diff --git a/command/ca/federation.go b/command/ca/federation.go index 95475377..a1f3da74 100644 --- a/command/ca/federation.go +++ b/command/ca/federation.go @@ -13,11 +13,11 @@ import ( "github.com/smallstep/certificates/pki" "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/pemutil" "github.com/smallstep/cli/flags" - "github.com/smallstep/cli/utils" ) type flowType int @@ -170,7 +170,7 @@ func rootsAndFederationFlow(ctx *cli.Context, typ flowType) error { } if outFile := ctx.Args().Get(0); outFile != "" { - if err := utils.WriteFile(outFile, data, 0600); err != nil { + if err := fileutil.WriteFile(outFile, data, 0o600); err != nil { return err } diff --git a/command/ca/renew.go b/command/ca/renew.go index c2d7eaad..0eaa4e6a 100644 --- a/command/ca/renew.go +++ b/command/ca/renew.go @@ -27,6 +27,7 @@ import ( "github.com/smallstep/certificates/pki" "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/jose" "go.step.sm/crypto/pemutil" @@ -35,7 +36,6 @@ import ( "github.com/smallstep/cli/flags" "github.com/smallstep/cli/internal/cryptoutil" "github.com/smallstep/cli/token" - "github.com/smallstep/cli/utils" "github.com/smallstep/cli/utils/cautils" "github.com/smallstep/cli/utils/sysutils" ) @@ -495,7 +495,7 @@ func (r *renewer) Renew(outFile string) (resp *api.SignResponse, err error) { } data = append(data, pem.EncodeToMemory(pemblk)...) } - if err := utils.WriteFile(outFile, data, 0600); err != nil { + if err := fileutil.WriteFile(outFile, data, 0o600); err != nil { return nil, errs.FileError(err, outFile) } @@ -526,11 +526,11 @@ func (r *renewer) Rekey(priv interface{}, outCert, outKey string, writePrivateKe } data = append(data, pem.EncodeToMemory(pemblk)...) } - if err := utils.WriteFile(outCert, data, 0600); err != nil { + if err := fileutil.WriteFile(outCert, data, 0o600); err != nil { return nil, errs.FileError(err, outCert) } if writePrivateKey { - _, err = pemutil.Serialize(priv, pemutil.ToFile(outKey, 0600)) + _, err = pemutil.Serialize(priv, pemutil.ToFile(outKey, 0o600)) if err != nil { return nil, err } diff --git a/command/ca/token.go b/command/ca/token.go index 525c28c2..91a11589 100644 --- a/command/ca/token.go +++ b/command/ca/token.go @@ -11,6 +11,7 @@ import ( "github.com/smallstep/certificates/pki" "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "go.step.sm/crypto/pemutil" "golang.org/x/crypto/ssh" @@ -435,7 +436,7 @@ func tokenAction(ctx *cli.Context) error { } } if outputFile != "" { - return utils.WriteFile(outputFile, []byte(token), 0600) + return fileutil.WriteFile(outputFile, []byte(token), 0o600) } fmt.Println(token) return nil diff --git a/command/certificate/bundle.go b/command/certificate/bundle.go index 427eabfa..8b3fa5c0 100644 --- a/command/certificate/bundle.go +++ b/command/certificate/bundle.go @@ -9,10 +9,10 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "github.com/smallstep/cli/flags" - "github.com/smallstep/cli/utils" ) func bundleCommand() cli.Command { @@ -77,8 +77,8 @@ func bundleAction(ctx *cli.Context) error { } chainFile := ctx.Args().Get(2) - if err := utils.WriteFile(chainFile, - append(pem.EncodeToMemory(crtBlock), pem.EncodeToMemory(caBlock)...), 0600); err != nil { + if err := fileutil.WriteFile(chainFile, + append(pem.EncodeToMemory(crtBlock), pem.EncodeToMemory(caBlock)...), 0o600); err != nil { return err } diff --git a/command/certificate/create.go b/command/certificate/create.go index 0cd897eb..ed33493f 100644 --- a/command/certificate/create.go +++ b/command/certificate/create.go @@ -11,6 +11,7 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/keyutil" "go.step.sm/crypto/pemutil" @@ -616,7 +617,7 @@ func createAction(ctx *cli.Context) error { } } - if err = utils.WriteFile(crtFile, pem.EncodeToMemory(block), 0600); err != nil { + if err = fileutil.WriteFile(crtFile, pem.EncodeToMemory(block), 0o600); err != nil { return errs.FileError(err, crtFile) } @@ -681,7 +682,7 @@ func createAction(ctx *cli.Context) error { templateData := x509util.CreateTemplateData(subject, sans) templateData.SetUserData(userData) - var certTemplate = &x509.Certificate{} + certTemplate := &x509.Certificate{} if skipCSRSignature { certTemplate.PublicKey = pub certificate, err := x509util.NewCertificateFromX509(certTemplate, x509util.WithTemplate(template, templateData)) @@ -747,7 +748,7 @@ func createAction(ctx *cli.Context) error { } } - if err = utils.WriteFile(crtFile, pubBytes, 0600); err != nil { + if err = fileutil.WriteFile(crtFile, pubBytes, 0o600); err != nil { return errs.FileError(err, crtFile) } @@ -901,7 +902,7 @@ func parseSigner(ctx *cli.Context, defaultSigner crypto.Signer) (*x509.Certifica func savePrivateKey(ctx *cli.Context, filename string, priv interface{}, insecure bool) error { var err error if insecure { - _, err = pemutil.Serialize(priv, pemutil.ToFile(filename, 0600)) + _, err = pemutil.Serialize(priv, pemutil.ToFile(filename, 0o600)) return err } @@ -918,6 +919,6 @@ func savePrivateKey(ctx *cli.Context, filename string, priv interface{}, insecur return errors.Wrap(err, "error reading password") } } - _, err = pemutil.Serialize(priv, pemutil.WithPassword(pass), pemutil.ToFile(filename, 0600)) + _, err = pemutil.Serialize(priv, pemutil.WithPassword(pass), pemutil.ToFile(filename, 0o600)) return err } diff --git a/command/certificate/format.go b/command/certificate/format.go index f68cae0e..20d6dd46 100644 --- a/command/certificate/format.go +++ b/command/certificate/format.go @@ -11,6 +11,7 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "github.com/smallstep/cli/flags" @@ -111,13 +112,13 @@ func formatAction(ctx *cli.Context) error { if out == "" { os.Stdout.Write(ob) } else { - var mode = os.FileMode(0600) + mode := os.FileMode(0o600) if crtFile != "-" { if info, err := os.Stat(crtFile); err == nil { mode = info.Mode() } } - if err := utils.WriteFile(out, ob, mode); err != nil { + if err := fileutil.WriteFile(out, ob, mode); err != nil { return err } ui.Printf("Your certificate has been saved in %s\n", out) diff --git a/command/certificate/key.go b/command/certificate/key.go index c7f66237..ba4da5c5 100644 --- a/command/certificate/key.go +++ b/command/certificate/key.go @@ -8,6 +8,7 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/pemutil" @@ -80,7 +81,7 @@ func keyAction(ctx *cli.Context) error { } if outputFile := ctx.String("output-file"); outputFile != "" { - if err := utils.WriteFile(outputFile, pem.EncodeToMemory(block), 0600); err != nil { + if err := fileutil.WriteFile(outputFile, pem.EncodeToMemory(block), 0o600); err != nil { return err } ui.Printf("The public key has been saved in %s.\n", outputFile) diff --git a/command/certificate/p12.go b/command/certificate/p12.go index f555bd09..2f6f53b2 100644 --- a/command/certificate/p12.go +++ b/command/certificate/p12.go @@ -10,6 +10,7 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/pemutil" "go.step.sm/crypto/x509util" @@ -188,7 +189,7 @@ func p12Action(ctx *cli.Context) error { } } - if err := utils.WriteFile(p12File, pkcs12Data, 0600); err != nil { + if err := fileutil.WriteFile(p12File, pkcs12Data, 0o600); err != nil { return err } diff --git a/command/crypto/change-pass.go b/command/crypto/change-pass.go index 92c41945..9fe8ea14 100644 --- a/command/crypto/change-pass.go +++ b/command/crypto/change-pass.go @@ -11,12 +11,12 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/jose" "go.step.sm/crypto/pemutil" "github.com/smallstep/cli/flags" - "github.com/smallstep/cli/utils" ) func changePassCommand() cli.Command { @@ -136,7 +136,7 @@ func changePassAction(ctx *cli.Context) error { opts = append(opts, pemutil.WithPassword(pass)) } } - opts = append(opts, pemutil.ToFile(newKeyPath, 0644)) + opts = append(opts, pemutil.ToFile(newKeyPath, 0o644)) if _, err := pemutil.Serialize(key, opts...); err != nil { return err } @@ -172,7 +172,7 @@ func changePassAction(ctx *cli.Context) error { if err := json.Indent(&out, b, "", " "); err != nil { return errors.Wrap(err, "error formatting JSON") } - if err := utils.WriteFile(newKeyPath, out.Bytes(), 0600); err != nil { + if err := fileutil.WriteFile(newKeyPath, out.Bytes(), 0o600); err != nil { return errs.FileError(err, newKeyPath) } } diff --git a/command/crypto/jwk/create.go b/command/crypto/jwk/create.go index 122caf72..af4bb992 100644 --- a/command/crypto/jwk/create.go +++ b/command/crypto/jwk/create.go @@ -13,6 +13,7 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/jose" "go.step.sm/crypto/keyutil" @@ -515,7 +516,7 @@ func createAction(ctx *cli.Context) (err error) { if err != nil { return errors.Wrap(err, "error marshaling JWK") } - if err = utils.WriteFile(pubFile, b, 0600); err != nil { + if err = fileutil.WriteFile(pubFile, b, 0o600); err != nil { return errs.FileError(err, pubFile) } @@ -589,7 +590,7 @@ func createAction(ctx *cli.Context) (err error) { return errors.Wrap(err, "error marshaling JWK") } } - if err = utils.WriteFile(privFile, b, 0600); err != nil { + if err = fileutil.WriteFile(privFile, b, 0o600); err != nil { return errs.FileError(err, privFile) } diff --git a/command/crypto/key/format.go b/command/crypto/key/format.go index 1aff966f..eac57d36 100644 --- a/command/crypto/key/format.go +++ b/command/crypto/key/format.go @@ -14,6 +14,7 @@ import ( "github.com/urfave/cli" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/jose" "go.step.sm/crypto/pemutil" @@ -274,7 +275,7 @@ func formatAction(ctx *cli.Context) error { if err != nil { return errs.FileError(err, keyFile) } - if err := utils.WriteFile(out, ob, info.Mode()); err != nil { + if err := fileutil.WriteFile(out, ob, info.Mode()); err != nil { return errs.FileError(err, out) } ui.Printf("Your key has been saved in %s.\n", out) diff --git a/command/crypto/key/public.go b/command/crypto/key/public.go index 40b6fb22..7484cdb1 100644 --- a/command/crypto/key/public.go +++ b/command/crypto/key/public.go @@ -8,6 +8,7 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/keyutil" "go.step.sm/crypto/pemutil" @@ -73,7 +74,7 @@ func publicAction(ctx *cli.Context) error { return errs.TooManyArguments(ctx) } - var b, err = utils.ReadFile(name) + b, err := utils.ReadFile(name) if err != nil { return errs.FileError(err, name) } @@ -98,7 +99,7 @@ func publicAction(ctx *cli.Context) error { } if out := ctx.String("out"); out != "" { - if err := utils.WriteFile(out, pem.EncodeToMemory(block), 0600); err != nil { + if err := fileutil.WriteFile(out, pem.EncodeToMemory(block), 0o600); err != nil { return err } ui.Printf("The public key has been saved in %s.\n", out) diff --git a/command/crypto/nacl/box.go b/command/crypto/nacl/box.go index 10671c74..0fab2436 100644 --- a/command/crypto/nacl/box.go +++ b/command/crypto/nacl/box.go @@ -11,6 +11,7 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "github.com/smallstep/cli/flags" @@ -219,11 +220,11 @@ func boxKeypairAction(ctx *cli.Context) error { return errors.Wrap(err, "error generating key") } - if err := utils.WriteFile(pubFile, pub[:], 0600); err != nil { + if err := fileutil.WriteFile(pubFile, pub[:], 0o600); err != nil { return errs.FileError(err, pubFile) } - if err := utils.WriteFile(privFile, priv[:], 0600); err != nil { + if err := fileutil.WriteFile(privFile, priv[:], 0o600); err != nil { return errs.FileError(err, privFile) } diff --git a/command/crypto/nacl/sign.go b/command/crypto/nacl/sign.go index f48cd6c6..f5b9e254 100644 --- a/command/crypto/nacl/sign.go +++ b/command/crypto/nacl/sign.go @@ -11,6 +11,7 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "github.com/smallstep/cli/flags" @@ -137,11 +138,11 @@ func signKeypairAction(ctx *cli.Context) error { return errors.Wrap(err, "error generating key") } - if err := utils.WriteFile(pubFile, pub[:], 0600); err != nil { + if err := fileutil.WriteFile(pubFile, pub[:], 0o600); err != nil { return errs.FileError(err, pubFile) } - if err := utils.WriteFile(privFile, priv[:], 0600); err != nil { + if err := fileutil.WriteFile(privFile, priv[:], 0o600); err != nil { return errs.FileError(err, privFile) } diff --git a/command/crypto/otp/generate.go b/command/crypto/otp/generate.go index 0992d33a..24b28647 100644 --- a/command/crypto/otp/generate.go +++ b/command/crypto/otp/generate.go @@ -12,10 +12,10 @@ import ( "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli/flags" "github.com/smallstep/cli/internal/cast" - "github.com/smallstep/cli/utils" ) func generateCommand() cli.Command { @@ -96,7 +96,7 @@ func generateAction(ctx *cli.Context) error { return err } png.Encode(&buf, img) - if err := utils.WriteFile(filename, buf.Bytes(), 0644); err != nil { + if err := fileutil.WriteFile(filename, buf.Bytes(), 0o644); err != nil { return errs.FileError(err, filename) } } diff --git a/command/ssh/certificate.go b/command/ssh/certificate.go index 31fae7f3..ebccd787 100644 --- a/command/ssh/certificate.go +++ b/command/ssh/certificate.go @@ -22,6 +22,7 @@ import ( "github.com/smallstep/certificates/ca/identity" "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/keyutil" "go.step.sm/crypto/pemutil" @@ -487,13 +488,13 @@ func certificateAction(ctx *cli.Context) error { return err } - if err := utils.WriteFile(pubFile, marshalPublicKey(sshPub, subject), 0o644); err != nil { + if err := fileutil.WriteFile(pubFile, marshalPublicKey(sshPub, subject), 0o644); err != nil { return err } } // Write certificate - if err := utils.WriteFile(crtFile, marshalPublicKey(resp.Certificate, subject), 0o644); err != nil { + if err := fileutil.WriteFile(crtFile, marshalPublicKey(resp.Certificate, subject), 0o644); err != nil { return err } @@ -503,10 +504,10 @@ func certificateAction(ctx *cli.Context) error { if _, err := pemutil.Serialize(auPriv, pemutil.WithOpenSSH(true), pemutil.ToFile(baseName+"-provisioner", 0o600)); err != nil { return err } - if err := utils.WriteFile(baseName+"-provisioner.pub", marshalPublicKey(sshAuPub, id), 0o644); err != nil { + if err := fileutil.WriteFile(baseName+"-provisioner.pub", marshalPublicKey(sshAuPub, id), 0o644); err != nil { return err } - if err := utils.WriteFile(baseName+"-provisioner-cert.pub", marshalPublicKey(resp.AddUserCertificate, id), 0o644); err != nil { + if err := fileutil.WriteFile(baseName+"-provisioner-cert.pub", marshalPublicKey(resp.AddUserCertificate, id), 0o644); err != nil { return err } } diff --git a/command/ssh/rekey.go b/command/ssh/rekey.go index e9278cc2..a384f9a4 100644 --- a/command/ssh/rekey.go +++ b/command/ssh/rekey.go @@ -13,13 +13,13 @@ import ( "github.com/smallstep/certificates/ca/identity" "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/keyutil" "go.step.sm/crypto/pemutil" "github.com/smallstep/cli/flags" - "github.com/smallstep/cli/utils" "github.com/smallstep/cli/utils/cautils" ) @@ -157,7 +157,7 @@ func rekeyAction(ctx *cli.Context) error { // Private key (with password unless --no-password --insecure) opts := []pemutil.Options{ pemutil.WithOpenSSH(true), - pemutil.ToFile(newKeyFile, 0600), + pemutil.ToFile(newKeyFile, 0o600), } switch { case noPassword && insecure: @@ -174,12 +174,12 @@ func rekeyAction(ctx *cli.Context) error { } // Write public key - if err := utils.WriteFile(newPubFile, marshalPublicKey(sshPub, cert.KeyId), 0644); err != nil { + if err := fileutil.WriteFile(newPubFile, marshalPublicKey(sshPub, cert.KeyId), 0o644); err != nil { return err } // Write certificate - if err := utils.WriteFile(newCertFile, marshalPublicKey(resp.Certificate, cert.KeyId), 0644); err != nil { + if err := fileutil.WriteFile(newCertFile, marshalPublicKey(resp.Certificate, cert.KeyId), 0o644); err != nil { return err } diff --git a/command/ssh/renew.go b/command/ssh/renew.go index 5d77e168..1498b038 100644 --- a/command/ssh/renew.go +++ b/command/ssh/renew.go @@ -13,10 +13,10 @@ import ( "github.com/smallstep/certificates/ca/identity" "github.com/smallstep/cli-utils/command" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "github.com/smallstep/cli/flags" - "github.com/smallstep/cli/utils" "github.com/smallstep/cli/utils/cautils" ) @@ -128,7 +128,7 @@ func renewAction(ctx *cli.Context) error { } // Write certificate - if err := utils.WriteFile(outFile, marshalPublicKey(resp.Certificate, cert.KeyId), 0644); err != nil { + if err := fileutil.WriteFile(outFile, marshalPublicKey(resp.Certificate, cert.KeyId), 0o644); err != nil { return err } diff --git a/internal/cmd/root.go b/internal/cmd/root.go index aa1bb6df..99ae3638 100644 --- a/internal/cmd/root.go +++ b/internal/cmd/root.go @@ -13,12 +13,12 @@ import ( "github.com/urfave/cli" "github.com/smallstep/cli-utils/command" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/step" "github.com/smallstep/cli-utils/ui" "github.com/smallstep/cli-utils/usage" "github.com/smallstep/cli/command/version" "github.com/smallstep/cli/internal/plugin" - "github.com/smallstep/cli/utils" "go.step.sm/crypto/jose" "go.step.sm/crypto/pemutil" @@ -84,9 +84,7 @@ func run() int { return 0 } -var ( - stepAppName = "step" -) +var stepAppName = "step" func SetName(appName string) { if appName != "" { @@ -96,7 +94,7 @@ func SetName(appName string) { func newApp(stdout, stderr io.Writer) *cli.App { // Define default file writers and prompters for go.step.sm/crypto - pemutil.WriteFile = utils.WriteFile + pemutil.WriteFile = fileutil.WriteFile pemutil.PromptPassword = func(msg string) ([]byte, error) { return ui.PromptPassword(msg) } diff --git a/pkg/bcrypt_pbkdf/bcrypt_pbkdf.go b/pkg/bcrypt_pbkdf/bcrypt_pbkdf.go index 28b1bdf6..4e7b58f5 100644 --- a/pkg/bcrypt_pbkdf/bcrypt_pbkdf.go +++ b/pkg/bcrypt_pbkdf/bcrypt_pbkdf.go @@ -4,7 +4,7 @@ // Package bcrypt_pbkdf implements password-based key derivation function based // on bcrypt compatible with bcrypt_pbkdf(3) from OpenBSD. -package bcrypt_pbkdf //nolint:revive,staticcheck // keep compatible with existing importers +package bcrypt_pbkdf //nolint:staticcheck // keep compatible with existing importers import ( "crypto/sha512" diff --git a/utils/cautils/acmeutils.go b/utils/cautils/acmeutils.go index 66025d30..355f3d97 100644 --- a/utils/cautils/acmeutils.go +++ b/utils/cautils/acmeutils.go @@ -31,6 +31,7 @@ import ( "github.com/smallstep/certificates/ca" "github.com/smallstep/certificates/pki" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/jose" "go.step.sm/crypto/keyutil" @@ -140,13 +141,13 @@ func (wm *webrootMode) Run() error { // the one running the `step` command that will write the file. chPath := fmt.Sprintf("%s/.well-known/acme-challenge", wm.dir) if _, err = os.Stat(chPath); os.IsNotExist(err) { - if err = os.MkdirAll(chPath, 0755); err != nil { + if err = os.MkdirAll(chPath, 0o755); err != nil { return errors.Wrapf(err, "error creating directory path %s", chPath) } } //nolint:gosec // See note above. - return errors.Wrapf(os.WriteFile(fmt.Sprintf("%s/%s", chPath, wm.token), []byte(keyAuth), 0644), + return errors.Wrapf(os.WriteFile(fmt.Sprintf("%s/%s", chPath, wm.token), []byte(keyAuth), 0o644), "error writing key authorization file %s", chPath+wm.token) } @@ -864,7 +865,7 @@ func (af *acmeFlow) GetCertificate() ([]*x509.Certificate, error) { } func writeCert(chain []*x509.Certificate, certFile string) error { - var certBytes = []byte{} + certBytes := []byte{} for _, c := range chain { certBytes = append(certBytes, pem.EncodeToMemory(&pem.Block{ Type: "CERTIFICATE", @@ -872,7 +873,7 @@ func writeCert(chain []*x509.Certificate, certFile string) error { })...) } - if err := utils.WriteFile(certFile, certBytes, 0600); err != nil { + if err := fileutil.WriteFile(certFile, certBytes, 0o600); err != nil { return errs.FileError(err, certFile) } return nil diff --git a/utils/cautils/bootstrap.go b/utils/cautils/bootstrap.go index f1b2310a..a8929bc8 100644 --- a/utils/cautils/bootstrap.go +++ b/utils/cautils/bootstrap.go @@ -16,6 +16,7 @@ import ( "github.com/smallstep/certificates/ca" "github.com/smallstep/certificates/pki" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/step" "github.com/smallstep/cli-utils/ui" "github.com/smallstep/truststore" @@ -187,7 +188,7 @@ func bootstrap(ctx *cli.Context, caURL, fingerprint string, opts ...bootstrapOpt ctx.Set("fingerprint", fingerprint) ctx.Set("root", rootFile) - if err := utils.WriteFile(configFile, b, 0o644); err != nil { + if err := fileutil.WriteFile(configFile, b, 0o644); err != nil { return err } diff --git a/utils/cautils/certificate_flow.go b/utils/cautils/certificate_flow.go index 5e25ba73..77609eee 100644 --- a/utils/cautils/certificate_flow.go +++ b/utils/cautils/certificate_flow.go @@ -22,6 +22,7 @@ import ( "github.com/smallstep/certificates/ca" "github.com/smallstep/certificates/pki" "github.com/smallstep/cli-utils/errs" + "github.com/smallstep/cli-utils/fileutil" "github.com/smallstep/cli-utils/ui" "go.step.sm/crypto/keyutil" "go.step.sm/crypto/pemutil" @@ -288,7 +289,7 @@ func (f *CertificateFlow) Sign(ctx *cli.Context, tok string, csr api.Certificate } data = append(data, pem.EncodeToMemory(pemblk)...) } - return utils.WriteFile(crtFile, data, 0600) + return fileutil.WriteFile(crtFile, data, 0o600) } // CreateSignRequest is a helper function that given an x509 OTT returns a diff --git a/utils/file.go b/utils/file.go deleted file mode 100644 index 90581eba..00000000 --- a/utils/file.go +++ /dev/null @@ -1,99 +0,0 @@ -package utils - -import ( - "os" - - "github.com/smallstep/cli-utils/errs" -) - -// File represents a wrapper on os.File that supports read, write, seek and -// close methods, but they won't be called if an error occurred before. -type File struct { - File *os.File - err error -} - -// OpenFile calls os.OpenFile method and returns the os.File wrapped. -func OpenFile(name string, flag int, perm os.FileMode) (*File, error) { - f, err := os.OpenFile(name, flag, perm) - if err != nil { - return nil, errs.FileError(err, name) - } - return &File{ - File: f, - }, nil -} - -// error writes f.err if it's not set and returns f.err. -func (f *File) error(err error) error { - if f.err == nil && err != nil { - f.err = errs.FileError(err, f.File.Name()) - } - return f.err -} - -// Close wraps `func (*os.File) Close` it will always call Close but the error -// return will be the first error thrown if any. -func (f *File) Close() error { - return f.error(f.File.Close()) -} - -// Read wraps `func (*os.File) Read` but doesn't perform the operation if a -// previous error was thrown. -func (f *File) Read(b []byte) (n int, err error) { - if f.err != nil { - return 0, f.err - } - n, err = f.File.Read(b) - return n, f.error(err) -} - -// ReadAt wraps `func (*os.File) ReadAt` but doesn't perform the operation if a -// previous error was thrown. -func (f *File) ReadAt(b []byte, off int64) (n int, err error) { - if f.err != nil { - return 0, f.err - } - n, err = f.File.ReadAt(b, off) - return n, f.error(err) -} - -// Seek wraps `func (*os.File) Seek` but doesn't perform the operation if a -// previous error was thrown. -func (f *File) Seek(offset int64, whence int) (ret int64, err error) { - if f.err != nil { - return 0, f.err - } - ret, err = f.File.Seek(offset, whence) - return ret, f.error(err) -} - -// Write wraps `func (*os.File) Write` but doesn't perform the operation if a -// previous error was thrown. -func (f *File) Write(b []byte) (n int, err error) { - if f.err != nil { - return 0, f.err - } - n, err = f.File.Write(b) - return n, f.error(err) -} - -// WriteAt wraps `func (*os.File) WriteAt` but doesn't perform the operation if -// a previous error was thrown. -func (f *File) WriteAt(b []byte, off int64) (n int, err error) { - if f.err != nil { - return 0, f.err - } - n, err = f.File.WriteAt(b, off) - return n, f.error(err) -} - -// WriteString wraps `func (*os.File) WriteString` but doesn't perform the -// operation if a previous error was thrown. -func (f *File) WriteString(s string) (n int, err error) { - if f.err != nil { - return 0, f.err - } - n, err = f.File.WriteString(s) - return n, f.error(err) -} diff --git a/utils/write.go b/utils/write.go deleted file mode 100644 index c18b4b4d..00000000 --- a/utils/write.go +++ /dev/null @@ -1,160 +0,0 @@ -package utils - -import ( - "bufio" - "bytes" - "fmt" - "io" - "os" - "strings" - "time" - - "github.com/pkg/errors" - - "github.com/smallstep/cli-utils/command" - "github.com/smallstep/cli-utils/errs" - "github.com/smallstep/cli-utils/ui" -) - -var ( - // ErrFileExists is the error returned if a file exists. - ErrFileExists = errors.New("file exists") - - // ErrIsDir is the error returned if the file is a directory. - ErrIsDir = errors.New("file is a directory") - - // SnippetHeader is the header of a step generated snippet in a - // configuration file. - SnippetHeader = "# autogenerated by step" - - // SnippetFooter is the header of a step generated snippet in a - // configuration file. - SnippetFooter = "# end" -) - -// WriteFile wraps os.WriteFile with a prompt to overwrite a file if -// the file exists. It returns ErrFileExists if the user picks to not overwrite -// the file. If force is set to true, the prompt will not be presented and the -// file if exists will be overwritten. -func WriteFile(filename string, data []byte, perm os.FileMode) error { - if command.IsForce() { - return os.WriteFile(filename, data, perm) - } - - st, err := os.Stat(filename) - if err != nil { - if os.IsNotExist(err) { - return os.WriteFile(filename, data, perm) - } - return errors.Wrapf(err, "error reading information for %s", filename) - } - - if st.IsDir() { - return ErrIsDir - } - - str, err := ui.Prompt(fmt.Sprintf("Would you like to overwrite %s [y/n]", filename), ui.WithValidateYesNo()) - if err != nil { - return err - } - switch strings.ToLower(strings.TrimSpace(str)) { - case "y", "yes": - case "n", "no": - return ErrFileExists - } - - return os.WriteFile(filename, data, perm) -} - -// AppendNewLine appends the given data at the end of the file. If the last -// character of the file does not contain an LF it prepends it to the data. -func AppendNewLine(filename string, data []byte, perm os.FileMode) error { - f, err := OpenFile(filename, os.O_RDWR|os.O_CREATE|os.O_APPEND, perm) - if err != nil { - return err - } - // Read last character - if st, err := f.File.Stat(); err == nil && st.Size() != 0 { - last := make([]byte, 1) - f.Seek(-1, 2) - f.Read(last) - if last[0] != '\n' { - f.WriteString("\n") - } - } - f.Write(data) - return f.Close() -} - -// WriteSnippet writes the given data on the given filename. It surrounds the -// data with a header and footer, and it will replace the previous one. -func WriteSnippet(filename string, data []byte, perm os.FileMode) error { - // Get file permissions - if st, err := os.Stat(filename); err == nil { - perm = st.Mode() - } else if !os.IsNotExist(err) { - return errs.FileError(err, filename) - } - - // Read file contents - b, err := os.ReadFile(filename) - if err != nil && !os.IsNotExist(err) { - return errs.FileError(err, filename) - } - - // Detect previous configuration - _, start, end := findConfiguration(bytes.NewReader(b)) - - // Replace previous configuration - f, err := OpenFile(filename, os.O_WRONLY|os.O_TRUNC|os.O_CREATE, perm) - if err != nil { - return errs.FileError(err, filename) - } - if len(b) > 0 { - f.Write(b[:start]) - if start == end { - f.WriteString("\n") - } - } - fmt.Fprintf(f, "%s @ %s\n", SnippetHeader, time.Now().UTC().Format(time.RFC3339)) - f.Write(data) - if !bytes.HasSuffix(data, []byte("\n")) { - f.WriteString("\n") - } - f.WriteString(SnippetFooter + "\n") - if len(b) > 0 { - f.Write(b[end:]) - } - return f.Close() -} - -type offsetCounter struct { - offset int64 -} - -func (o *offsetCounter) ScanLines(data []byte, atEOF bool) (advance int, token []byte, err error) { - advance, token, err = bufio.ScanLines(data, atEOF) - o.offset += int64(advance) - return -} - -func findConfiguration(r io.Reader) (lines []string, start, end int64) { - var inConfig bool - counter := new(offsetCounter) - scanner := bufio.NewScanner(r) - scanner.Split(counter.ScanLines) - for scanner.Scan() { - line := scanner.Text() - switch { - case !inConfig && strings.HasPrefix(line, SnippetHeader): - inConfig = true - start = counter.offset - int64(len(line)+1) - case inConfig && strings.HasPrefix(line, SnippetFooter): - return lines, start, counter.offset - case inConfig: - lines = append(lines, line) - } - } - - return lines, counter.offset, counter.offset -}