
	}

	parseConfig()
	gun := args[0]

	nRepo, err := notaryclient.NewNotaryRepository(mainViper.GetString("trust_dir"), gun, getRemoteTrustServer(), nil, retriever)
	if err != nil {
		fatalf(err.Error())
	}

	cl, err := nRepo.GetChangelist()
	if err != nil {
		fatalf(err.Error())
	}

	if len(cl.List()) == 0 {
		cmd.Printf("No unpublished changes for %s\n", gun)
		return
	}

	cmd.Printf("Unpublished changes for %s:\n\n", gun)
	cmd.Printf("%-10s%-10s%-12s%s\n", "action", "scope", "type", "path")
	cmd.Println("----------------------------------------------------")
	for _, ch := range cl.List() {
		cmd.Printf("%-10s%-10s%-12s%s\n", ch.Action(), ch.Scope(), ch.Type(), ch.Path())
	}
}
Example #22
0
// runUpsert is the code that implements the upsert command.
func runUpsert(cmd *cobra.Command, args []string) error {
	cmd.Printf("Upserting Items : Path[%s]\n", upsert.path)

	if upsert.path == "" {
		return fmt.Errorf("path must be provided")
	}

	file := upsert.path

	stat, err := os.Stat(file)
	if err != nil {
		return err
	}

	if !stat.IsDir() {
		item, err := disk.LoadItem("", file)
		if err != nil {
			return err
		}

		if err := runUpsertWeb(cmd, *item); err != nil {
			return err
		}

		cmd.Println("\n", "Upserting Items : Upserted")
		return nil
	}

	f := func(path string) error {
		item, err := disk.LoadItem("", path)
		if err != nil {
			return err
		}

		if err := runUpsertWeb(cmd, *item); err != nil {
			return err
		}

		return nil
	}

	if err := disk.LoadDir(file, f); err != nil {
		return err
	}

	cmd.Println("\n", "Upserting Items : Upserted")
	return nil
}
Example #23
0
// runGet issues the command talking to the web service.
func runGet(cmd *cobra.Command, args []string) error {
	verb := "GET"
	url := "/v1/pattern"

	if get.ptype != "" {
		url += "/" + get.ptype
	}

	resp, err := web.Request(cmd, verb, url, nil)
	if err != nil {
		return err
	}

	cmd.Printf("\n%s\n\n", resp)
	return nil
}
Example #24
0
// runUpsertWeb issues the command talking to the web service.
func runUpsertWeb(cmd *cobra.Command, p pattern.Pattern) error {
	verb := "PUT"
	url := "/v1/pattern"

	data, err := json.Marshal(p)
	if err != nil {
		return err
	}

	cmd.Printf("\n%s\n\n", string(data))

	if _, err := web.Request(cmd, verb, url, bytes.NewBuffer(data)); err != nil {
		return err
	}

	return nil
}
Example #25
0
// runGet issues the command talking to the web service.
func runGet(cmd *cobra.Command, args []string) error {
	verb := "GET"
	url := "/v1/item"

	if get.IDs == "" {
		return fmt.Errorf("at least one id required")
	}

	url += "/" + get.IDs
	resp, err := web.Request(cmd, verb, url, nil)
	if err != nil {
		return err
	}

	cmd.Printf("\n%s\n\n", resp)
	return nil
}
Example #26
0
// runUpsertWeb issues the command talking to the web service.
func runUpsertWeb(cmd *cobra.Command, rel relationship.Relationship) error {
	verb := "PUT"
	url := "/v1/relationship"

	data, err := json.Marshal(rel)
	if err != nil {
		return err
	}

	cmd.Printf("\n%s\n\n", string(data))

	if _, err := web.Request(cmd, verb, url, bytes.NewBuffer(data)); err != nil {
		return err
	}

	return nil
}
Example #27
0
func runCreate(cmd *cobra.Command, args []string) error {
	if len(args) == 0 {
		return errors.New("the name of the new chart is required")
	}
	cname := args[0]
	cmd.Printf("Creating %s\n", cname)

	chartname := filepath.Base(cname)
	cfile := &chart.Metadata{
		Name:        chartname,
		Description: "A Helm chart for Kubernetes",
		Version:     "0.1.0",
	}

	_, err := chartutil.Create(cfile, filepath.Dir(cname))
	return err
}
Example #28
0
func runPackage(cmd *cobra.Command, args []string) error {
	path := "."

	if len(args) > 0 {
		path = args[0]
	} else {
		return fmt.Errorf("This command needs at least one argument, the path to the chart.")
	}

	path, err := filepath.Abs(path)
	if err != nil {
		return err
	}

	ch, err := chartutil.LoadDir(path)
	if err != nil {
		return err
	}

	if filepath.Base(path) != ch.Metadata.Name {
		return fmt.Errorf("directory name (%s) and Chart.yaml name (%s) must match", filepath.Base(path), ch.Metadata.Name)
	}

	// Save to the current working directory.
	cwd, err := os.Getwd()
	if err != nil {
		return err
	}
	name, err := chartutil.Save(ch, cwd)
	if err == nil && flagDebug {
		cmd.Printf("Saved %s to current directory\n", name)
	}

	// Save to $HELM_HOME/local directory. This is second, because we don't want
	// the case where we saved here, but didn't save to the default destination.
	if save {
		if err := repo.AddChartToLocalRepo(ch, localRepoDirectory()); err != nil {
			return err
		} else if flagDebug {
			cmd.Printf("Saved %s to %s\n", name, localRepoDirectory())
		}
	}

	return err
}
Example #29
0
func (k *keyCommander) keysGenerateRootKey(cmd *cobra.Command, args []string) error {
	// We require one or no arguments (since we have a default value), but if the
	// user passes in more than one argument, we error out.
	if len(args) > 1 {
		cmd.Usage()
		return fmt.Errorf(
			"Please provide only one Algorithm as an argument to generate (rsa, ecdsa)")
	}

	// If no param is given to generate, generates an ecdsa key by default
	algorithm := data.ECDSAKey

	// If we were provided an argument lets attempt to use it as an algorithm
	if len(args) > 0 {
		algorithm = args[0]
	}

	allowedCiphers := map[string]bool{
		data.ECDSAKey: true,
		data.RSAKey:   true,
	}

	if !allowedCiphers[strings.ToLower(algorithm)] {
		return fmt.Errorf("Algorithm not allowed, possible values are: RSA, ECDSA")
	}

	config, err := k.configGetter()
	if err != nil {
		return err
	}
	ks, err := k.getKeyStores(config, true, true)
	if err != nil {
		return err
	}
	cs := cryptoservice.NewCryptoService(ks...)

	pubKey, err := cs.Create(data.CanonicalRootRole, "", algorithm)
	if err != nil {
		return fmt.Errorf("Failed to create a new root key: %v", err)
	}

	cmd.Printf("Generated new %s root key with keyID: %s\n", algorithm, pubKey.ID())
	return nil
}
Example #30
0
func (t *tufCommander) tufReset(cmd *cobra.Command, args []string) error {
	if len(args) < 1 {
		cmd.Usage()
		return fmt.Errorf("Must specify a GUN")
	}
	if !t.resetAll && len(t.deleteIdx) < 1 {
		cmd.Usage()
		return fmt.Errorf("Must specify changes to reset with -n or the --all flag")
	}

	config, err := t.configGetter()
	if err != nil {
		return err
	}
	gun := args[0]

	trustPin, err := getTrustPinning(config)
	if err != nil {
		return err
	}

	nRepo, err := notaryclient.NewFileCachedNotaryRepository(
		config.GetString("trust_dir"), gun, getRemoteTrustServer(config), nil, t.retriever, trustPin)
	if err != nil {
		return err
	}

	cl, err := nRepo.GetChangelist()
	if err != nil {
		return err
	}

	if t.resetAll {
		err = cl.Clear(t.archiveChangelist)
	} else {
		err = cl.Remove(t.deleteIdx)
	}
	// If it was a success, print to terminal
	if err == nil {
		cmd.Printf("Successfully reset specified changes for repository %s\n", gun)
	}
	return err
}