diff options
Diffstat (limited to 'cmd/podman/common/sign.go')
-rw-r--r-- | cmd/podman/common/sign.go | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/cmd/podman/common/sign.go b/cmd/podman/common/sign.go new file mode 100644 index 000000000..e8a90ed57 --- /dev/null +++ b/cmd/podman/common/sign.go @@ -0,0 +1,36 @@ +package common + +import ( + "fmt" + + "github.com/containers/image/v5/pkg/cli" + "github.com/containers/podman/v4/pkg/domain/entities" + "github.com/containers/podman/v4/pkg/terminal" +) + +// PrepareSigningPassphrase updates pushOpts.SignPassphrase and SignSigstorePrivateKeyPassphrase based on a --sign-passphrase-file value signPassphraseFile, +// and validates pushOpts.Sign* consistency. +// It may interactively prompt for a passphrase if one is required and wasn’t provided otherwise. +func PrepareSigningPassphrase(pushOpts *entities.ImagePushOptions, signPassphraseFile string) error { + // c/common/libimage.Image does allow creating both simple signing and sigstore signatures simultaneously, + // with independent passphrases, but that would make the CLI probably too confusing. + // For now, use the passphrase with either, but only one of them. + if signPassphraseFile != "" && pushOpts.SignBy != "" && pushOpts.SignBySigstorePrivateKeyFile != "" { + return fmt.Errorf("only one of --sign-by and sign-by-sigstore-private-key can be used with --sign-passphrase-file") + } + + var passphrase string + if signPassphraseFile != "" { + p, err := cli.ReadPassphraseFile(signPassphraseFile) + if err != nil { + return err + } + passphrase = p + } else if pushOpts.SignBySigstorePrivateKeyFile != "" { + p := terminal.ReadPassphrase() + passphrase = string(p) + } // pushOpts.SignBy triggers a GPG-agent passphrase prompt, possibly using a more secure channel, so we usually shouldn’t prompt ourselves if no passphrase was explicitly provided. + pushOpts.SignPassphrase = passphrase + pushOpts.SignSigstorePrivateKeyPassphrase = []byte(passphrase) + return nil +} |