From 84df3d53c7fa297866e2d6a685e704900ea09a364f1d8847231ca4c1c4c258cf Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Tue, 18 Feb 2025 16:53:32 +0300 Subject: [PATCH] Return tail for convenience --- go/cm/cmd/enctool/main.go | 2 +- go/cm/cmd/keytool/main.go | 6 +++--- go/cm/cmd/sigtool/main.go | 2 +- go/cm/sign/pub.go | 4 ++-- go/cm/sign/signed.go | 17 ++++++++++------- 5 files changed, 17 insertions(+), 14 deletions(-) diff --git a/go/cm/cmd/enctool/main.go b/go/cm/cmd/enctool/main.go index 097a7e2..7b152ac 100644 --- a/go/cm/cmd/enctool/main.go +++ b/go/cm/cmd/enctool/main.go @@ -155,7 +155,7 @@ func main() { var pubs []cm.AV var pubIds []uuid.UUID flag.Func("pub", "Path to public key to encrypt to", func(v string) error { - signed, err := sign.PubParse(mustReadFile(v)) + signed, _, err := sign.PubParse(mustReadFile(v)) if err != nil { return err } diff --git a/go/cm/cmd/keytool/main.go b/go/cm/cmd/keytool/main.go index c826428..45acf8c 100644 --- a/go/cm/cmd/keytool/main.go +++ b/go/cm/cmd/keytool/main.go @@ -130,7 +130,7 @@ func main() { var caPubs []*sign.Signed for _, issuingPub := range issuingPubs { var signed *sign.Signed - signed, err = sign.PubParse(mustReadFile(issuingPub)) + signed, _, err = sign.PubParse(mustReadFile(issuingPub)) if err != nil { log.Fatal(err) } @@ -148,7 +148,7 @@ func main() { if *verify { var signed *sign.Signed - signed, err = sign.PubParse(mustReadFile(*pubPath)) + signed, _, err = sign.PubParse(mustReadFile(*pubPath)) if err != nil { log.Fatal(err) } @@ -163,7 +163,7 @@ func main() { var pubLoad *sign.PubLoad var signed *sign.Signed if caPrv != nil { - signed, err = sign.PubParse(mustReadFile(*pubPath)) + signed, _, err = sign.PubParse(mustReadFile(*pubPath)) if err != nil { log.Fatal(err) } diff --git a/go/cm/cmd/sigtool/main.go b/go/cm/cmd/sigtool/main.go index 92c64f5..585f3f0 100644 --- a/go/cm/cmd/sigtool/main.go +++ b/go/cm/cmd/sigtool/main.go @@ -69,7 +69,7 @@ func main() { if *pubPath == "" { log.Fatal("no -pub is set") } - pub, err := sign.PubParse(mustReadFile(*pubPath)) + pub, _, err := sign.PubParse(mustReadFile(*pubPath)) if err != nil { log.Fatal(err) } diff --git a/go/cm/sign/pub.go b/go/cm/sign/pub.go index 40f13b0..23ece33 100644 --- a/go/cm/sign/pub.go +++ b/go/cm/sign/pub.go @@ -117,7 +117,7 @@ func (signed *Signed) PubParse() error { } // Parse KEKS-encoded data as Signed with the PubLoad (certificate) contents. -func PubParse(data []byte) (signed *Signed, err error) { +func PubParse(data []byte) (signed *Signed, tail []byte, err error) { { var magic keks.Magic magic, data = keks.StripMagic(data) @@ -126,7 +126,7 @@ func PubParse(data []byte) (signed *Signed, err error) { return } } - signed, err = SignedParse(data) + signed, tail, err = SignedParse(data) if err != nil { return } diff --git a/go/cm/sign/signed.go b/go/cm/sign/signed.go index 92bce22..e0d8399 100644 --- a/go/cm/sign/signed.go +++ b/go/cm/sign/signed.go @@ -98,22 +98,25 @@ func SignedValidate(signed *Signed) (err error) { // Parse cm-signed from KEKS-encoded data. This is just a wrapper over // DecodeStruct and SignedValidate. -func SignedParse(data []byte) (*Signed, error) { +func SignedParse(data []byte) (signed *Signed, tail []byte, err error) { { var magic keks.Magic magic, data = keks.StripMagic(data) if magic != "" && magic != SignedMagic { - return nil, errors.New("wrong magic") + err = errors.New("wrong magic") + return } } d := keks.NewDecoderFromBytes(data, nil) - var signed Signed - err := d.DecodeStruct(&signed) + var sd Signed + err = d.DecodeStruct(&sd) if err != nil { - return nil, err + return } - err = SignedValidate(&signed) - return &signed, err + tail = d.B + signed = &sd + err = SignedValidate(signed) + return } // Sign Signed's contents and sigTBS corresponding data with the -- 2.48.1