Merge pull request #291 from uptane/feat/cli-sign-json-blog

New cli command sign-json

cli/src/main/scala/com/advancedtelematic/tuf/cli/Cli.scala

@@ -65,6 +65,7 @@ case class Config(command: Command,
                   serverCertPath: Option[Path] = None,
                   delegatedPaths: List[DelegatedPathPattern] = List.empty,
                   keyPaths: List[Path] = List.empty,
+                  pubKeyPath: Option[Path] = None,
                   force: Boolean = false,
                   reposerverUrl: Option[URI] = None,
                   verbose: Boolean = false,
@@ -165,6 +166,22 @@ object Cli extends App with VersionInfo {
 
     note(" " + sys.props("line.separator"))
 
+    cmd("sign-json")
+      .toCommand(SignUserJson)
+      .text("Signs valid user provided json with a specified key")
+      .children(
+        opt[Path]("priv-key").abbr("k")
+          .text("The path to the private key to use to sign json")
+          .action { (arg, c) => c.copy(keyPaths = arg :: c.keyPaths) },
+        opt[Path]("pub-key").abbr("p")
+          .text("The path to the public key to use to sign json")
+          .toConfigOptionParam('pubKeyPath),
+        opt[Path]('i', "input").toConfigOptionParam('inputPath)
+          .text("path to input json")
+      )
+
+    note(" " + sys.props("line.separator"))
+
     cmd("user-keys").children(
       keysPathOpt(this),
       cmd("gen")

cli/src/main/scala/com/advancedtelematic/tuf/cli/CommandHandler.scala

@@ -4,12 +4,12 @@ import java.net.URI
 import java.time.{Instant, Period, ZoneOffset}
 import java.util.concurrent.TimeUnit
 import com.advancedtelematic.libats.data.DataType.Checksum
-import com.advancedtelematic.libtuf.crypt.Sha256FileDigest
+import com.advancedtelematic.libtuf.crypt.{Sha256FileDigest, TufCrypto}
 import com.advancedtelematic.libtuf.data.ClientCodecs._
 import com.advancedtelematic.libtuf.data.ClientDataType.{ClientTargetItem, RootRole, TargetCustom}
 import com.advancedtelematic.libtuf.data.TufCodecs._
 import com.advancedtelematic.libtuf.data.TufDataType.TargetFormat.TargetFormat
-import com.advancedtelematic.libtuf.data.TufDataType.{HardwareIdentifier, RoleType, TargetFilename, TargetFormat, TargetName, TargetVersion, ValidTargetFilename}
+import com.advancedtelematic.libtuf.data.TufDataType.{HardwareIdentifier, RoleType, SignedPayload, TargetFilename, TargetFormat, TargetName, TargetVersion, ValidTargetFilename}
 import com.advancedtelematic.libtuf.http.{ReposerverClient, TufServerClient}
 import com.advancedtelematic.tuf.cli.CliConfigOptionOps._
 import com.advancedtelematic.tuf.cli.Commands._
@@ -221,6 +221,18 @@ object CommandHandler {
         userKeyStorage.genKeys(keyName, config.keyType, config.keySize)
       }.sequence_
 
+    case SignUserJson =>
+      for {
+        inJson <- io.circe.jawn.parsePath(config.inputPath.valueOrConfigError).toTry
+        pubKey <- CliKeyStorage.readPublicKey(config.pubKeyPath.valueOrConfigError)
+        privKey <- CliKeyStorage.readPrivateKey(config.keyPaths.headOption.valueOrConfigError)
+      } yield {
+        val signature = TufCrypto.signPayload(privKey, inJson).toClient(pubKey.id)
+        val payload = SignedPayload(Seq(signature), inJson, inJson)
+
+        config.outputPath.streamOrStdout.write(payload.asJson.spaces2.getBytes)
+      }
+
     case IdUserKey =>
       CliKeyStorage.readPublicKey(config.inputPath.valueOrConfigError).map { key =>
         config.outputPath.streamOrStdout.write(key.id.value.getBytes)

cli/src/main/scala/com/advancedtelematic/tuf/cli/Commands.scala

@@ -29,6 +29,7 @@ object Commands {
   case object CreateDelegation extends Command
   case object SignDelegation extends Command
   case object GenUserKey extends Command
+  case object SignUserJson extends Command
   case object IdUserKey extends Command
   case object PushDelegation extends Command
   case object PullDelegation extends Command