b01fe1524a
--- type: change description: |- Completely refactor naming of everything, in light of new SPEC Writing the SPEC shed some light on just how weakly a lot of concepts, like "commit", had been defined, and prompted the delineation of a lot of things along specific lines (commit vs payload, repo vs project). This commit makes the code reflect the SPEC much better in quite a few ways: * Repo is now Project * Commit is now Payload * GitCommit is now just Commit * Hash is now Fingerprint * A lot of minor fields got renamed * All the XXXInterface types are now just XXX, and their old XXX type is now XXXUnion. More than likely there's still some comments and variable names that have slipped passed, but overall I feel like I got most of the changes. fingerprint: AKkDC5BKhKbfXzZQ/F4KquHeMgVvcNxgLmkZFz/nP/tY credentials: - type: pgp_signature pub_key_id: 95C46FA6A41148AC body: iQIzBAABAgAdFiEEJ6tQKp6olvZKJ0lwlcRvpqQRSKwFAl6l7aYACgkQlcRvpqQRSKxFrA//VQ+f8B6pwGS3ORB4VVBnHvvJTGZvAYTvB0fHuHJx2EreR4FwjhaNakk5ClkwbO7WFMq++2OV4xIkvzwswLdbXZF0IHx3wScQM59v4vIkR4V9Lj5p1aGGhQna52uIKugF2gTqKdU4tqYzmBjDND/c2XDwCN5CwTwwnAHXUSSsHxviiPUYPWV5wzFP7uyRW0ZeK8Isv7QECKRXlsDjcSJa+g+jc091FG/jG9Dkai8fbDbW8YXj7W3ALaXgXWEBJMrgQxZcJJRjgCvLY72FIIrUBquu3FepiyzMtZ0yaIvi4NmGCsYqIv00NcMvMtD7iwhOCZn10Sku4wvaKJ8YBMRduhqC99fnr/ZDW0/HvTNcL7GKx11GjwtmzkJgwsHFPy3zX+kMdF4m3WgtoeI0GwEsBXXZE2C49yAk3Mb/3puegl3a1PPMvOabTzo7Xm6xpWkI6gISChI7My71H3EuKZWhkb+IubPmMvJJXIdVxHnsHPz2dl/BZXLgpfVdEgQa2qWeXtYI4NNm37pLl3gv92V4kka+Kr4gfdoq8mJ7aqvc9was35baJbHg4+fEVJG2Wj+2AQU+ncx3nAFzgYyMxwo9K8VuC4QdfRF4ImyxTnWkuokEn9H6JRrbkBDKIELj6vzdPmsjOUEQ4nsYX66/zSibFD7UvhQmdXFs8Gp8/Qq6g4M= account: mediocregopher
96 lines
3.0 KiB
Go
96 lines
3.0 KiB
Go
package sigcred
|
|
|
|
import (
|
|
"dehub.dev/src/dehub.git/fs"
|
|
"dehub.dev/src/dehub.git/typeobj"
|
|
)
|
|
|
|
// Signifier describes the methods that all signifiers must implement.
|
|
type Signifier interface {
|
|
// Sign returns a credential containing a signature of the given data.
|
|
//
|
|
// tree can be used to find the Signifier at a particular snapshot.
|
|
Sign(fs.FS, []byte) (CredentialUnion, error)
|
|
|
|
// Signed returns true if the Signifier was used to sign the credential.
|
|
Signed(fs.FS, CredentialUnion) (bool, error)
|
|
|
|
// Verify asserts that the Signifier produced the given credential for the
|
|
// given data set, or returns an error.
|
|
//
|
|
// tree can be used to find the Signifier at a particular snapshot.
|
|
Verify(fs.FS, []byte, CredentialUnion) error
|
|
}
|
|
|
|
// SignifierUnion represents a single signifier for an account. Only one field
|
|
// should be set on each SignifierUnion.
|
|
type SignifierUnion struct {
|
|
PGPPublicKey *SignifierPGP `type:"pgp_public_key"`
|
|
|
|
// LegacyPGPPublicKeyFile is deprecated, only PGPPublicKey should be used
|
|
LegacyPGPPublicKeyFile *SignifierPGPFile `type:"pgp_public_key_file"`
|
|
}
|
|
|
|
// MarshalYAML implements the yaml.Marshaler interface.
|
|
func (s SignifierUnion) MarshalYAML() (interface{}, error) {
|
|
return typeobj.MarshalYAML(s)
|
|
}
|
|
|
|
// UnmarshalYAML implements the yaml.Unmarshaler interface.
|
|
func (s *SignifierUnion) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
|
if err := typeobj.UnmarshalYAML(s, unmarshal); err != nil {
|
|
return err
|
|
}
|
|
|
|
// TODO deprecate PGPPublicKeyFile
|
|
if s.LegacyPGPPublicKeyFile != nil {
|
|
s.PGPPublicKey = &SignifierPGP{Path: s.LegacyPGPPublicKeyFile.Path}
|
|
s.LegacyPGPPublicKeyFile = nil
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Signifier returns the Signifier instance encapsulated by this SignifierUnion.
|
|
//
|
|
// This will panic if no Signifier field is populated.
|
|
//
|
|
// accountID is given so as to automatically fill the AccountID field of
|
|
// credentials returned from Sign, since the underlying implementation doesn't
|
|
// know what account it's signing for.
|
|
func (s SignifierUnion) Signifier(accountID string) Signifier {
|
|
el, _, err := typeobj.Element(s)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
return accountSignifier(accountID, el.(Signifier))
|
|
}
|
|
|
|
type signifierMiddleware struct {
|
|
Signifier
|
|
signCallback func(*CredentialUnion)
|
|
}
|
|
|
|
func (sm signifierMiddleware) Sign(fs fs.FS, data []byte) (CredentialUnion, error) {
|
|
cred, err := sm.Signifier.Sign(fs, data)
|
|
if err != nil || sm.signCallback == nil {
|
|
return cred, err
|
|
}
|
|
sm.signCallback(&cred)
|
|
return cred, nil
|
|
}
|
|
|
|
// accountSignifier wraps a Signifier to always set the accountID field on
|
|
// credentials it produces via the Sign method.
|
|
//
|
|
// TODO accountSignifier shouldn't be necessary, it's very ugly. It indicates
|
|
// that CredentialUnion probably shouldn't have AccountID on it, which makes
|
|
// sense. Some refactoring is required here.
|
|
func accountSignifier(accountID string, sig Signifier) Signifier {
|
|
return signifierMiddleware{
|
|
Signifier: sig,
|
|
signCallback: func(cred *CredentialUnion) {
|
|
cred.AccountID = accountID
|
|
},
|
|
}
|
|
}
|