Skip to content

Commit

Permalink
hash component command
Browse files Browse the repository at this point in the history
  • Loading branch information
mandelsoft committed Dec 20, 2022
1 parent facedfa commit 4f42f37
Show file tree
Hide file tree
Showing 19 changed files with 705 additions and 51 deletions.
2 changes: 2 additions & 0 deletions cmds/ocm/app/app.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ import (
"github.com/open-component-model/ocm/cmds/ocm/commands/verbs/describe"
"github.com/open-component-model/ocm/cmds/ocm/commands/verbs/download"
"github.com/open-component-model/ocm/cmds/ocm/commands/verbs/get"
"github.com/open-component-model/ocm/cmds/ocm/commands/verbs/hash"
"github.com/open-component-model/ocm/cmds/ocm/commands/verbs/install"
"github.com/open-component-model/ocm/cmds/ocm/commands/verbs/show"
"github.com/open-component-model/ocm/cmds/ocm/commands/verbs/sign"
Expand Down Expand Up @@ -187,6 +188,7 @@ func newCliCommand(opts *CLIOptions, mod ...func(clictx.Context, *cobra.Command)
cmd.AddCommand(create.NewCommand(opts.Context))
cmd.AddCommand(add.NewCommand(opts.Context))
cmd.AddCommand(sign.NewCommand(opts.Context))
cmd.AddCommand(hash.NewCommand(opts.Context))
cmd.AddCommand(verify.NewCommand(opts.Context))
cmd.AddCommand(show.NewCommand(opts.Context))
cmd.AddCommand(transfer.NewCommand(opts.Context))
Expand Down
35 changes: 25 additions & 10 deletions cmds/ocm/commands/ocmcmds/common/cmds/signing/cmd.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ import (
"github.com/open-component-model/ocm/pkg/contexts/clictx"
"github.com/open-component-model/ocm/pkg/contexts/ocm"
"github.com/open-component-model/ocm/pkg/contexts/ocm/attrs/signingattr"
"github.com/open-component-model/ocm/pkg/contexts/ocm/compdesc"
metav1 "github.com/open-component-model/ocm/pkg/contexts/ocm/compdesc/meta/v1"
"github.com/open-component-model/ocm/pkg/contexts/ocm/signing"
"github.com/open-component-model/ocm/pkg/errors"
)
Expand Down Expand Up @@ -89,41 +91,54 @@ func (o *SignatureCommand) Run() error {
if err != nil {
return err
}
return utils.HandleOutput(NewAction(o.spec.terms, o, sopts), handler, utils.StringElemSpecs(o.Refs...)...)
return utils.HandleOutput(NewAction(o.spec.terms, common.NewPrinter(o.Context.StdOut()), sopts), handler, utils.StringElemSpecs(o.Refs...)...)
}

/////////////////////////////////////////////////////////////////////////////

type Action interface {
output.Output
Digest(o *comphdlr.Object) (*metav1.DigestSpec, *compdesc.ComponentDescriptor, error)
}

type action struct {
desc []string
cmd *SignatureCommand
printer common.Printer
state common.WalkingState
state signing.WalkingState
baseresolver ocm.ComponentVersionResolver
sopts *signing.Options
errlist *errors.ErrorList
}

var _ output.Output = (*action)(nil)

func NewAction(desc []string, cmd *SignatureCommand, sopts *signing.Options) output.Output {
func NewAction(desc []string, p common.Printer, sopts *signing.Options) Action {
return &action{
desc: desc,
cmd: cmd,
printer: common.NewPrinter(cmd.Context.StdOut()),
state: common.NewWalkingState(),
printer: p,
state: signing.NewWalkingState(),
baseresolver: sopts.Resolver,
sopts: sopts,
errlist: errors.ErrListf(desc[1]),
}
}

func (a *action) Digest(o *comphdlr.Object) (*metav1.DigestSpec, *compdesc.ComponentDescriptor, error) {
sopts := *a.sopts
sopts.Resolver = ocm.NewCompoundResolver(o.Repository, a.sopts.Resolver)
d, err := signing.Apply(a.printer, &a.state, o.ComponentVersion, &sopts, true)
var cd *compdesc.ComponentDescriptor
vi := a.state.Get(common.VersionedElementKey(o.ComponentVersion))
if vi != nil {
cd = vi.Descriptor
}
return d, cd, err
}

func (a *action) Add(e interface{}) error {
o := e.(*comphdlr.Object)
cv := o.ComponentVersion
sopts := *a.sopts
sopts.Resolver = ocm.NewCompoundResolver(o.Repository, a.sopts.Resolver)
d, err := signing.Apply(a.printer, &a.state, cv, &sopts, true)
d, _, err := a.Digest(o)
a.errlist.Add(err)
if err == nil {
a.printer.Printf("successfully %s %s:%s (digest %s:%s)\n", a.desc[0], cv.GetName(), cv.GetVersion(), d.HashAlgorithm, d.Value)
Expand Down
82 changes: 82 additions & 0 deletions cmds/ocm/commands/ocmcmds/common/options/hashoption/option.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
// SPDX-FileCopyrightText: 2022 SAP SE or an SAP affiliate company and Open Component Model contributors.
//
// SPDX-License-Identifier: Apache-2.0

package hashoption

import (
"github.com/spf13/pflag"

"github.com/open-component-model/ocm/cmds/ocm/pkg/options"
"github.com/open-component-model/ocm/cmds/ocm/pkg/utils"
"github.com/open-component-model/ocm/pkg/contexts/clictx"
"github.com/open-component-model/ocm/pkg/contexts/ocm/attrs/signingattr"
"github.com/open-component-model/ocm/pkg/contexts/ocm/compdesc"
"github.com/open-component-model/ocm/pkg/contexts/ocm/compdesc/normalizations/jsonv1"
ocmsign "github.com/open-component-model/ocm/pkg/contexts/ocm/signing"
"github.com/open-component-model/ocm/pkg/errors"
"github.com/open-component-model/ocm/pkg/signing"
"github.com/open-component-model/ocm/pkg/signing/hasher/sha256"
)

func From(o options.OptionSetProvider) *Option {
var opt *Option
o.AsOptionSet().Get(&opt)
return opt
}

var _ options.Options = (*Option)(nil)

func New() *Option {
return &Option{}
}

type Option struct {
Hasher signing.Hasher
NormAlgorithm string
hashAlgorithm string
}

func (o *Option) AddFlags(fs *pflag.FlagSet) {
fs.StringVarP(&o.NormAlgorithm, "normalization", "N", jsonv1.Algorithm, "normalization algorithm")
fs.StringVarP(&o.hashAlgorithm, "hash", "H", sha256.Algorithm, "hash algorithm")
}

func (o *Option) Complete(ctx clictx.Context) error {
if o.NormAlgorithm == "" {
o.NormAlgorithm = jsonv1.Algorithm
}
if o.hashAlgorithm == "" {
o.hashAlgorithm = sha256.Algorithm
}
x := compdesc.Normalizations.Get(o.NormAlgorithm)
if x == nil {
return errors.ErrUnknown(compdesc.KIND_NORM_ALGORITHM, o.NormAlgorithm)
}
o.Hasher = signingattr.Get(ctx).GetHasher(o.hashAlgorithm)
if o.Hasher == nil {
return errors.ErrUnknown(compdesc.KIND_HASH_ALGORITHM, o.hashAlgorithm)
}
return nil
}

func (o *Option) Usage() string {
s := `
The following normalization modes are supported with option <code>--normalization</code>:
` + utils.FormatList(jsonv1.Algorithm, compdesc.Normalizations.Names()...)

s += `
The following hash modes are supported with option <code>--hash</code>:
` + utils.FormatList(sha256.Algorithm, signing.DefaultRegistry().HasherNames()...)

signing.DefaultRegistry().HasherNames()
return s
}

var _ ocmsign.Option = (*Option)(nil)

func (o *Option) ApplySigningOption(opts *ocmsign.Options) {
opts.NormalizationAlgo = o.NormAlgorithm
opts.Hasher = o.Hasher
}
29 changes: 9 additions & 20 deletions cmds/ocm/commands/ocmcmds/common/options/signoption/option.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (
"github.com/mandelsoft/vfs/pkg/vfs"
"github.com/spf13/pflag"

"github.com/open-component-model/ocm/cmds/ocm/commands/ocmcmds/common/options/hashoption"
"github.com/open-component-model/ocm/cmds/ocm/pkg/options"
"github.com/open-component-model/ocm/cmds/ocm/pkg/utils"
"github.com/open-component-model/ocm/pkg/contexts/clictx"
Expand Down Expand Up @@ -43,7 +44,6 @@ type Option struct {
local bool
SignMode bool
signAlgorithm string
hashAlgorithm string
publicKeys []string
privateKeys []string
Issuer string
Expand All @@ -58,19 +58,18 @@ type Option struct {
SignatureNames []string
Update bool
Signer signing.Signer
Hasher signing.Hasher
Keys signing.KeyRegistry
NormAlgorithm string

Hash hashoption.Option
}

func (o *Option) AddFlags(fs *pflag.FlagSet) {
fs.StringArrayVarP(&o.SignatureNames, "signature", "s", nil, "signature name")
fs.StringArrayVarP(&o.publicKeys, "public-key", "k", nil, "public key setting")
if o.SignMode {
o.Hash.AddFlags(fs)
fs.StringArrayVarP(&o.privateKeys, "private-key", "K", nil, "private key setting")
fs.StringVarP(&o.signAlgorithm, "algorithm", "S", rsa.Algorithm, "signature handler")
fs.StringVarP(&o.NormAlgorithm, "normalization", "N", jsonv1.Algorithm, "normalization algorithm")
fs.StringVarP(&o.hashAlgorithm, "hash", "H", sha256.Algorithm, "hash algorithm")
fs.StringVarP(&o.Issuer, "issuer", "I", "", "issuer name")
fs.BoolVarP(&o.Update, "update", "", o.SignMode, "update digest in component versions")
fs.BoolVarP(&o.Recursively, "recursive", "R", false, "recursively sign component versions")
Expand All @@ -97,27 +96,17 @@ func (o *Option) Complete(ctx clictx.Context) error {
o.Keys = signing.NewKeyRegistry()
}
if o.SignMode {
if o.NormAlgorithm == "" {
o.NormAlgorithm = jsonv1.Algorithm
err := o.Hash.Complete(ctx)
if err != nil {
return err
}
if o.signAlgorithm == "" {
o.signAlgorithm = rsa.Algorithm
}
if o.hashAlgorithm == "" {
o.hashAlgorithm = sha256.Algorithm
}
x := compdesc.Normalizations.Get(o.NormAlgorithm)
if x == nil {
return errors.ErrUnknown(compdesc.KIND_NORM_ALGORITHM, o.NormAlgorithm)
}
o.Signer = signingattr.Get(ctx).GetSigner(o.signAlgorithm)
if o.Signer == nil {
return errors.ErrUnknown(compdesc.KIND_SIGN_ALGORITHM, o.signAlgorithm)
}
o.Hasher = signingattr.Get(ctx).GetHasher(o.hashAlgorithm)
if o.Hasher == nil {
return errors.ErrUnknown(compdesc.KIND_HASH_ALGORITHM, o.hashAlgorithm)
}
} else {
o.Recursively = !o.local
}
Expand Down Expand Up @@ -236,8 +225,8 @@ func (o *Option) ApplySigningOption(opts *ocmsign.Options) {
opts.Verify = o.Verify
opts.Recursively = o.Recursively
opts.Keys = o.Keys
opts.NormalizationAlgo = o.NormAlgorithm
opts.Hasher = o.Hasher
opts.NormalizationAlgo = o.Hash.NormAlgorithm
opts.Hasher = o.Hash.Hasher
if o.Issuer != "" {
opts.Issuer = o.Issuer
}
Expand Down
2 changes: 2 additions & 0 deletions cmds/ocm/commands/ocmcmds/components/cmd.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"github.com/open-component-model/ocm/cmds/ocm/commands/ocmcmds/components/add"
"github.com/open-component-model/ocm/cmds/ocm/commands/ocmcmds/components/download"
"github.com/open-component-model/ocm/cmds/ocm/commands/ocmcmds/components/get"
"github.com/open-component-model/ocm/cmds/ocm/commands/ocmcmds/components/hash"
"github.com/open-component-model/ocm/cmds/ocm/commands/ocmcmds/components/sign"
"github.com/open-component-model/ocm/cmds/ocm/commands/ocmcmds/components/verify"
"github.com/open-component-model/ocm/cmds/ocm/commands/ocmcmds/names"
Expand All @@ -31,6 +32,7 @@ func NewCommand(ctx clictx.Context) *cobra.Command {
func AddCommands(ctx clictx.Context, cmd *cobra.Command) {
cmd.AddCommand(add.NewCommand(ctx, add.Verb))
cmd.AddCommand(get.NewCommand(ctx, get.Verb))
cmd.AddCommand(hash.NewCommand(ctx, hash.Verb))
cmd.AddCommand(sign.NewCommand(ctx, sign.Verb))
cmd.AddCommand(verify.NewCommand(ctx, verify.Verb))
cmd.AddCommand(download.NewCommand(ctx, download.Verb))
Expand Down
Loading

0 comments on commit 4f42f37

Please sign in to comment.