Fix key JSON serialization

Signed-off-by: Lewis Marshall <[email protected]>
theupdateframework · Dec 30, 2014 · 45855b6 · 45855b6
1 parent 1a9c2e5
commit 45855b6
Show file tree

Hide file tree

Showing 6 changed files with 38 additions and 30 deletions.
diff --git a/data/types.go b/data/types.go
@@ -28,13 +28,18 @@ type Key struct {
 }
 
 func (k *Key) ID() string {
-	data, _ := cjson.Marshal(k)
+	// create a copy so the private key is not included
+	data, _ := cjson.Marshal(&Key{
+		Type:  k.Type,
+		Value: KeyValue{Public: k.Value.Public},
+	})
 	digest := sha256.Sum256(data)
 	return hex.EncodeToString(digest[:])
 }
 
 type KeyValue struct {
-	Public HexBytes `json:"public"`
+	Public  HexBytes `json:"public"`
+	Private HexBytes `json:"private,omitempty"`
 }
 
 type Root struct {

diff --git a/keys/db.go b/keys/db.go
@@ -32,15 +32,18 @@ func NewKey() (*Key, error) {
 }
 
 type Key struct {
-	ID      string                        `json:"id"`
-	Public  [ed25519.PublicKeySize]byte   `json:"public"`
-	Private *[ed25519.PrivateKeySize]byte `json:"private,omitempty"`
+	ID      string
+	Public  [ed25519.PublicKeySize]byte
+	Private *[ed25519.PrivateKeySize]byte
 }
 
 func (k *Key) Serialize() *data.Key {
 	return &data.Key{
-		Type:  "ed25519",
-		Value: data.KeyValue{Public: k.Public[:]},
+		Type: "ed25519",
+		Value: data.KeyValue{
+			Public:  k.Public[:],
+			Private: k.Private[:],
+		},
 	}
 }
 

diff --git a/local_store.go b/local_store.go
@@ -10,21 +10,20 @@ import (
 	"strings"
 
 	"github.com/flynn/go-tuf/data"
-	"github.com/flynn/go-tuf/keys"
 )
 
 func MemoryStore(meta map[string]json.RawMessage, files map[string][]byte) LocalStore {
 	return &memoryStore{
 		meta:  meta,
 		files: files,
-		keys:  make(map[string][]*keys.Key),
+		keys:  make(map[string][]*data.Key),
 	}
 }
 
 type memoryStore struct {
 	meta  map[string]json.RawMessage
 	files map[string][]byte
-	keys  map[string][]*keys.Key
+	keys  map[string][]*data.Key
 }
 
 func (m *memoryStore) GetMeta() (map[string]json.RawMessage, error) {
@@ -56,13 +55,13 @@ func (m *memoryStore) Commit(meta map[string]json.RawMessage, targets data.Files
 	return nil
 }
 
-func (m *memoryStore) GetKeys(role string) ([]*keys.Key, error) {
+func (m *memoryStore) GetKeys(role string) ([]*data.Key, error) {
 	return m.keys[role], nil
 }
 
-func (m *memoryStore) SaveKey(role string, key *keys.Key) error {
+func (m *memoryStore) SaveKey(role string, key *data.Key) error {
 	if _, ok := m.keys[role]; !ok {
-		m.keys[role] = make([]*keys.Key, 0)
+		m.keys[role] = make([]*data.Key, 0)
 	}
 	m.keys[role] = append(m.keys[role], key)
 	return nil
@@ -205,12 +204,12 @@ func (f *fileSystemStore) Commit(meta map[string]json.RawMessage, targets data.F
 	return f.Clean()
 }
 
-func (f *fileSystemStore) GetKeys(role string) ([]*keys.Key, error) {
+func (f *fileSystemStore) GetKeys(role string) ([]*data.Key, error) {
 	files, err := ioutil.ReadDir(filepath.Join(f.dir, "keys"))
 	if err != nil {
 		return nil, err
 	}
-	signingKeys := make([]*keys.Key, 0, len(files))
+	signingKeys := make([]*data.Key, 0, len(files))
 	for _, file := range files {
 		if !strings.HasPrefix(file.Name(), role) {
 			continue
@@ -219,7 +218,7 @@ func (f *fileSystemStore) GetKeys(role string) ([]*keys.Key, error) {
 		if err != nil {
 			return nil, err
 		}
-		key := &keys.Key{}
+		key := &data.Key{}
 		if err := json.NewDecoder(s).Decode(key); err != nil {
 			return nil, err
 		}
@@ -228,15 +227,15 @@ func (f *fileSystemStore) GetKeys(role string) ([]*keys.Key, error) {
 	return signingKeys, nil
 }
 
-func (f *fileSystemStore) SaveKey(role string, key *keys.Key) error {
+func (f *fileSystemStore) SaveKey(role string, key *data.Key) error {
 	if err := f.createDirs(); err != nil {
 		return err
 	}
-	data, err := json.Marshal(key)
+	data, err := json.MarshalIndent(key, "", "  ")
 	if err != nil {
 		return err
 	}
-	if err := ioutil.WriteFile(filepath.Join(f.dir, "keys", role+"-"+key.ID+".json"), data, 0600); err != nil {
+	if err := ioutil.WriteFile(filepath.Join(f.dir, "keys", role+"-"+key.ID()+".json"), append(data, '\n'), 0600); err != nil {
 		return err
 	}
 	return nil

diff --git a/repo.go b/repo.go
@@ -41,8 +41,8 @@ type LocalStore interface {
 	SetMeta(string, json.RawMessage) error
 	GetStagedTarget(string) (io.ReadCloser, error)
 	Commit(map[string]json.RawMessage, data.Files) error
-	GetKeys(string) ([]*keys.Key, error)
-	SaveKey(string, *keys.Key) error
+	GetKeys(string) ([]*data.Key, error)
+	SaveKey(string, *data.Key) error
 	Clean() error
 }
 
@@ -159,7 +159,7 @@ func (r *Repo) GenKey(keyRole string) error {
 	if err != nil {
 		return err
 	}
-	if err := r.local.SaveKey(keyRole, key); err != nil {
+	if err := r.local.SaveKey(keyRole, key.Serialize()); err != nil {
 		return err
 	}
 

diff --git a/repo_test.go b/repo_test.go
@@ -133,7 +133,7 @@ func (RepoSuite) TestGenKey(c *C) {
 	localKeys, err := local.GetKeys("root")
 	c.Assert(err, IsNil)
 	c.Assert(localKeys, HasLen, 1)
-	c.Assert(localKeys[0].ID, Equals, keyID)
+	c.Assert(localKeys[0].ID(), Equals, keyID)
 
 	// generate two targets keys
 	c.Assert(r.GenKey("targets"), IsNil)
@@ -172,7 +172,7 @@ func (RepoSuite) TestGenKey(c *C) {
 	for _, key := range localKeys {
 		found := false
 		for _, id := range targetsRole.KeyIDs {
-			if id == key.ID {
+			if id == key.ID() {
 				found = true
 			}
 		}
@@ -209,7 +209,7 @@ func (RepoSuite) TestSign(c *C) {
 
 	key, err := keys.NewKey()
 	c.Assert(err, IsNil)
-	c.Assert(local.SaveKey("root", key), IsNil)
+	c.Assert(local.SaveKey("root", key.Serialize()), IsNil)
 	c.Assert(r.Sign("root.json"), IsNil)
 }
 

diff --git a/signed/sign.go b/signed/sign.go
@@ -3,20 +3,21 @@ package signed
 import (
 	"github.com/agl/ed25519"
 	"github.com/flynn/go-tuf/data"
-	"github.com/flynn/go-tuf/keys"
 	"github.com/tent/canonical-json-go"
 )
 
-func Sign(s *data.Signed, k *keys.Key) {
-	sig := ed25519.Sign(k.Private, s.Signed)
+func Sign(s *data.Signed, k *data.Key) {
+	priv := [ed25519.PrivateKeySize]byte{}
+	copy(priv[:], k.Value.Private)
+	sig := ed25519.Sign(&priv, s.Signed)
 	s.Signatures = append(s.Signatures, data.Signature{
-		KeyID:     k.ID,
+		KeyID:     k.ID(),
 		Method:    "ed25519",
 		Signature: sig[:],
 	})
 }
 
-func Marshal(v interface{}, keys ...*keys.Key) (*data.Signed, error) {
+func Marshal(v interface{}, keys ...*data.Key) (*data.Signed, error) {
 	b, err := cjson.Marshal(v)
 	if err != nil {
 		return nil, err