| // Copyright 2017 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| // Package sign implements the `pm sign` command and signs the metadata of a |
| // package |
| package sign |
| |
| import ( |
| "flag" |
| "fmt" |
| "os" |
| "path/filepath" |
| |
| "fuchsia.googlesource.com/pm/build" |
| ) |
| |
| const usage = `Usage: %s sign |
| sign a package with the given key |
| ` |
| |
| // Run creates a pubkey and signature file in the meta directory of the given |
| // package, using the given private key. The generated signature is computed |
| // using EdDSA, and includes as a message all files from meta except for any |
| // pre-existing signature. The resulting signature is written to |
| // packageDir/meta/signature. |
| func Run(cfg *build.Config, args []string) error { |
| fs := flag.NewFlagSet("sign", flag.ExitOnError) |
| |
| fs.Usage = func() { |
| fmt.Fprintf(os.Stderr, usage, filepath.Base(os.Args[0])) |
| fmt.Fprintln(os.Stderr) |
| fs.PrintDefaults() |
| } |
| |
| if err := fs.Parse(args); err != nil { |
| return err |
| } |
| |
| if cfg.KeyPath == "" { |
| return fmt.Errorf("error: private key flag is required") |
| } |
| return build.Sign(cfg) |
| } |