forked from TrueCloudLab/certificates
Fix comments, and return an error instead of fatal.
This commit is contained in:
Mariano Cano
parent
7d9997618f
commit
ccc403cf89
2 changed files with 11 additions and 5 deletions
1
go.sum
1
go.sum
|
|
@ -307,6 +307,7 @@ golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de h1:ikNHVSjEfnvz6sxdSPCaPt
|
|||
golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 h1:pLI5jrR7OSLijeIDcmRxNmw2api+jEfxLoykJVice/E=
|
||||
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9 h1:phUcVbl53swtrUN8kQEXFhUxPlIlWyBfKmidCu7P95o=
|
||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ import (
|
|||
"crypto/rsa"
|
||||
"crypto/x509"
|
||||
"io"
|
||||
"log"
|
||||
"net"
|
||||
"os"
|
||||
"strings"
|
||||
|
|
@ -32,7 +31,7 @@ func New(ctx context.Context, opts apiv1.Options) (*SSHAgentKMS, error) {
|
|||
socket := os.Getenv("SSH_AUTH_SOCK")
|
||||
conn, err := net.Dial("unix", socket)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to open SSH_AUTH_SOCK: %v", err)
|
||||
return nil, errors.Wrap(err, "failed to open SSH_AUTH_SOCK")
|
||||
}
|
||||
|
||||
agentClient := agent.NewClient(conn)
|
||||
|
|
@ -42,7 +41,8 @@ func New(ctx context.Context, opts apiv1.Options) (*SSHAgentKMS, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
// For testing
|
||||
// NewFromAgent initializes an SSHAgentKMS from a given agent, this method is
|
||||
// used for testing purposes.
|
||||
func NewFromAgent(ctx context.Context, opts apiv1.Options, agentClient agent.Agent) (*SSHAgentKMS, error) {
|
||||
return &SSHAgentKMS{
|
||||
agentClient: agentClient,
|
||||
|
|
@ -55,20 +55,23 @@ func init() {
|
|||
})
|
||||
}
|
||||
|
||||
// Close closes the agent. This is a noop for the SSHAgentKMS.
|
||||
func (k *SSHAgentKMS) Close() error {
|
||||
// TODO: Is there any cleanup in Agent we can do?
|
||||
return nil
|
||||
}
|
||||
|
||||
// Utility class to wrap a ssh.Signer as a crypto.Signer
|
||||
// WrappedSSHSigner is a utility type to wrap a ssh.Signer as a crypto.Signer
|
||||
type WrappedSSHSigner struct {
|
||||
Sshsigner ssh.Signer
|
||||
}
|
||||
|
||||
// Public returns the agent public key. The type of this public key is
|
||||
// *agent.Key.
|
||||
func (s *WrappedSSHSigner) Public() crypto.PublicKey {
|
||||
return s.Sshsigner.PublicKey()
|
||||
}
|
||||
|
||||
// Sign signs the given digest using the ssh agent and returns the signature.
|
||||
func (s *WrappedSSHSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) {
|
||||
sig, err := s.Sshsigner.Sign(rand, digest)
|
||||
if err != nil {
|
||||
|
|
@ -77,6 +80,8 @@ func (s *WrappedSSHSigner) Sign(rand io.Reader, digest []byte, opts crypto.Signe
|
|||
return sig.Blob, nil
|
||||
}
|
||||
|
||||
// NewWrappedSignerFromSSHSigner returns a new crypto signer wrapping the given
|
||||
// one.
|
||||
func NewWrappedSignerFromSSHSigner(signer ssh.Signer) crypto.Signer {
|
||||
return &WrappedSSHSigner{signer}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue